Posts Tagged ‘email blacklist’

‘Tis the Season: The Importance of Email Validation for the Holidays

People will always debate whether stores put out their holiday merchandise too soon. (Not all of you like being reminded that the holidays are just around the corner!) But we can all agree on one thing: it is never too early to make sure that your email contact list is genuine, accurate and ready for your holiday marketing campaigns.

From Black Friday and Cyber Monday all the way to the end of the year, the holidays are the busiest season by far for many businesses, particularly retailers.

According to recent 2018 statistics, as much as 30% of their sales take place over the holiday period, with total holiday retail sales climbing over the US$1 trillion mark for the first time last year – and nearly a quarter of these sales were generated through email marketing.

As the holidays approach, email validation plays a vital role in communicating with your customers and prospects. It impacts customer service issues, order confirmation, promotional marketing campaigns and sales efforts. Let’s look at some of the ways it can help make your holiday business season a success.

What email validation can do for you

When you use our DOTS Email Validation product with your email contact list, here are some of the things it will do for your holiday marketing and customer contact efforts:

Make sure your contacts are real contacts. We screen for obviously fake email addresses, so they don’t become part of your marketing contact list forever. These checks include bogus addresses, invalid domains, garbage and vulgar names, and more.

Fix common errors. With our automated syntax and error correction capabilities, you won’t lose a valuable contact because they did things like leaving off the “.com” or misspelling Gmail.

Ensure deliverability. This capability sets our email validation apart from most of the industry: we have the ability to make sure your email addresses work. In short, we check to make sure the email server AND address is able to receive email. This also includes checks for blacklists, known greylisters, invalid DNS records, and more.

Keep the bad guys out. Not every email contact has the best of intentions, and the busy holidays are classically the peak season for retail fraud. Still others steal your time by being known spammers or bots. We check for suspicious email addresses that are bogus, disposable, or known bad actors, so you can take corrective action ahead of time.

Protect your sender reputation. Even when you are careful about obtaining your email contacts in the first place, you are at risk of sending emails that could get you blacklisted from ISPs or run afoul of the CAN-SPAM Act against unsolicited commercial email – because you have little control over what a contact enters. We warn you about addresses that are known spam traps, honeypots, and role email addresses (read more about the importance of identifying role addresses from our blog, Email Marketing Tip: Dealing With Role Addresses).

Save time and money. Above all, email validation helps you market cost-effectively to a cleaner list, reducing bounce rates by up to 90 percent and making sure your message gets through to more contacts, which ultimately drives more revenue.

Taking a best practice approach to data quality at the holidays

Email validation is an essential part of your data hygiene strategy, particularly during the busy holiday retail season. Moreover, since email contact information is constantly changing, it is important to validate these email addresses at both the time of data entry and each time you run a campaign.

We make this easy for you by checking your email against over 50 proprietary tests and returning an easy-to-interpret quality score from 0 to 4, as well as specific details on the results. And our API interfaces allow you to implement email validation directly in most popular CRM and marketing automation platforms.

Want to learn more about how email validation can make your holiday season more profitable? Download our free whitepaper The ROI of Real-Time Email Validation to learn more, or contact us for a free consultation on your own specific email marketing situation.

Tackling False Positives in Email Validation

What is a false positive? In email validation, this term is used when an email address is incorrectly identified as being valid or deliverable – in other words, it is flagged as being good when it is actually bad.

False positives are dangerous for senders, marketers especially because sending messages to a bad email address can ruin a sender’s reputation and possibly even get them blacklisted. It’s best to correctly identify email addresses before sending out messages to help ensure that you don’t get penalized for sending messages to bad email addresses.

What causes false positives in Email Validation?

The DOTS Email Validation service offers real-time validation and verification of email addresses. Email verification is handled by directly communicating with an email address’ host mail server(s) via Simple Mail Transfer Protocol (SMTP). SMTP, to put it simply, provides the rules and guidelines for how mail servers and clients should communicate and behave when sending mail.

SMTP is older than the internet as we know it and it precedes the World Wide Web HTTP protocol by almost ten years. At the time of its inception its inventors probably never dreamed that it would be abused by malicious users and overwhelming spam. If they did then they probably never would have created SMTP commands like EXPN and VRFY.

These SMTP commands are considered vulnerabilities, as they are intended to list and verify user mailboxes; however, since they are seen as vulnerabilities most mail servers provide a way to disable them: some like Microsoft Exchange come with them disabled by default, and others will simply return a false positive . Even though the RFC specifically states, “EXPN and VRFY MUST return only valid domain addresses that are usable in SMTP RCPT commands”, it is not uncommon to see these commands return false positives. These are some of the reasons why the Email Validation service does not use or rely on these SMTP commands when trying to validate an email address.

The most common cause for false positives comes from servers that are configured to not reject recipient requests for an email address that does not exist. Simply put, the server will not reject a bad email address and it will instead say that the email is good. At Service Objects, we ubiquitously refer to this as a catch-all domain.

Catch-all behavior

This type of behavior was commonly seen by domains that enabled catch-all or accept-all email accounts. The feature was primarily intended to be used as a way for someone to never miss an email address. Before the days of spam, when email addresses were a new concept, people didn’t want to risk losing an email message because someone forgot how to spell their mailbox or if someone accidentally mistyped it. It didn’t take long, however, before these catch-alls started getting filled with spam, making them near unusable.

However, catch-all behavior gained popularity by admins in an attempt to thwart bots from mining and spamming their users. The reasoning was likely that if a bot could not trust the results being returned by the server then the bot would be forced to move on, and the mailboxes of the domain’s users would be protected.

Unfortunately, malicious users and bots generally don’t care about catch-all behavior, and this practice instead creates other problems, such as helping spammers generate backscatter spam. Backscatter generally occurs when the recipient server does not reject a bad email address and instead bounces it back to the sender. The sender, however, is forged or spoofed by a malicious user and so the unsuspecting sender is now the victim of the unsolicited spam. Backscatter spam also leads to other issues, such as excessive bandwidth, but to not get too sidetracked we’ll perhaps dedicate a blog to backscatter spam at a later time.

Anti-spam solutions

Some mail servers are protected by anti-spam solutions. These solutions are sometimes included in firewall(s) or in mail server(s) or are proprietary to the mail host provider. Solutions can vary in sophistication. Most solutions will incorporate filters and blacklists to try and identify spam and spammers; however, unless the spammer is blacklisted then many of these types of solutions will not reject the bad email address – leading to a false positive. The mail server will likely also bounce the message back to the sender instead (helping to generate backscatter spam).

Not all anti-spam solutions are configured to always accept all requests, however. Some anti-spam solutions may be configured to instead temporarily reject all requests from spam-like activity. This is the opposite of false positives and can instead lead to false negatives.

Other solutions may instead temporarily act as a catch-all when they encounter spam-like activity: behaving normally and rejecting email requests at first, but then switching to catch-all mode temporarily and without warning and then eventually switching back to normal mode. The flapping in behavior can make verification difficult, because if the sender does not know what mode the recipient domain is in, then it can lead to false positives.

How Email Validation can help

According to a recent analysis from Statista, “Spam messages accounted for 56 percent of e-mail traffic in March 2019” and moreover, “China generated the largest share of unsolicited spam e-mails with 15 percent of global spam volume”. With so much spam being thrown around it is not difficult to understand why the overall tolerance for spam-like activity it is so low.

Sure, a single false-positive leading to one bad email message being bounced may not be enough to ruin your sender reputation or get you blacklisted, but for marketers who blast millions of messages for email campaigns, a false-positive here and there can quickly lead to hundreds and thousands if not tens of thousands of false positives.

With how important email communication is nowadays, and the benefits that it brings to marketers, can you afford to get blacklisted? Don’t take the chance and minimize your risk by using a service like Email Validation. Our Email Validation service is highly adept at identifying both false positives and false negatives. Our service has years of experience and data behind it to help identify various server behaviors and patterns.

Oh No, You’ve Been (Email) Blacklisted! Now What?

Blacklisting is the email equivalent of being put on Santa’s naughty list. Except the consequences can be much worse than not getting presents: it can keep your business’ emails from getting through to clients, prospects and others. This article will show you how to tell if you’ve been blacklisted, and what you can do about it.

Why good people get on email blacklists

So how did you get on a blacklist in the first place? If it is because you are an incorrigible spammer, well then. But most people reading this article are actually innocent victims of other people’s actions, or make common rookie mistakes. Here are some of the most common reasons you might end up on a blacklist:

Your IP or server was blacklisted. This can happen if spam or excessive activity is detected from your email server. This can particularly be an issue for small businesses using shared hosting, where multiple clients share the same email server and anyone’s behavior could potentially affect your ability to send.

Someone hacked your account. If someone surreptitiously gains access to your account, whether through malware or fakery, they may use your account to send unsolicited email to others. Worse, if the hackers can access your contact list, they may spam your contacts to give their messages the seeming legitimacy of coming from you.

You emailed a spam trap. This is often an issue for people who rent third-party lists, or aren’t as cautious as they should be about acquiring email leads. Spam traps or “honeypots” are email addresses set up for the express purpose of attracting spam messages – they belong to no one, and would have no reason to receive mail otherwise. Send mail to these addresses, and you will be blacklisted. (Note that our DOTS Email Validation product checks your email lists for known traps like these, and is highly recommended for validating and cleaning your email leads.)

You sound too spammy. Even if you aren’t an actual spammer, you could possibly get blacklisted for sounding like one: for example, watch out for breathless subject lines using lots of capital letters, exclamation points and spam catch phrases – here is a good style guide from email vendor Benchmark. You can also get the wrong kind of attention with spammy behaviors such as flooding a recipient’s server with large amounts of email at once.

How can I tell if we are on an email blacklist?

There are numerous online tools such as this one, where you can enter your IP address to checked against major blacklists. Your hosting provider may also offer a blacklist checking tool. Note that there are well over 100 blacklists, and some are much more critical to your email marketing than others.

This article from server support firm rackAID profiles some of the more important ones, which generally fall into one of the following areas:

  • Reputation-based lists: Lists such as SenderScore block messages from IPs based on their accumulated scored reputations for spam-based behavior, plus an evaluation of the email itself.
  • Spam trap-based lists: These include the Spamhaus Block List (SBL), Spamcop, the Barracuda anti-spam list and the Passive Spam Block List (PSBL), all of which are at least partially triggered by sending email to spam traps.
  • Behavior-based lists: The Composite Blocking List (CBL) and the Exploits Block List (XBL) from Spamhaus block IPs based on known spammer behaviors such as dictionary attacks, open proxies or hijacked IP addresses.

Annoyingly, individual organizations may blacklist you as well as a result of perceived spam activity. Usually you will get informed about this when you try to email their domain, with instructions for how to get reinstated.

OK, so how do we get off these email blacklists?

The short form answer is “it depends.” Or, more accurately, visit the website of the offending blacklist and follow their instructions for removal.

In many cases, getting removed from a blacklist is as simple as asking. In other cases, you may need to make sure that the triggering behavior stops first. And in more rare cases, such as reputation-based blacklists, you can’t directly ask to be removed, other than by improving your reputation score over time. No matter what the process is, it will, of course, be important to take care of the problems that originally put you on these blacklists.

Getting on an email blacklist can be costly, but usually not permanent, if you are acting in good faith. In most cases, if you aren’t grossly at fault, getting life back to normal should be relatively straightforward. And remember that we can help you create an email data quality strategy for staying off of these lists in the first place – our technical team is happy to consult with you anytime.