171 Facts About Email Deliverability & Spam Filters
There’s a lot of advice flying around the internet informing marketers about email deliverability: How to avoid spam filters. How to ensure top inbox placement. Which hidden engagement metrics should be keeping email marketers up at night.
Well, guess what? Yes, there are some things you can do as a marketer to ensure top inbox placement. But, there are many more things your email service provider (ESP) – oh, hey that means us! – should be doing for you. Unless you’re employed as the head of deliverability at a large corporation that has its own in-house email sending architecture (in which case you probably already know everything you need to), a lot of the advice out there about email deliverability doesn’t apply to you.
However, understanding it can help you choose the right email service provider.
So sit back, relax and get ready to stop worrying. We’re here to break it down for you and tell you what really matters.
We’ll explain why email deliverability, also known as inbox placement, is such an important topic, tell you how spam filters work and how email travels the internet, and define the 76 key terms of email deliverability. Most importantly, we’ll arm you with all the information you need to figure out which ESP has the best deliverability.#Deliverability measures the chances your email will make it to inboxes, not spam folders. It examines the technical aspects affecting an email’s journey, everything that happens between pressing send and landing in inboxes. Click To Tweet
All told, it’s 171 facts we’ve collected here for you.
Our promise to you: After reading this post, you’ll understand email deliverability. You’ll feel more confident talking with potential ESPs about what they can do to ensure high deliverability for your email campaigns. What’s more, you’ll be able to stop worrying about deliverability and email filters, once and for all, so you can get back to what you do best – creating great content.
📧 Just the Facts, Please!
Email deliverability measures the chances your email will make it to recipients’ inboxes, not spam folders. Also known as inbox placement, email deliverability examines the technical aspects affecting an email’s journey, everything that happens between pressing send and landing in inboxes.
If you have low deliverability, then many of your messages are doomed to the spam folder.
Email deliverability is not the same as email delivery rate.
Email delivery rate measures the percentage of sent emails that are delivered to an inbox provider’s server.
To skip the history and start learning more about deliverability (or if you’re just here for the Vikings), jump ahead to “The Long Journey of an Email.”
Chapter 1: What Is Spam? A Quick History Lesson
Chapter 2: The Long Journey of an Email: What Anti-Spam Checks It Encounters and How Spam Filters Work
Chapter 3: What Aspects of Email Deliverability Should My Email Service Provider Take Care of? (Or What to Stop Worrying About)
If while reading, you run across terminology you don’t understand, scroll down. It’s probably explained in the final chapter, which is …
Chapter 4: A Bonus Glossary: 76 Email Deliverability Terms Explained
Download Our Email Deliverability Mastery Package!
Sign up for our email marketing newsletter and receive our Email Deliverability Mastery Package, which includes …
- Worksheet: 10 Questions to Ask Potential ESPs to Get the Best Deliverability
- Email List Hygiene (Campaign Timeline)
- How Not to Be a Spammer (Worksheet)
Before we can talk about email deliverability, we have to understand spam. First came email. Then came spam. Then came spam filters. Then came email marketing service providers and inbox placement concerns.
So, what is spam?
Many people think that spam is equivalent to a scam. Scams can be many things, from the Nigerian Prince Scam, known as “419 Fraud,” to phishing emails posing as banks needing you to re-confirm your personal details, to advertisements for male enhancement pharmaceuticals. And email is just one of many forms – and perhaps the most common – that scams can take.
Maybe you’re wondering why scammers send out so much spam and if anybody actually falls for it. Computer science researchers at UC Berkeley and UC San Diego asked the same thing. In “Spamalytics,” a case study published in 2008, they describe how they infiltrated a spam botnet. They discovered that 350 million pharmaceutical spam emails resulted in 28 purchases (conversions). That’s a conversion rate of well below 0.00001%.
Researchers discovered that 350 million pharmaceutical spam emails resulted in 28 purchases (conversions). That's a conversion rate of well below 0.00001%. #YesPeopleDoFallForEmailScams #Spam Click To Tweet
And yet, simply through the sheer number of spam messages sent per day, which for a single large botnet can be well into the billions, scammers can make between $7,000 and $9,000 in revenue a day.
But while many scammers do send bucketloads of spam, spam and scams are two separate things.
To learn more about scamming and internet fraud in general, we recommend the latest U.S. Government’s Internet Crime Report, which is put out by the FBI’s Internet Crime Complaint Center. Scamming is a serious crime that anyone working with online tools should be informed about.
For today, though, our topic is a bit lighter, although still a serious one. Scam emails are malicious spam. But you don’t have to have nefarious intent to be a spammer.
📧 Just the Facts, Please!
A scammer might spam you, and a spammer might scam you, but…
SPAMMING ≠ SCAMMING
(But that still doesn’t make either OK!)
The U.S. Federal Trade Commission defines spam as “unwanted commercial email” (UCE). And the Spamhaus Project, the biggest international nonprofit organization fighting spam, defines it as “unsolicited bulk email” (UBE). Although they differ slightly, what these definitions have in common is that they stress that to be classified as spam, an email needs to meet two criteria:
- It is unwanted or unsolicited. This means the recipient did not ask to get this email.
- It is sent in bulk to many recipients (as opposed to just one or two). Or 2. It is a commercial offer.
Many people will tell you that “spam is in the eye of the beholder” and “one person’s spam is another person’s ham.”
That is absolutely correct.
A recipient defines what spam is, not the sender.
Occasionally recipients sign up for legitimate email marketing, and then they forget they signed up for it.
In that case, it’s, unfortunately, still a type of spam. It is unwanted. That’s why you always need to provide all recipients the option of unsubscribing from your list in every single email that you send. If a contact decides that your email is spam, they have a quick and easy way to stop receiving email from you.
As an email marketer, you don’t get to say if you’re sending spam or not, your contacts decide.
When email was still in its infancy, spam filters and email-deliverability concerns didn’t exist yet. An email literally was just moved from an outbox to one inbox.
One person’s spam is another person’s ham. #Spam #EmailDeliverability Click To Tweet
But then people realized that sending bulk email was much cheaper than a physical mass mailing.
Some of the more infamous earlier spammers were the husband-and-wife lawyer team Laurence Canter and Martha Siegel, whose “Green Card Spam” in April 1994 angered a ton of people. They went on to write a book about their infamous hustle: “How to Make a Fortune on the Internet Superhighway.” But their story didn’t end well. Canter was disbarred.
Nor did it end well for the rest of us. Unsolicited bulk email exploded.
By the early 2000s, a lot of tech thought leaders promised we’d figure out a way to stop spam once and for all. Bill Gates, in fact, in a 2003 talk at the World Economic Forum in Switzerland, anticipated that the problem of spam email would “be solved by 2006.”
Well, in this case, Bill Gates and his buddies were wrong.
Fifteen years later, we have not solved the problem of spam email.
Instead, we have industries and complex technologies that have grown up around spam prevention. And scammers have developed their own complex technologies to further their ability to send spam. (One popular method is to infect others’ computers so they send out spam email for scammers. This is called turning a computer into a spambot, which then forms part of a botnet.)
In fact, spam is such a part of our daily lives that it’s generated a whole host of other words in multiple languages. In English, it’s now a verb (“Stop spamming me!”), an adverb (“That’s a really spammy message!”) and another noun (“Leave me alone, you spammer!”). Similarly in German, French and Dutch.
Where did this funny little word in the way we use it today originally come from? We’ll break it down for you in four steps.
📧 Just the Facts, Please!
Spam is unsolicited commercial email.
The Etymology of Spam in 4 Steps
Step 1: Canned Meat
First there was the canned meat. SPAM: A mystery pork product by Hormel Foods. Packaged in a rectangular can, it hit the U.S. market during the Great Depression, in 1937. And to this day, Hormel Foods will not reveal what the abbreviation stands for.
Nonetheless, many have made hilarious guesses, such as “Something Posing As Meat,” “Scientifically Processed Animal Matter,” and the way it was marketed in 1960s Britain – “Supply Pressed American Meat.”
No one knows what SPAM stands for. But many have guessed. Supply Pressed American Meat? Something Posing As Meat? Scientifically Processed Animal Matter? #HowSPAMBecameSpam #Spam Click To TweetFed to American soldiers during World War II, SPAM also spread to the Asia Pacific and England during the war, where it became a staple of detested school lunches and housewives on a budget. (For a thoroughly entertaining read, check out the Eater’s Brief History of an American Meat Icon.)
Step 2: Comedy Skit
Then came the Monty Python sketch, which was aired in 1970 as part of the absurdist comedy show “Monty Python’s Flying Circus.”
The scene: a run-of-the-mill cafe.
The greasy spoon’s only patrons: Vikings quietly feasting on breakfast.
A couple appears and asks what’s on the menu. The catch: This cafe only serves items with SPAM. Ranging from “egg, bacon and SPAM” to such treats as “SPAM, SPAM, SPAM, egg and SPAM.”
Chagrined, the female patron shoutingly declares she doesn’t like spam. At that moment the Vikings, who haven’t made so much as a peep until now, start singing the praises of SPAM. “SPAM! SPAM! SPAM! SPAM! Lovely SPAM! Wonderful SPAM!”
By the end of the sketch, no one, even the gratuitous historian reporting on the whole affair can say anything but the word “SPAM.” Importantly for this etymology, the song was later released as the “SPAM Song” on the album “Another Monty Python Record” in 1971.
Step 3: Internet Chat Rooms
Next, the word SPAM grows into the version of it we know today (and loses its capital letters). Perhaps because of the Monty Python record release.
The term spam as a noun meaning “unwanted messages” – and as a verb meaning “to inundate people with repeated unwanted messages” – gained popularity in internet chat rooms of the 1980s, particularly in online gaming forums known as multiuser dungeons (MUDS). “Supposedly,” Daven Hiskey writes, “users would occasionally come on and annoy other users with unwanted text, including the actual SPAM SPAM SPAM song from Monty Python.”
Yes, Monty Python truly are responsible for the way we use the word 'spam' today. #Spam #EmailDeliverability Click To TweetWhat’s important to understand about this action was that “spamming” a chat line could block any meaningful conversation from taking place. It was effectively hijacking the chat function.
Step 4: The Spam Email Explosion
In the 1990s, this meaning of spam, digitally shouting so loudly that you drown out all serious communication, was expanded to include email spam. The email industry was booming – the number of email users skyrocketed globally in the mid- to late-90s.
While everyone and their mothers were signing up for an email address, marketers began to go crazy over the potential of email marketing. But they weren’t all savvy enough to use permission marketing. As we saw above, many such as Carner and Siegel had dreams of get rich–quick schemes.
Unsolicited emails flooded people’s inboxes, often causing them to overlook important messages. Just like those MUD users spamming chat lines with lyrics from Monty Python’s “SPAM Song,” unsolicited email threatened to prevent all meaningful communication.
The most reliable source for growth and changes in the English language, the Oxford English Dictionary entered “spam” as a term in 1998, solidifying its place in the English language.
So people came up with ways to block these unwanted emails. And that is how anti-spam solutions were born.
In a recent Adobe Email Survey, 28% of consumers 35 years or older said the one thing that has improved their email experience the most are “stronger spam filters.” They remember those harrowing days before effective spam filters.
28% of consumers 35 years or older said the one thing that has improved their email experience the most are 'stronger spam filters.' They remember those harrowing days before effective spam filters. #SpamFilters Click To Tweet
With the advent of email filters came the idea of email deliverability, and the need for email service providers. Sending out messages in bulk usually signified to internet service providers (ISPs) that you were a spammer. So email marketing services like Newsletter2Go were born: as a means to send legitimate permission-based email marketing.
Now that we’re all on the same page about what spam is and where the term came from, we’ll look at the more technical aspects of deliverability in the next chapter. How, exactly, do ISPs keep out spam anyway?
📧 Just the Facts, Please! The Etymology of Spam
- 1937: The Hormel Corporation releases a new canned meat product SPAM to U.S. markets
- 1940s: SPAM gains popularity (or notoriety) in the U.K. during and after WW II
- 1970: “Monty Python’s” “SPAM Sketch” airs, with Vikings singing the praises of SPAM
- 1980s: “Spam” as a noun and verb is coined in early internet chat rooms
- Mid-1990s: “Spam” becomes a commonly accepted term referring to unsolicited commercial email
- 1998: Spam enters the Oxford English Dictionary
Email seems to work instantaneously. Whether you’re writing a two-line message to a colleague or composing a carefully crafted email campaign to thousands of customers, from the user perspective, it looks the same.
You write a message on your screen, press send, and milliseconds later, it appears on one or more recipients’ screens.
The truth is, though, that every single email you send has to complete a long journey from the sender to the recipient. It passes through multiple filters, which run authentication processes, as it travels through the internet from one server to the next.
What does the journey of an email involve?
In the case of email marketing, you are probably using an email service provider (ESP) like Newsletter2Go to send your email campaigns.
What routes do your emails have to travel to arrive in your recipients’ inboxes?
Picture this: Many medieval fortresses dot a landscape. The castles represent computer servers.
The task: Deliver a message from one fortress to the multiple recipients inside multiple other fortresses.
But just like in the medieval period, a journey could be perilous. And messengers always had to prove that they were who they said they were. Uniforms, sealed letters, all of these things contributed to a messenger’s believability. Email today is no different.
Your ESP has fortresses of its own. These are the servers where the message transfer agent (MTA) does the work of sending the email out into the internet.
And where do you want your message to go? To other fortress-servers owned by internet service provider (ISPs), also called inbox providers. Outlook, Gmail, and Yahoo are some of the biggest ISPs.
What are these fortresses trying to prevent? They’re trying to keep out bands of raiding Vikings.
(Wait, Vikings, why Vikings? Remember what we learned from the Monty Python sketch? Vikings love spam so much, they extol its virtues day and night. For the purposes of this story, spam is represented by Vikings.)
You want your email message to leave your ESP’s fortress-servers and arrive safely in the inboxes attached to ISP fortress-servers. Got it?
Ok, here we go.
Step 1: Pressing Send
1. You press send and the message leaves the outbox.
From your Newsletter2Go account, safe inside a room of your secure fortress, you compose a mailing and press send to distribute that message to all your recipients waiting for it.
Think of this as deploying the runners that carry your messages out into the world.
Step 2: Leaving the MTA
2. The message passes through the MTA’s outbound filters.
Before the message transfer agent (MTA) releases your email from your server or the ESP’s onto the internet, it must be checked by internal filters. If an ESP does not have internal filters set up to monitor and catch spam, then your ESP is not doing its job.
Think of these internal checks as the guards at the gate of the departing fortress. They are the internal safeguards ensuring that no spammers are trying to make use of your ESP’s software and servers. Every ESP should run their own checks, and what constitutes those checks is usually proprietary and top secret.
Step 3: Traveling the Internet
3. As tiny bits of data, the message journeys from router to router on the internet.
Passing from router to router, the runner carrying your message now gets mixed in with all the other 281.1 billion email messages sent around the globe every day. (This statistic comes from the Radicati Group.) And remember that anywhere from 45 to 70% of these can be spam.
Step 4: Surviving the Gateway Filter
This is the first filter your message may encounter – an initial set of checks. If your email fails to pass the guards at this gate, it will not make it onto the ISP’s server.
Think of this as the guards standing at the ISP’s fortress, asking very pointed questions to decide if the message can enter the fortress of the ISP’s server.
This filter works on an SMTP basis, which stands for simple mail transfer protocol, and functions like a firewall for your email server.
It might decide to not let your message in for any number of reasons – e.g., a faulty/outdated recipient address or an overly large attachment. But other reputation reasons can come into play here, as well, such as a poor IP reputation or a blacklisting. (One way to quickly check your IP reputation for free is to figure out its sender score.)
The gateway filter also examines technical elements of the email’s header and any authentication it uses, such as DKIM, SPF Record and DMARC. More on what these tools are in chapter three. They prove to the ISP there is a good chance that your message is legitimate and it hasn’t been tampered with.
If your ESP is whitelisted, then your messages should have a fast pass to get through this gateway. If your message does not pass the gateway filter, then it will be returned to you as a hard or soft bounce.
Another option that can occur in the gateway filter is graylisting. This is a spam protection mechanism wherein the message transfer agent (MTA) temporarily rejects all emails.
Step 5: Getting Sorted by Internal Spam Filters
5. The message passes through internal (hosted or on-premise) spam filters, which send it to the inbox, to the spam folder, (to a specific inbox tab) or reject it completely.
The email’s journey is not over yet. Everything covered up until here accounts for delivery rate.
But the last few steps of the journey before we get to inbox placement are still to come. There are more filters to pass. These internal filters can be either hosted or on-premise. These checks happen on the server or after the message is retrieved by a mail user agent (MUA).
Internal filters decide if a message lands in a spam folder or the regular inbox. A message can also be deleted or rejected at this point, too. This is also the place where a message can be sorted into various inbox tabs, such as Gmail has, promotional, social, etc. Note, too, that depending on how many layers of security make up a company’s anti-spam solution, it could also encounter more than one internal email filter here.
Think of this step as the administrator inside the fortress who directs the message to the appropriate room. He checks over the runner who brought the message one last time before giving his approval.
There are many services offering hosted and on-premise spam filters, such as Spamhaus, SpamAssassin, Barracuda and Cloudmark, to name just a few. These filters have trade secrets for detecting spam, but they work with similar means as the gateway email filters, relying on the email’s header and content to give them information.
More specifically, this means that elements such as IP address reputation, blacklisting and sender reputation (this can include engagement metrics) play a role here, as well. Filters also scan content for suspicious links and wording.
Step 6: Passing Through the Black-Box Filter
6. The black-box, or personal, filter sorts the message into the inbox or into spam.
Finally, you have the personal or black-box filters. These function at the inbox level and learn from a recipient’s previous choices.
They are almost always machine-learning filters, so they come to reflect their recipient’s preferences. They’re called black-box filters because no one outside your ISP can truly know what goes on inside them. Every recipient’s black-box filter will look different. It’s all up to the recipient.
If you haven’t opened a message from a newsletter for a while, your inbox might decide it’s spam, and start putting it there. If you “rescue” a sender from the spam filter, your spam filter will learn not to place it there again.
Step 7: Landing in the Inbox
7. The message achieves inbox placement.
The message has arrived where it was intended to go. Whether or not the recipient opens the message, however, is all up to you as a marketer!
There you have it – the typical journey of an email.
Every journey will, of course, be slightly different. Some smaller inbox providers might not even use a gateway filter. (Although that would be rare.)
Here are some tips for people sending to business emails: Some companies will employ multiple internal filters. Others (like some people) might have no internal filters. Although, the trend is towards more email filtering, not less.
Another aspect that differs for each individual email journey is the aggression level of the spam filters that email encounters. Again, in B2B emailing this is important to know about. Market leaders in anti-spam solutions usually give companies control over how aggressively a spam filter behaves.
Spam filter aggression it just what it sounds like. Depending on the settings that the company’s IT department is using, the guards at the gate will be more or less laid back. An aggressive filter is like a club bouncer who only lets VIPs in.
If they’re very laid back, they’ll let somewhat suspicious email through. If they’re extremely aggressive, only the most pristine of emails from known senders pass muster.
An aggressive spam filter is like a club bouncer who only lets VIPs in. #SpamFilter #EmailDeliverability Click To TweetMost administrators choose a medium aggression level. Or they set the aggression to high and then have employees manually check the spam folder to save false positives.
Up next: a quick overview of the nitty-gritty of how spam filtering actually works.
📧 Just the Facts, Please!
Generally, an email must pass through multiple email filters before arriving in a recipient’s inbox. It can encounter outbound filters, gateway filters, internal (hosted or on-premise) filters and black-box filters.
The anti-spam provider industry generates billions of dollars a year. Most companies’ email systems would collapse without it: Employees drowning in unwanted messages and phishing scams, and everyone at risk of overlooking client emails.
Personal email would be even worse, and everyone would simply have to resort to messenger pigeons (or, you know, text messaging) to send communications. Chaos! Anarchy! Y2K all over again.
But how do spam filters work? Filters usually use a combination of proprietary filtering methods. Here are some of the most common:
Basic Spam Filter Techniques
- Header filtering (also known as reputation filtering): ensures the email header has not been tampered with and is from a secure source
- IP filtering: an important step of header filtering. This filters based on IP reputation. If an IP address is on a blacklist, this is where it is caught
- Sender filtering: uses internal engagement metrics to decide if the sender is reliable
- Content filtering: checks that the content of the email is not suspicious. Usually this includes Bayesian machine learning processes
- Word filtering: checks that the content of the email does not follow any current or familiar scamming vocabulary. Note: This is what most people think of when they think of spam filters, but wording actually plays only a small role in the larger scheme of filtering
- URL (domain) filtering: identifies links within the email message itself that are currently being used in widespread phishing campaigns, or that may be suspicious because they’ve been shortened
More Complex Spam Filter Techniques
- Rule-based filtering: works with user-created rules to score emails according to statistical matching and content. SpamAssassin, which is an open-source filter, works in this way. The user sets specific thresholds for spam scores that define what is spam, what could be spam, and what isn’t spam. Emails with lower spam scores will always land in the inbox, but the user can decide how low they have to be to land in the inbox. The user can also set a middle value, for example, anything scoring above 5, which will then be delivered to the spam folder. Finally, the user usually also determines a high score, for example, emails rating above 10, that then should be rejected or deleted
- Fingerprinting filtering: works with specific message identifiers that are compared to other messages with similar identifiers. The anti-spam provider CloudMark is known for developing this
The word filtering can be something of a misnomer because it is such a passive word. A spam filter does not work like a charcoal filter, put in place to passively strain out impurities. When it comes to email, filtering is an active process, involving many layers of checks and communication with other servers.
In our final chapter, we discuss everything an ESP should do to keep your emails out of a spam folder.
📧 Just the Facts, Please!
Spam filters look at a variety of factors to judge whether an email is spam. Most of these are technical (IP address source, authentication, domain address) and some of these are content oriented (wording and URLs).
If this topic is new to you, chances are by now you are quaking in your boots.
For heaven’s sake, you just want to send a marketing email to your customers. You even have their permission to send one!
But how can you ensure your one little email will pass these multiple types of guards? It’s hard enough to get people to open your emails, but you didn’t realize it was such a fight to get into the inbox.
And then if you were to start googling “How do I keep my emails out of the spam filter?” you’ll find more websites than you have time for with dozens of different recommendations.
Should you be priming your IP addresses? Should you be signing up for feedback loops? But you’re a marketer who also has to find time for social media and blogging, too. How in the heck are you going to find time to learn all of this?
There’s good news and there’s bad news.
The good news: If you’re a marketer who uses an email service provider (ESP), then you do not have to worry too much about inbox placement. As long as you have an ESP, most of the internet advice about how to avoid spam filters does not relate to you. It’s the ESP itself who needs to worry about deliverability. All you have to do is choose the right ESP.
The bad news: There are no tricks or easy fixes.
The things you can do to ensure inbox placement? There are two:
- Send good, compelling content to a newsletter audience who has signed up to receive your mailings.
- Practice good list hygiene.
The two things you can do to avoid the spam filter? 1. Send good, compelling content to a newsletter audience who has signed up to receive your mailings. 2. Practice good list hygiene. Click To TweetProvide your audience with relevant information (and not just promotions), and they will save and star your emails and forward them on. The ISPs will register those actions as signs of high-quality content. That alone will keep you out of the spam folder.
Fail to deliver quality content, or engage in spammy behavior, and your recipients will register spam complaints against you with their ISPs.
(Psst. We’ve got literally hundreds of blog articles about how to create good email marketing content.)
As for the other topic – how to choose the right ESP for email deliverability – keep reading.
What You Can Expect From Your Email Service Provider
Let’s go back to our medieval message bearer and throw in a little more explanation.
What you need to envision is that the runners delivering mail work for their own guild (which represents an ESP). Kingdoms both large and small (which represent the companies using an ESP) hire them out to deliver messages.
In this metaphor we have the reputation of the guild that the messengers work for, the reputation of the kingdom using their services, and the ever-present guards or spam filters. Besides content, these are the three most important factors in inbox placement.
✔ Use the correct format and infrastructure to build your email
Before you even start thinking about what happens when an email leaves a server, you have to make sure the email is properly dressed.
What does this mean for our medieval message bearer? Before the runner leaves the fortress, he needs to be wearing shoes, a hat and the right livery. The guild the runner belongs to ensures he is well equipped for his mission.
For an email, this is the infrastructure. It’s the right livery equates to following the technical specifications laid out in the RFCs concerning electronic messaging. This means your email service provider correctly programs the header and the HTML of an email – not such an easy task, and also not one the sender even sees. This is all the backend programming.
✔ Make all authentication methods available to you
Authentication represents one key method developed in the fight against spam. Also known as validation or verification, these techniques inform ISP servers that senders of mass email are legit.
Some authentication tools can be tricky to set up for nonspecialists because the sender has to make changes to his/her own domain. This means the guild and the kingdom need to cooperate to successfully pull off these authentication methods
We try to make this as easy as possible for our users, but if you’re a small company with no internal IT department, this might represent a bit of a struggle. Thankfully, we also have help articles on the subject. And our support team is always on hand to help out.
There are three key email authentication methods to know about – each a unpronounceable jumble of letters: SPF, DKIM and DMARC. #Deliverability Click To Tweet
There are three key authentication methods to know about – each an unpronounceable jumble of letters: SPF, DKIM and DMARC.
Every legitimate ESP should offer its senders a way to incorporate DKIM and SPF.
How exactly do these work?
SPF is what’s called a path-authorization check. It examines if an IP address is allowed to send for a domain.
It serves to answer the question: Has this email arrived via the appropriate channels? Is it from whom it says it is? SPF functions to prevent scammers from spoofing a Sent From address.
Think of SPF as a guard receiving the appropriate letter of introduction to get the messenger through the gate. This letter has been stamped by both the guild and the kingdom he’s delivering for. Sender ID is an additional authentication technique that boosts SPF.
DKIM, in contrast, acts as a content-verification check. It inspects if the message has not been tampered with. Linked specifically to your domain, it matches private keys to public keys as a way of examining the content of the email, comparing it with the content that’s supposed to be there.
The best medieval metaphor: the wax sealing your letter closed, bearing the correct ring imprint. The guard looks at the message your runner is carrying to ensure that the impression of the ring in the wax corresponds to the kingdom he’s delivering for, and nothing within the letter itself could have been tampered with.
Domain-based message authentication, reporting and conformance, DMARC, counts as the highest level of authentication you can use. Often it is only available with dedicated IP addresses. If you’re sending a large volume of email, you’ll want to have your own dedicated IP addresses, and you’ll want to set up DMARC.
DMARC shows that, as a sender, you’re serious about secure sending. It was established as a way for senders and receivers to better protect the interests of email users. DMARC is an open policy published by the sender telling the server what to do if an email from a sender does not pass SPF and DKIM.
If an email supposedly from this sender does not pass SPF and DKIM, then DMARC tells the ISP whether it should allow it, filter it as spam or reject it. The strongest level of security is a reject or quarantine DMARC policy on your domain.
And what is DMARC in our medieval fantasy land?
DMARC with a reject policy is the equivalent of a proclamation stating that any messengers caught without proper letters of introduction and untampered seals on their letters should be executed on the spot for forgery.
DMARC with a reject policy is like a proclamation stating that any messengers caught without proper letters of introduction and untampered seals on their letters should be executed on the spot for forgery. #MedievalEmail #DMARC Click To Tweet
✔ Maintain a high IP reputation for all sending IP addresses
This task is the most important one for inbox placement. Most ESPs have a large deliverability department. Busy bees, they monitor blacklists, track sending activity, and care for IP reputation in every way possible.
Currently, IP reputation is THE technical factor for not being perceived as spam.
A poor IP reputation (or even worse, no IP reputation) will throw up red flags for ISPs. What’s more, once you develop a poor IP reputation (or once your IP ends up on a blacklist), it’s very hard to recover from.
The good news here is that you do not have to worry about IP reputation. If you use a legitimate ESP, you’re in the clear.
You’ll find a lot of email deliverability advice out there on how to warm up (or prime) your IP addresses. This is only something that email service providers need to think about. Or huge corporations with email developers of their own.
The one caveat to this: If you are using an ESP that offers you dedicated IP addresses, make sure they include IP address warming as part of their services.
If you are using an ESP that offers dedicated IP addresses, make sure they include IP address warming as part of their services. #EmailDeliverability Click To TweetIf they don’t, then they’re not the ESP you should be sending with.
The medieval equivalent? This is the guilds’ protecting their good name: networking, building trust with gatekeepers and guardsmen everywhere. Ideally, guilds develop such a good reputation that gatekeepers everywhere, even the toughest ones, simply wave their messengers through. This is the hard work guild leaders put in so kingdoms have benefits to reap when they start employing their services
✔ Tap into feedback loops and handle abuse complaints
Most ISPs provide feedback loops (FBLs), and it’s the job of the ESPs to collect this information.
Feedback loops provide information about which recipients marked which emails as spam.
An ESP should go beyond collecting feedback from FBLs, too. They also need to act on them. At the most basic level this means they should immediately unsubscribe recipients who file spam complaints. They should report any complaints back to their users. But handling complaint abuse goes beyond this.
Should a sender receive multiple abuse complaints, then an ESP needs to take stronger action, such as account termination.
📧 Just the Facts, Please!
Email service providers (ESPs) have a responsibility to their users to ensure a high delivery rate. This means they have to be able to correctly program mass email, maintain an IP reputation, offer authentication possibilities to their users and handle abuse complaints.
Download Our Email Deliverability Mastery Package!
Sign up for our email marketing newsletter and receive our Email Deliverability Mastery Package, which includes …
- Worksheet: 10 Questions to Ask Potential ESPs to Get the Best Deliverability
- Email List Hygiene (Campaign Timeline)
- How Not to Be a Spammer (Worksheet)
Spam and email go hand in hand.
As soon as email became a viable method of communication, spammers began abusing it.
These days, email deliverability has grown into a complex and highly technical topic, and anti-spam solutions evolve every year. While thought leaders once believed spam could be “solved,” what happened instead was that industries (including our own!) developed with the aim of getting emails into inboxes.
Simultaneously, industries emerged that have the goal of keeping unwanted email out of inboxes.
As our medieval cartoon has hopefully shown you, the process of moving emails across the internet can feel like a perilous journey. Especially if you’re trying to send many emails at once.
But the good news is that those messenger guilds (i.e., ESPs like Newsletter2Go) do exist, and they work hard in the background to make sure your emails get where they need to go.
A lot of the advice on the internet telling you how to avoid spam has zero relevance for senders using ESPs. And some of it is flat out wrong.
We’ve covered what goes on behind the scenes with deliverability and spam filters. We’ve covered why authentication (SPF, DKIM, DMARC) is crucial for avoiding being perceived as spam and for protecting your own sender reputation. And we’ve also gone over what you DON’T have to worry about when it comes to spam filters.
But … is there anything you DO have to worry about? Anything you as the sender can do to avoid landing in the spam folder? Absolutely. We tell you what you can do to keep your email marketing out of the spam filter in our article 4 Simple Steps to Avoid the Spam Filter.
Anti-spam providers: Organizations that provide anti-spam solutions for inbox providers. These solutions include one or more spam filters, blacklist creation and monitoring, and spam trap networks. Some well-known anti-spam solution providers are Spamhaus, Barracuda and Symantec, to name just a few.
Authentication: Authentication refers to a variety of technical processes that verify the sender or content of an email. SPF, DKIM and DMARC (as well as BIMI) are the main verification processes available. All of these include some sort of communication check between the receiving server and another server.
Bayesian machine learning: A machine learning technique known as Naive Bayes Classifiers is often deployed in spam filters. If an anti-spam provider tells you they use Bayesian spam filters, they’re talking about a particular type of content-based machine learning.
Black hole: In internet terms, a black hole is a network link that does not forward incoming traffic. Originally blacklists were called “black hole lists.” The idea was that spammers’ emails would be dropped and not forwarded. Nowadays a black hole can also describe a part of a sensor network. In this sense, a black hole is like a spam trap without the consequences. Like a spam trap network, a sensor network analyzes the data in messages and monitors the possibility that certain domains and IP addresses are spammers. Unlike spam traps, it does not report this information to a blacklist. A sensor network exists solely to monitor and provide feedback, mostly for ESPs.
Blacklist: If a sender distributes too much spam, it will become blacklisted. All future emails from this sender will be filtered and not delivered. Blacklists are run by anti-spam providers and by ISPs. The opposite is called whitelisting, in which certain senders are classified as trusted. Blacklists are also called suppression lists and block lists. There are two types of blacklists.
- IP-based blacklist: Also called Real-Time Blacklists / Block Lists or Real-Time Blacklists or Blackhole Lists (RBLs) and Domain Name System–Based Blackhole List (DNSBL), an IP-based blacklist records the IP addresses known spammers send from. Most spam filters are checking the sending IP address against an RBL. Some of the most well-known are Barracuda, Invaluement’s SIP and SIP/24, Manitu (used mostly in Europe), PSBL, SpamCop and Spamhaus (the oldest and most powerful).
- URI blacklist: Abbreviated as URI DNSBL, URI stands for uniform resource identifier, and in this case, a URI blacklist refers to links included within an email. These are also known as domain-based blacklists because they look at domain names, not IP addresses. These blacklists record domains that have been associated with spam and scams (e.g., phishing). When scanning the content of an email, a spam filter is comparing any links to the existing URI DNSBL that it has access to. Some of the most well-known domain-based blacklists are Spamhaus’s, SURBL, URIBL and Invaluement’s URI.
Bounce: Bounces are emails that were not delivered. When an email bounces, a fail message is sent back to the sender. The reasons for bounces can include incorrect email addresses or server unavailability.
- Hard bounce: This means there is a permanent delivery issue. The email you sent to this address ain’t ever going to arrive. Likely the address was canceled or it never existed in the first place. (First thing to look at is if there is a typo in that email address.)
- Soft bounce: This means there is a temporary delivery issue. For example, the server could be down or your recipient’s inbox could be full.
Bounce rate: The bounce rate is the proportion of failed deliveries to overall deliveries. It includes emails that are both temporarily and permanently failed. So: Bounced Emails / Total Emails Sent. A persistently high bounce rate increases the likelihood a sender will be classified as a spammer.
Botnet: A botnet is a network of computers performing automated tasks. If a personal computer gets infected with a Trojan or a virus, it can be hijacked to be part of this botnet. (This computer is called a spambot or zombie.) Scammers build huge botnets and use them for things such as sending out spam, carrying out DDoS attacks or creating false pop-ups on the infected computer. This means that if your computer is infected, it could be sending out spam for scammers. Norton calls botnets “the workhorses of the internet.”
Brand Indicators for Message Identification (BIMI): BIMI is the latest high-level authentication process. It works like this: If a large brand uses SPF, DKIM and DMARC with a policy to reject all non-passing emails, then a small logo will display in users’ inboxes next to all emails from this brand. It’s a reward system for brands that have strict policies in place to prevent spoofing and other types of abuse.
CAN-SPAM Act: A U.S. law passed in 2003 and officially titled the “Controlling the Assault of Non-Solicited Pornography and Marketing” Act, the CAN-SPAM Act regulates electronic promotional messages sent out within the United States. Some of the most well-known requirements of the CAN-SPAM Act are including a physical mailing address and explaining options to opt-out of receiving further communications. It does not, however, mandate that senders must receive recipients’ permission prior to sending to them. This is something included in the European General Data Protection Regulation (GDPR), which recently went into force. In summer 2017, the U.S. Federal Trade Commission announced they would be reviewing and perhaps revising the CAN-SPAM Act.
Certified Senders Alliance (CSA): The Certified Senders Alliance constitutes the central German whitelist. It’s been around since 2005. The CSA whitelist is a positive list for email bulk senders. With ISPs and email providers participating in the whitelist, the chances of false positives in spam folders are reduced. Learn more about CSA whitelisting.
Click-through rate (CTR): The click-through rate indicates what percentage of your contacts clicked on a link within your email campaign. Your email marketing software should calculate it like so: Total Contacts Who Clicked a Link / Total Email Recipients. It’s a great KPI for engagement, and it is something that most ESPs measure. A high CTR indicates a high level of engagement; a low CTR indicates there’s room for improvement.
Dedicated IP address: A dedicated IP address is reserved for the use of a single email marketer. Normally in shared pool servers on ESPs, IP server traffic is shared among several users. Many ESPs also offer dedicated IP addresses. Using a dedicated server means that the marketer alone is responsible for the IP’s reputation, which is one of the most important factors in email deliverability.
Delivery rate: Also called acceptance rate, an email campaign’s delivery rate measures the number of emails in a campaign that an inbox provider’s server accepted. This means what was the rate of emails that did NOT bounce. To calculate this, first you subtract the number of hard and soft bounces from the total number of emails sent. Then you take this difference and divide it by the total number of emails sent. So: (Total Number of Emails Sent – All Bounces) / Total Number of Emails Sent.
Domain-Based Message Authentication (DMARC): DMARC represents the highest level of authentication a sender can use. As an open policy published by the sender, DMARC builds on SPF and DKIM. It instructs an ISP’s servers how to handle email from the sender’s receiver that does not pass SPF and DKIM authentication checks. See the description of it in section 3.
DomainKeys Identified Mail (DKIM): DKIM is a type of authentication that validates the content of your message and the relationship between the domain and the IP address. It is based on an authentication method that matches a private key with a public key. An encrypted private key is stored in the signature of every message sent by a specific domain. This key is then matched to a public key available as a TXT record on a DNS server. The server receiving the email compares the private key to the public key to make sure they match. We encourage all senders to set up DKIM. It involves inserting a TXT record on your DNS server. If you are sending from pooled IP addresses, DKIM helps differentiate you from the others sharing your IP address. See the description of it in section 3.
Domain Name System (DNS): The Domain Name System is a naming system for computers, servers, services or any other tool connected to the internet or a private network. It’s like a dictionary for computers. A DNS server contains the information needed to “translate” the words you enter into a browser (www.Newsletter2Go.com) into an IP address that other computers can understand (184.108.40.206). Checking the DNS entry of the email sender is an important technique in filtering out spam.
Double opt-in (DOI): Also known as confirmed opt-in, a double opt-in is considered the best practice for email list growth. In a double opt-in, the subscriber has to confirm that they want to sign up for a newsletter twice, hence “double” opt-in. The first opt-in takes place when a potential subscriber enters their contact details into a sign-up form. This can be a pop-up on a website, an overlay or an individual page. After the subscriber enters their information, they receive an email asking them to confirm their registration. They click on a link to confirm their registration, and they have opted-in twice. You have confirmed their digital identity and that they have access to the inbox they claim to.
Email agent: An agent refers to a function that a specific computer program carries out. Agents are the worker bees that move email around. The most commonly known types of email agents are a message transfer agent (MTA) and a mail user agent (MUA).
Email deliverability: Also known as inbox placement, deliverability describes the successful delivery of email campaigns to contacts’ inboxes. Whereas delivery rate just measures a campaign’s ability to pass through the gateway filter of an ISP’s server, deliverability looks at the entire journey of an email.
Email filter: An email filter is a tool that pre-sorts a user’s email before sending it to the inbox. The most common types of email filters are spam filters (see above), but other kinds of filters exist, too. For example, Gmail offers a tab system that sorts email into Primary Inbox, Promotions, Updates, Forums and Social. Email marketing research done by Return Path in 2016 showed that, of consumers who use their Gmail tabs (1 in 3 Gmail users), 70% still check their promotions tab.
Email header: The email header is a long string of information that precedes every email. It does not appear in your email client, but you can always choose to view it. (For example, for Gmail, click on the 3 dots next to Reply and choose Show Original. A new window will open.) An email header can reveal a wealth of information about an email. Essentially it records the email’s long journey and all the guards it has encountered. A header shows if the client has DKIM, SPF and DMARC set up (and if the email passes these three authentication checks). It also shows the various servers the email has traveled through. You can read about its journey in the Received section. (Note that the Received should be read bottom to top, with the top entry depicting the final server). If an email client uses spam scoring, that will appear here as X-Spam-Status or X-Spam-Level.
Email service provider (ESP): An email service provider is a company that offers email marketing software or other marketing automation tools, for example, Newsletter2Go. Note that ESPs send out bulk mailings for their clients, while ISPs receive them and filter them. In the pictures above, the ESP’s server and the ISP’s server represent the two fortresses that email travels between.
Engagement metrics: With the full name recipient engagement metrics, these are the metrics an ISP tracks to determine what reputation a sender has across all recipients. Engagement metrics are also the biggest drivers of personal spam filters. Of course this includes the standard engagement metrics most ESPs provide, such as total and unique opens, total and unique clicks, and unsubscribes. But engagement metrics that an ISP measures go farther than this. Engagement metrics include behavior such as how often an email is deleted without being read, how often an email is forwarded, how much time a recipient spends looking at an email (called read length), how often an email is rescued from the spam folder and how often a sender is added to a user’s address book.
Feedbox loops (FBL): Also known as inbox feedback loops, these are the reports that ISPs provide to ESPs. Specifically, an FBL would inform an ESP when a recipient marks an email as spam. Most ESPs will then act on this information and unsubscribe that recipient automatically.
General Data Protection Regulation (GDPR): The main regulation governing email marketing in the European Union. Under GDPR, cold emailing (spamming) is not permissible and can incur heavy fines. Notably it applies not only to businesses working within the E.U. but also to businesses sending emails to the E.U. For more information, see our GDPR resource page.
Graylisting (also, greylisting): An anti-spam mechanism that occurs at the SMTP level. Graylisting can work in one of two ways: 1) When graylisting is turned on, the MTA checks the IP addresses/domains of all emails against a database and temporarily rejects any emails for which there is no match to the database. In this first method, only emails from approved senders saved to the database can get through the spam filter. Or 2) When graylisting is turned on, the MTA checks the sender’s information against a database of suspicious IP addresses or domains. When it functions this way, IP addresses that are on a “graylist” of possibly suspicious senders get temporarily rejected. All other senders pass the gateway filter. In both of these methods, senders who do not pass the gateway filter receive a temporary rejection error message upon sending. The idea behind graylisting is that a legitimate sender will send again, whereas spammers will not. If the message is re-sent, it passes the gateway filter.
Internet Message Access Protocol (IMAP): A protocol is a format for transmitting data. IMAP is a protocol governing how email clients retrieve email from a server. Emails clients either use IMAP or POP for moving messages from servers into inboxes (or into personal spam folders).
Inbox placement rate: Inbox placement is another, perhaps more precise, term for email deliverability. Was your email campaign placed in the inbox (as opposed to landing in the spam folder)? That email achieved inbox placement. You can calculate a campaign’s inbox placement rate like so: Total Emails Placed in the Inbox / Total Emails Sent. As a sender, though, getting this data is difficult, as few ISPs provide this in their FBLs.
Internet service provider (ISP): In email terminology, an ISP is synonymous with an inbox provider or mailbox provider, i.e., a company that provides users with inboxes. The term ISP traditionally means companies that provide users with internet services, such as Comcast, Verizon and Telecom in the U.S. In the 90s, nearly every large ISP offered an associated email address. Just think of how many people had AOL dial-up internet and AOL email addresses. This is how ISP became synonymous with inbox provider. Nowadays, just to be confusing, the term ISP can either refer to an actual internet service provider (e.g., Comcast and Verizon) or a mailbox provider (e.g., Gmail, Outlook).
IPv4 and IPv6: Believe it or not, we are actually running out of IP addresses. This phenomenon is called “IP address saturation.” IP version 4 (IPv4), which consists of 32-bit numbers, is the original format for IP addresses. Longer versions of IP address, IP version 6 (IPv6), began being released in 1999, as a way to combat the problem of IP address saturation. Most ISPs, however, still use IPv4. Sending via IPv6 can unfortunately result in many bounces. Read more about the shortage of IP addresses at the Internet Assigned Numbers Authority (IANA), the organization that distributes IP addresses.
List hygiene: Email list hygiene is the practice of weeding your garden of defunct addresses and recipients no longer interested in receiving your emails. Practicing good list hygiene will prevent you from hitting spam traps and boost your deliverability in general.
Mail User Agent (MUA): Also sometimes called Message User Agent, an MUA is another term for email program, i.e., a program that allows individual users to retrieve and send emails. There are two types of MUAs:
- Email client: An email client, such as Microsoft Outlook or Lotus Notes, downloads email to a user’s local system.
- Webmail: Webmail is email that can be read in a browser. Hotmail and Gmail pioneered browser-based email inboxes.
Open rate: A KPI provided by most ESPs, it’s where you should start when thinking about recipient engagement. Your ESP will calculate it for you like so: Total Recipients Who Opened Your Email / Total Recipients. Note, though, that this is only the beginning for measuring engagement. CTR is a better indicator of how engaged your contacts are.
Post Office Protocol (POP): A protocol is a format for transmitting data. POP is the protocol that governs how an email client retrieves a message from a server. Emails clients either use IMAP or POP for moving messages from servers into inboxes (or into personal spam folders).
Phishing: Phishing emails are a type of email scam trying to get recipients to give up sensitive data, such as passwords or credit card information. Phishing emails are usually combined with spoofing.
Re-engagement campaign: Also known as a win-back campaign or reactivation campaign, a re-engagement campaign aims to renew subscribers’ interest when it lags. If subscribers haven’t opened your mailings in a long time, a re-engagement campaign targeted at those non-opener users will ask them what’s wrong. Some examples of re-engagement campaigns include a survey about why their interest has lagged, a quirky or comedic attempt to re-engage them, or a special discount campaign. Re-engagement campaigns are considered essential to good list hygiene.
Reputation: Reputation is the key component of deliverability. It encompasses all the information and history available about where an email is sent from. Think of it as current and historical standing with anti-spam providers and ISPs. It can be broken down even further:
- Domain reputation: This measures the standing of a domain. It can either be the sender’s domain or the domains listed as URLs within an email. Setting up DKIM is an important way to establish your own domain reputation. DMARC is another key element that will boost your domain reputation. Domain-based blacklists look specifically for URIs used in spam and scam emails.
- IP reputation: This measures the standing of the sending IP address. Most major blacklists are based on IP reputation.
- Sender reputation: Sender reputation is an overall term for all aspects of your individual reputation as a sender. This includes domain reputation and IP reputation, as well as the engagement metrics ISPs collect.
Request for Comments (RFC): RFCs establish the rules by which the internet is programmed. An RFC is a technological publication, like a memo, that documents communications protocols and other specifications. RFCs may eventually become internet standards, but not all do. The most important RFCs for email are RFC 5321, called Simple Mail Transfer Protocol (SMTP), and RFC 5322, Internet Message Format.
Sender Policy Framework (SPF): SPF is an authentication mechanism that confirms that a particular IP address is allowed to send for a domain. See chapter three for more details on SPF.
Sender score: A value calculated by Return Path, the sender score works as an inverse of a spam score. An advanced type of whitelisting, it attaches a rating to each sender, which stands in for sender reputation for some email filters. You can check it by entering your sending domain or sending IP at ReturnPath’s site. ReturnPath states that anything above 80 is good, but we’d recommend aiming for a rating in the high 90s.
Sending permanence: Sending permanence is the history of how long you’ve been sending emails from an IP address and domain. (Which is why it can be broken down into IP permanence and domain permanence.) Sending permanence is key to your sender reputation. Were you to get a bad IP reputation, the best solution is NOT to just quickly change IP addresses (this is what a spammer would do). Instead, you should repair your IP reputation by contacting any anti-spam providers who have blacklisted you and seeing what you have to do to get delisted. Generally, though if you are using an ESP, they will take care of IP reputation for you.
Simple Mail Transfer Protocol (SMTP): A protocol is a format for transmitting data. SMTP is the protocol that governs how email travels between servers. Once an email is accepted by a recipient’s server, other protocols take over. The email client retrieves it with POP or IMAP and places it in the inbox.
Single opt-in: A single opt-in is an email collection practice that does not confirm a subscriber’s identity through an additional email. If a subscriber enters an email address into a form, and the newsletter owners are using a single opt-in, then subscribers are instantly subscribed. Because a single opt-in never confirms a subscriber’s true identity, if you grow your email list according to this practice, you may receive spam complaints. For example, someone could sign up with an email address that isn’t actually theirs. (You’d be surprised how often it happens. It’s how I have received car-sharing receipts from Brazil, real estate offers from Australia, and my supposed son’s report card from the U.S., even though I live in Berlin.)
Snowshoe spamming: Just as a snowshoe spreads your weight across a large surface so you can cross a hardened layer of snow without sinking in, a snowshoe spammer spreads their spam over multiple IP addresses and domains, with the hope that they won’t “sink in,” i.e., get caught by anti-spam providers. Snowshoe spammers are trying to avoid getting their IP addresses blacklisted.
Spam: Spam is unsolicited commercial email. See definition above.
Spambot: Spambot usually means one of two things: 1) Either a bot that crawls the internet looking for email addresses (a process known as scraping) to send spam to. Or 2) A computer that is sending out spam as part of a botnet. A computer that is part of a botnet is also known as a zombie.
Spam complaint: Also called a spam report, a spam complaint is when a recipient marks your email as spam within their inbox. This is one of the “loudest” signals a recipient can send to their inbox providers about how they view your email. Spam complaints do long-term damage to your sender reputation. ESPs learn about spam complaints via the feedback loops. This is why you want to make sure your ESP is signed up to all feedback loops. To avoid this, always use a DOI sign-up form and include a 1-click unsubscribe method. (Double opt-outs used to be a viable unsubscribe method. However, in Europe under GDPR, they’re now illegal.)
Spam filter: A spam filter is a device that assesses all incoming email to an inbox in an attempt to keep out spam. Some suspected spam will be rejected outright. Other spam will be sorted into a spam folder. See chapter two for more on how spam filters work.
- Gateway filter: A gateway filter decides if emails are allowed onto a server or not. Gateway filtering happens on the SMTP level.
- Hosted filter: Any service offered in the cloud is a “hosted” service. For example, web-based email is a hosted service. It is called a hosted service because it is technically stored and run from a remote server. One advantage to using hosted spam filtering is that, like all services offered in the cloud, there are fewer maintenance and upkeep costs associated with it.
- On-premise filter: An on-premise filter is an alternative to a hosted spam filter. In this sense, “on premise” means that software is installed on the end user’s server instead of hosted by a remote server. Typically on-premise filters offer more granular control over filtering options than hosted ones. Hybrid filtering solutions are also available.
Spam trap: A spam trap is an email address whose sole purpose is to identify spammers. It does not connect with an actual person’s inbox. Trap network operators monitor these addresses. The best way to avoid spam traps is to practice regular list hygiene.
- Pristine spam trap: Also known as a honey pot, a pristine spam trap is an email address that was never connected to a real individual. The email address has been set up explicitly with the purpose of luring spammers who use bots to scrape email addresses from websites. These honey pots are then seeded throughout the internet, on various websites. If you never buy email lists and if you use DOIs, then you should not end up with any pristine spam traps on your list of subscribers.
- Recycled spam trap: A recycled spam trap is a bit trickier to avoid. This is why good list hygiene is important. A recycled spam trap was at one point a functioning email address, but at some point it was deactivated. Or its user just stopped checking that email address. After its deactivation, it was reactivated as a recycled spam trap. To avoid recycled spam traps make sure you have good bounce management. Also, if it’s been a long time since you’ve emailed your subscribers, then you may unknowingly hit a recycled spam trap. This is why re-engagement campaigns are so crucial to list hygiene.
- Typo spam trap: Typo spam traps are a variety of pristine spam traps that are popping up with more frequency lately. These traps contain typos instead of common domain names. For example: @gmall.com instead of @gmail.com.
Spoofing: A common technique for scammers and hackers in general, to spoof means to impersonate by falsifying data. In the context of email, spoofing an email means disguising the sender’s identity to make it look like it is coming from another source. Spoofing lets scammers forge emails to make it look like they come from a reliable source. Using DMARC is the best way to prevent others from spoofing your identity.
Throttling: Throttling is when an ISP decreases how many messages it will accept from a sender at once. If an ISP suspects a sender of spamming, it will first throttle their messages. To avoid throttling, it’s always good to warm up IP addresses.
Trap hit: When a spam trap receives a message, it is called a trap hit. Your aim as a sender is to have ZERO trap hits. Ever. If you do have a trap hit, though, what happens? For every trap hit, the TNO that owns the trap collects data from the sender’s email. In particular, it looks at sending domain and IP address, the email infrastructure and content (including links). Even a single trap hit can land you on a domain or IP address blacklist.
Trap Network Operator (TNO) : An organization that creates and monitors spam trap addresses. Most TNOs are blacklist and anti-spam providers. ISPs sometimes operate their own trap networks, as well.
Warming up an IP address: Also known as priming an IP address, warming up an IP address is a way to carefully build up a good IP reputation over time. To warm up an IP address, most ESPs begin by sending out only a small amount of email, preferably to contacts they know will read them. Only IP addresses that have been warmed up are able to send bulk emails, which is why Newsletter2Go warms up shared IP addresses as well as dedicated IPs.
Whitelisting: The whitelist is the counterpart to the blacklist. It is a “positive list” that includes email addresses or IPs of people or companies regarded as trustworthy. Senders who are listed in a whitelist can send emails directly into the mailbox of their contacts. The delivery rates rise significantly because there is no risk of being perceived as spam. Learn about our whitelisting services.