B2B/B2C Email Deliverability Webinar
Today’s Topics
• Email Deliverability Defined
• B2B/B2C Anti-Spam Technology– What It Is– How It Works
• Beating Anti-Spam Technology
Email Deliverability Defined
• An email’s ability to get through email filtering and blocking technology and any other obstacles and reach an intended recipient’s email inbox
• B2B Deliverability - bypassing corporate mail server anti-spam technology to reach business email addresses
• B2C Deliverability – bypassing anti-spam technology employed by email account providers or individual PC users to reach personal email accounts
Anti Spam Technology• B2B
– Mail Servers (Microsoft Exchange etc.)• Anti-Spam Software• Blacklists (eg. Spamhaus)• Spam Firewalls (eg. Barracuda)• Domain Verification (eg. SPF, Domain Keys)• Whitelists
• B2C– Email Account Providers
• Spam Filtering/Blocking with Hotmail, Yahoo, Gmail etc.– User Installed Programs
• PC Based Anti-Spam programs (eg. Norton Anti-Spam)• Whitelisting Software (eg. Spam Arrest)
How Anti Spam Technology Works
• B2B– Anti-Spam Software
• Functionally similar or even identical to user installed, desktop based anti-spam programs
• Hundreds of different software titles exist• Each title uses its own unique criteria for assessing emails• Each title may use any or all of the following criteria:
– MIME Usage
» Multipurpose Internet Mail Extensions
» Email sent in both HTML and Text formats
» Searches for proper MIME formatting in email header
How Anti Spam Technology Works– Name of Email Sender– From Email Address
» Domain Name (@abc.info)» User Name for email account ([email protected])» Ability to verify domain is real and not forged/spoofed
(SPF Record, Domain Keys)– Subject Line
» Words used– Email Body
» Words» Graphics
- attached, drawn from external web page» Links» Attachments
How Anti Spam Technology Works
- Blacklists• A list of email addresses known for spamming or any
unfavorable activity and therefore blocked• Many blacklists exist• An email server tech registers with or installs blacklists on
their mail server• Limited effectiveness• Blacklists rely on user input (feedback loops)
– A user receives a spam email and reports it to a blacklist– Blacklist adds it to their list of addresses to be blocked– Any emails from that newly blacklisted address are
thereafter blocked for any mail server using that blacklist
How Anti Spam Technology Works
• Spam Firewalls– Blacklisting 2.0– More sophisticated form of a blacklist– Like blacklist, uses feedback loop– Improvements Over Blacklists: firewalls use email volume and
hard bounces to blacklist commercial emailers– Blacklists by mail server IP address and possibly email address– Popular Firewall: Barracuda
• do NOT get on the Barracuda blacklist!
• Very difficult if not impossible to get off their blacklist
How Anti Spam Technology Works
• Domain Verification
– verifies the sending email address in an email is actually being sent from the domain it claims to be sent from
– Prevents domain spoofing, a very common way spammers and phishers cover their tracks and avoid detection
– Types Of Domain Verification:
• Sender Policy Framework (SPF) record– A very simple text file placed on the domain registrar’s
DNS server (eg. Godaddy) stating the authorized IP addresses from which emails for that domain can be sent from
» eg. corporate mail server’s IP address, email service provider’s IP addresses
– Emails from non-authorized IP addresses are blocked
How Anti Spam Technology Works
– Types Of Domain Verification
• Domain Keys Identified Mail (DKIM)– Launched May 2007– May be installed on corporate email servers– uses public-key cryptography (IE encryption) to allow the
sender to electronically sign legitimate emails in a way that can be verified by recipients
» Very similar concept to SSL – method used to encrypt and secure pages used for E-Commerce transactions
» The little yellow lock seen when a page asks for credit card
How Anti Spam Technology Works
• Domain Keys Identified Mail (DKIM)– Complements SPF records– DKIM used by Yahoo and Gmail Accounts– Difficult and expensive to implement
» special knowledge required to install– Not widely used to date
How Anti Spam Technology Works
• Whitelists– A list of approved email or IP addresses– Email addresses or IP addresses on the whitelist are allowed to
send email to users at that domain– Whitelists ‘short-circuit’ IE auto bypass any anti-spam
technology existing at the domain– Analogous to being on VIP list at nightclub – no lineup, no
admission charge, no pat down by security– Not widely used at mail server level, more used by individual
users– Almost completely useless on their own for virtually all
companies – Email Service Providers (ESPs) (eg. Constant Contact) strive to
get on as many domain whitelists as possible
How Anti Spam Technology Works
• B2C– Email Account Providers
• Spam filtering provided by– Free Email Account Providers
» Hotmail, Yahoo, Gmail, Comcast– Paid Web-Based Email Account Providers
» Godaddy, any other domain/email host• Each company has its own ways of filtering• These ways may be any of the previously mentioned
methods
How Anti Spam Technology Works
• Some Employ Feedback Loops– Feedback loops are where a user can flag an email as
spam and this information is reported to the email service provider
– AOL, Comcast, Microsoft (eg. Hotmail) use feedback loops
• Many Don’t Employ Feedback Loops– Emails flagged as spam by user simply get the sender’s
email address added to the user’s list of email addresses to be blocked thereafter
» Yahoo doesn’t use feedback loop
How Anti Spam Technology Works
– User Installed Programs• PC Based Anti-Spam programs
– Installed by user on own PC– May be bought or free– Work in conjunction with email client software
» Microsoft Outlook/Outlook Express, Mozilla Thunderbird
– User can often set spam sensitivity level» People who regularly receive time sensitive or
important emails (eg. sales people, customer service) will keep this level low and check their spam folders regularly
How Anti Spam Technology Works
– User Installed Programs• Whitelisting Software
– For any email it receives it sends a reply message asking the sender to verify they are a real, live human sender and not an automated means of sending
– Sender is asked to type out an alpha-numeric sequence only readable by a person
– Any email which doesn’t have this code sequence entered within a given time period gets put into a spam folder
– Programs: Spam Arrest
How Anti Spam Technology Works
• Spam Complaints– Spam complaints made by people are the only real way an email
or internet service provider can tell who is emailing commercial solicitations
– Anti-Spam technology makes mistakes, people don’t– Email Service Provider tolerance : 1-3 spam complaints per
1000 emails sent – Internet Service Provider tolerance: ZERO TOLERANCE– Spam complaints can be communicated via
• Feedback Loops To Email Account Provider (Flag As Spam button within email account)
• Complaints to Email Or Internet Service Provider ([email protected], [email protected])
Beating Anti Spam Technology
• Personalize Your Emails, Don’t Commercialize Them– The Golden Rule and single guiding principle for bypassing most
any anti-spam technology– Anti-Spam technology is specifically designed to look for aspects
of an email (especially words and phrases) commonly used in commercial solicitations
– Making your emails seem as if they were a non-commercial, personal communication between two people is the best way of ‘flying under the radar’ and avoiding anti-spam technology
– Various tactics can be used for personalizing an email
Beating Anti Spam Technology
• Know Your Enemy– Ask “What anti-spam technology am I facing?”– Do an audit of your email database by looking at the domains of
your recipients– Use the Find/Replace function in Excel/Word– No single solution for reaching inbox for your whole database
exists – charlatans will tell you otherwise– Too many different types of anti-spam programs with different
criteria for assessing spam for a single solution– You must create your emails with the anti-spam technology you
face in mind
Beating Anti Spam Technology
• B2B– Email Servers
• Anti-Spam Software– Spam filtering/blocking software uses any of the following
criteria for judging an email, but the words/phrases used anywhere in the email are the most important determining factor:
» MIME Format- Ensure email sent in both HTML and Text formats- Ensure proper MIME syntax is used
Beating Anti Spam Technology
» Name of Email Sender- Avoid any commercial sounding words such- eg. “ABC Sales Department”
» From Email Address- always use a .com email account
- .com domains usually cost more than other types of domains (eg. .net, .info)
- spammers tend to use cheaper domains since they are constantly having to use new domains to email
- Use a real name in the email account (eg. [email protected]) and not a generic address (eg. [email protected] or [email protected])
Beating Anti Spam Technology
Implement An SPF Record» v=spf1 a mx ip4:<YOUR MAIL SERVER'S IP
ADDRESS> a:<YOUR MAIL SERVER'S URL> -all» for example v=spf1 a mx ip4:72.19.227.137 a:me-
ss2-iwwWQZ.mailengine1.com –all» The following websites verify your mail server's SPF
record has the correct syntax and functions properly:» http://www.kitterman.com/spf/validate.html» http://senderid.espcoalition.org/
Beating Anti Spam Technology
– Subject Line
» Avoid commercial sounding words whenever possible
– Email Body
» Avoid commercial sounding words whenever possible
» Many spam blocking programs consider any email graphics (whether attached or linked from an external web page) as common in commercial emails
» Avoid using more than one link in an email – some mail servers will block emails with multiple links
» No attachments! People will often not open them
Beating Anti Spam Technology
• Lyris MailShield Anti-Spam– Uses a sophisticated rating system for assessing emails– For each instance of the following words and phrases in the
subject or body of the email, Lyris assigns to the email the noted number of points
– If the email accumulates more than 250 points, the email is assigned as spam
– This type of rating system is how the most sophisticated anti-spam programs work and is therefore a good word filter for your emails
Beating Anti Spam Technology
WORD/PHRASE Points Per Occurrence Significance REASON
U.N.I.V.E.R.S.I.T.Y 650 3 Common Offers
aerotaxi.net 500 3 Common Offers
Alpha Male Plus 500 3 Typical Phrases
huge with ebay 500 3 Typical Offers
like a porn star 500 3 Common Offers
viagra 300 6 Common Offers
unsolicited email 150 2 Spam Disclaimers
weightloss 150 2 Medical Spam
top quality 120 2 Typical Phrases
Beating Anti Spam Technology
national tv 116 1 Typical Phrases
risk free 110 2 Typical Phrases
toll-free 110 2 Typical Phrases
lose pounds 100 2 Common Offers
unsolicited email 100 2 Typical misleading disclaimers
enhance your 100 1 Typical Phrases
fetish 100 1 Pornography
Paris Hilton 100 1 Pornography
porn 100 1 Pornography
Beating Anti Spam Technology
Blacklists• If your email list is targeted and opt-in, you’re unlikely to be
added to any blacklists• Blacklists are typically catching huge volume spammers, not
people with opt-in lists• Check with blacklists periodically if your domain has been
added• If you get on several of the more influential blacklists (eg
Spamhaus), simply start sending your emails from a new domain and email address
Beating Anti Spam Technology• Spam Firewalls
– Avoid getting on firewall blacklists like Barracuda because many companies use this brand
– If you get blacklisted with Barracuda, you will be blacklisted with any company using the Barracuda firewall
– You can avoid getting on a firewall’s blacklist through two means:
• Delivery Throttling– Sending your emails blasts gradually over several hours
or day rather than all at once – usually only spammers send high volumes of email to a given domain
– Throttling normally happens anyway if your own mail server is used and not an Email Service Provider’s mail servers
Beating Anti Spam Technology
• Removing Bounces– A tell tale sign of a spammer is their email lists usually
have a large number of no longer valid addresses (hard bounces) – 10% or more of total emails sent
– When sending to a newly acquired email list or an older email list, use a different email and IP address than normal when sending first blasts to them
– Allows you to remove all the invalid email addresses without getting your main email/IP address on a firewall’s blacklist
Beating Anti Spam Technology
• Whitelists– Submit your email address to all whitelists
– Email Reputation• A great system for distinguishing spammers from businesses
with permission based, opt-in email lists• Tracks the ratio of spam complaints to number of emails sent
over time• Reputation is earned by having a low ratio of spam
complaints to number of emails sent plus a high percentage of emails opened
• Higher Reputation -> Higher Deliverability
Beating Anti Spam Technology– Microsoft’s SenderID Program
• Email Reputation is built through emails to the following accounts
– Outlook/Outlook Express users using Microsoft Exchange server
– @hotmail.com– @live.com– @msn.com
• Microsoft operates a feedback loop wherein anyone with one of the above email accounts can easily flag any emails they get as spam – flagged emails are automatically reported as such to Microsoft and recorded under an ongoing record for the sending email account
• Microsoft tracks the number of spam complaints received vs. the total number of emails sent + opened to the above email accounts
Beating Anti Spam Technology
• A reputation is build over time (reportedly within several weeks-months)
• A strong email reputation with the SenderID program has a huge influence on your ability to reach inboxes of email accounts provided by Microsoft
• Many, many millions of people use such email accounts • A strong reputation allows you to use more commercial
sounding words and other conventions in your emails and not risk having your emails directed into spam folders
• You must register your email and domain with the SenderID program and have an SPF record already in place
• http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx
Beating Anti Spam Technology
• Safe Sender List– In your emails request and remind users to add you to their safe
sender lists– You will bypass any anti-spam technology for everyone who
adds you to their safe sender list
• Offer To Take Spam Complaints– Direct users to email spam complaints to your company at a
designated address rather than your ISP or Email Service Provider (eg. [email protected])
– Big impact on email deliverability
Beating Anti Spam Technology
• B2C– Email Account Providers
• Setup test accounts for the following email account providers– AOL– Apple Mail– ATTWorldnett– Comcast– Earthlink– Gmail– Hotmail
Beating Anti Spam Technology
– Yahoo Mail Plus– GMX Webmail– Juno Mail– NetZero– PeoplePC– Excite– Lycos– Mail.com– Opera Mail
Beating Anti Spam Technology
• Trial and Error– Keep removing commercial sounding words and phrases
or changing them until you pass the spam filter– Remove links and graphics
• Install DKIM– If you have a lot of Yahoo and Gmail addresses in your
database, it’s worth considering the time and expense to install DKIM
Beating Anti Spam Technology
• Blocks Aren’t Always Permanent– Many email providers will process requests to have your
domain/IP address unblocked so your emails can get through to their users
– Initial blocks by ISP are usually temporary – repeat blocks may become permanent
– Typical Resolution Times For Unblock Requests• Comcast – 20 minutes
• Spamhaus – 24 hours
• AOL – 24-48 hours
• Hotmail – 72 hours
• Yahoo – 24 hours – 3 weeks
Beating Anti Spam Technology
• PC Based Anti-Spam programs– Remove commercial keywords– Trial and error must be used to some extent as each
program has its own criteria for assessing emails– eg. Norton Anti-Virus – any emails with images or
objects drawn from other websites are automatically flagged as spam
– Best to only heed the results from the most widely used anti-spam programs
» Lyris MailShield
Beating Anti Spam Technology
» Microsoft Exchange 2003» Norton Anti-Spam 2006» Spam Assassin
• Whitelisting Software» If you receive a verification email from a whitelisting
service (eg. Spam Arrest), it’s best not to respond to it
» These people probably have a very spam free inbox, and are therefore much more likely to report you as spam than most people if they receive a commercial solicitation
» Very few people use whitelisting software, so you won’t be losing out on many prospects
End Of Webinar
Randy Macdonald
President
Heresy Email Services
(416) 536-2381
Heresyemailservices.com
Thanks For Attending!