The From Line

With new advanced spam filtration technology, getting email delivered to the inbox is the biggest challenge with email marketing. And contrary to a lot of sales talk, no email service provider (ESP) can guarantee deliverability. There is no magic formula or service that can guarantee to deliver your email directly to the inbox. However by following technology and list management best practices coupled with monitoring and relationship building can substantially increase your probability of reaching the inbox.

Gold Lasso has a dedicated delivery staff to help its clients follow technology best practices, manage black list and ISP relationships and contribute to the ISP and spam fighting community. Gold Lasso expects its clients to do their part by adhering to acceptable ISP list gathering practices, basic message design guidelines and list cleansing processes.
The Three Components of Deliverability:

Reputation:
Many consumer-based ISPs determine deliverability based on the sender’s reputation. It is important to understand that email reputation works similarly to the financial credit system. If you have a good sending reputation, your chances of good deliverability increase just as your probability of getting a good deal on a loan increase with good credit. You might be thinking how does an ISP identify me as a sender? An ISP uses your IP address since it uniquely identifies machines on the Internet similarly to how a social security number identifies you as an individual. Just as an IP address acts as a social security number a domain name functions as your face displaying to the world your unique characteristics. Pairing your domain name to a unique IP address provides a complete identity allowing for transparency with your recipients and ISPs. Based on this, ISPs have developed or outsourced reputation scoring systems, similar to a credit reporting agency, to determine the sending reputations of IP address and domains. The scoring system, based on a host of information such as authentication, volume of email sent, internal complaints, black lists, etc., assigns your unique IP address and domain a score that will ultimately decide if your email goes to the recipient’s inbox or to a black hole.

Content:
Although most ISPs use reputation filtering processes, corporate networks and consumer security software use content filtering as their main weapon for fighting spam. Gold Lasso provides basic and advanced content analysis tools to help client increase their probability of bypassing content filters. Clients need to be flexible with their message design and copy to be successful with content filtering deliverability.

Authentication:
Authentication uses a set of protocols to verify that an e-mail message has been sent by the domain name in the from line since spammers falsify the from line to conceal their identified. These protocols include Spenders Policy Framework (SPF), SenderID, DKIM and DomainKeys. They all rely on DNS records, either to obtain sending mail server addresses or public keys for decrypting a digital signature. Both ISPs and corporate networks use authentication to filter spam. Gold Lasso configures all client domains with these authentication protocols.

There is a dizzying array of information, discussions and banter regarding the importance of sender reputation, however very little substance about how the process technically works. Even more surprising is the continuous debate among ESPs as to whether its better to have a client on a shared IP address verses a unique IP address. Please tell me how a sender establishes a good reputation using a shared IP address? I still haven't figured out the risk logic to this yet. What's most shocking is that very few ESPs offer their clients custom DNS. What is custom DNS you ask? It's when you have the ability to send email from your own domain name such as This email address is being protected from spambots. You need JavaScript enabled to view it. instead of your ESPs mail server domain such as This email address is being protected from spambots. You need JavaScript enabled to view it.. This involves pointing certain DNS records to the unique IP address your ESP provides. The IP has to be unique since reverse DNS needs to be configured as well and only one reverse DNS is permitted per IP address. Instead, many ESPs allow their clients to "spoof" a sender email address, violating many ISPs acceptable use policies (however rarely enforced).

The importance of custom DNS stems from the fact that it's the last link in ensuring your email sending reputation and one that is rarely implemented. In fact, if you don't have a custom DNS and a unique IP address, you will not be able to participate in sender verification, white listing and reputation management programs. Also, many corporate phishing filters block links in messages that point to other domains other than the receiving authenticated domain. Meaning if you send an email from mx345.myesp.com and have a link in your message that is pointing to yourwebsite.com you have a higher probability of it being filtered in a corporate network environment.

So what's a concerned marketer to do? The first step is to get a unique IP address. If you send a significant volume of email and your ESP doesn't offer a unique IP address then its time to consider a new ESP. The second step is to ask your ESP to help you with your custom DNS. They should provide you with a string of DNS entries that include authentication. If your lists are relatively clean and branding is important, choose a derivative of your corporate domain name such as email.yourdomain.com or click.yourdomain.com. If your list gathering practices are even slightly questionable then you should purchase a domain specifically for email marketing. If your ESP tries to charge you an arm and a leg for this service kick them in the shins and demand that they do it for free. It should take an experienced network admin no more than 15 minutes to get your account configured correctly.

Custom DNS is the only way to go with email marketing. The setup process will take a little extra effort however it will pay dividends with email reputation management, branding and overall trust with your recipients.

DomainKeys, OpenSPF and Sender ID – if you don’t know what these things are, find out fast! Mail server authentication, both from a marketing and corporate admin standpoint, will become a necessary defense in the spam war.  It is estimated that only 30 percent of mail servers currently use these email authentication technologies, but this number will grow quickly as email marketers rush to take advantage of technology that will help distinguish actual email from spam.
 
Review and commit these terms and definitions to memory.

DomainKeys
DomainKeys is an e-mail authentication system designed to verify the domain of an email sender and evaluate the message integrity.  Simply stated, it verifies the sender’s domain name, confirms the message hasn’t been altered somewhere along the line, matches the "from" address to the sender's domain name to sniff our forgeries, and traces the message back to the sender's domain name.

This particular form of email authentication is valuable because it positively identifies the sender’s domain, which makes domain-based blacklists and whitelists more effective. It also allows abusers to be identified more easily. 

OpenSPF
A large problem in the complicated world of SPAM is the use of fake or forged sender addresses. The innocent marketers who fall victim to forgery pay heavy consequences for this stealthy activity.  Sender Policy Framework (or SPF) protects the envelope sender address, which is used for the delivery of messages and is often not seen by the receiver.

Sender ID
Sender ID is another authentication tool that is built on the idea of verifying the domain name from which email messages are sent. It validates the origin of a message by checking the IP address of the sender against the owner of the sending domain. Using this tool requires that e-mail senders and domain owners publish or declare all of the Internet Protocol (IP) addresses used by their outbound e-mail servers, or the IPs authorized to send e-mail on their behalf, in the Domain Name System (DNS).

Gold Lasso uses all three of these technologies already, but don’t be surprised if the FTC made these a mandatory practice as part of compliance with the CAN SPAM Act.

I was manning the EEC booth at the OMMA conference in New York last week when I met an academic looking fellow named David Blumenstein.  After I pitched him about the EEC and all the cool things the group was working on he grabbed a seat next to me and started to rant about how gray listing is the secret to fighting spam.  Naturally the subject piqued my interest so I prodded him to go into detail.  He said that spammers don't like to receive bounces because it overwhelms their servers.  As a result spammers turn off bounce mechanisms.  Therefore pinging a legitimate mail server will yield a mailer demon and pinging a spammer's server will yield nothing.  He concluded that putting all unknown senders in email purgatory until a mailer demon is received helps to eliminate most spam.  The biggest drawback is that his email is delayed for 12 minutes or so. 

Pretty interesting!  Thanks Dave!  I'll have to try it out.

Another year in email marketing is almost gone and the good guys' battle against spam has barely made a dent.  Black lists, content filters and challenge response are all a joke to spammers.  Ninety-nine percent of spammers are never identified because of their uncanny ability to hide behind hijacked pc's and servers.  As an email marketer, the only real silver bullet to combat spam is the unified use of SPF or Sender Policy Framework.  SPF is a simple string of code attached to a domain that forces an email sender to be identified hence there is no place for spammers to hide.  The biggest issue to using SPF in the battle against spam is getting network administrators to implement it on their DNS (Domain Name Service) in addition to them not allowing email to enter their network from a sender who has not implemented SPF.  Two very simple things that need to be done in concert. 

However there is a dirty little secret among domain registrars and DNS providers.  This dirty secret is the simple fact that many of them do not support SPF. 

2007 is going to be a lull for deliverability and email marketing in general is going to suffer.  I think that network admins will be so fed up dealing with spam that there will be a quiet revolution to push DNS providers to support SPF.  Once this happens these revolutionary network admins will be able to implement it causing a chain reaction down the network admin pyramid forcing broad-base implementation.