Blog

Port25 2017 European Summit

Port25 and Postmastery are pleased to invite you to the Port25 2017 European Summit

Don’t miss out on this yearly event for people in the world of high volume email delivery. Hear expert speakers from Port25, Postmastery and other companies cover the most topical issues and get all your questions regarding delivery, control, metrics and reputation management of high volume email answered during this informative and pleasant day.

Program

Tuesday 19 September, 2017
09:00 | light breakfast
10:00 | welcome address & sessions
12:00 | lunch
13:00 | sessions
17:00 | post-event reception

Sessions

Turning Mail Server Logs into Delivery Intelligence
Case Study: Moving from Postfix to PowerMTA
PowerMTA and PMC Engineering Report & Roadmap
Survey of Global ISPs
PowerMTA Configuration Advanced Tips and Tricks
Customer Feedback Roundtable

Venue

Kimpton De Witt Hotel Amsterdam
Nieuwezijds Voorburgwal 5
1012 RC Amsterdam

Price

€ 189 – only a limited number of seats still available

Find new ways to address your email deliverability challenges, manage your email reputation, and drive growth and engagement for your business. The 2017 Port25 European Summit presents the opportunity to learn from your peers, meet the technology leaders, and share your experiences in and around the Port25 ecosystem.

Register here

Postmastery and DeliverNow Announce Merger

Amsterdam, The Netherlands and Paris, France – May 9, 2017

Postmastery BV (“Postmastery”) and DeliverNow Inc. (“DeliverNow”), leading providers of email deliverability solutions and services, today announced the merger of the two companies. The merger is effective today, and the companies will combine business operations in the coming year. The combined company will be privately held and operate under existing brands.

Over the past years, DeliverNow and Postmastery have delivered some of the most innovative and successful email deliverability solutions and services addressing the needs of high volume email senders across the globe. These solutions and services cover the full spectrum of the email delivery lifecycle including the sending infrastructure (such as PowerMTA), email security (DMARC) and deliverability monitoring and optimisation services and tools.

“We celebrate this milestone today as we merge with our highly-regarded French peer, DeliverNow,” said Maarten Oelering, co-founder and CTO of Postmastery. “Combined under the Postmastery umbrella, we will draw on our extensive email delivery experience to push the boundaries of email deliverability innovation and remain focused on delivering outstanding technology, capabilities and service to the email industry.”

“Postmastery and DeliverNow have been working together on several projects in the past, This merger is a perfect fit since DeliverNow and Postmastery perform similar activities, but so far in different countries.” said Jerome Gays, founder of DeliverNow. “There is an incredible opportunity to upgrade and expand our combined email delivery monitoring tools and knowledge in the email delivery industry.

Combined, the companies will become the undisputed European market leader with approximately 200 customers in more than 30 countries and having monitored over 5 billion emails each month’s through their email deliverability monitoring tooling.

About Postmastery

Postmastery is helping legitimate email senders to be recognized as a sender which should be trusted and its’ emails delivered to the inbox. Postmastery is based in Amsterdam, the Netherlands. Their world-wide client base includes e-mail service providers (ESP’s), marketing agencies and other professional senders. Postmastery is global implementation partner of Port25 in providing PowerMTA licenses, integration services, local support and delivery optimization services. For more information, please visit Postmastery.com, or connect with Postmastery on Facebook, Twitter or LinkedIn.

About DeliverNow

DeliverNow is an independent deliverability company based in France since 2010. DeliverNow helps emails senders to deliver emails in the recipient’s inbox in respect of the ecosystem best practices by offering deliverability monitoring tools and services to the european email market. DeliverNow have develop DMS (Deliverability Monitoring Suite) a deliverability monitoring solution based on Splunk to help senders having a real-time view on their email deliverability performances.

More informations :

Willem Stam – Postmastery – willem@postmastery.net
Jérôme Gays – DeliverNow – jerome.gays@delivernow.eu

Office365: A reliable service for B2B Deliverability

logo-office365If you are interested in B2B deliverability, you probably know that Microsoft’s Exchange solutions have been one of the most popular among corporations for more than 10 years. However, with the emergence of Google’s professional solutions in the form of ‘Google Apps for Bussiness’, Microsoft has largely invested in cloud-based software, of which email is a keystone.

With its Office365, Microsoft enhances cloud-storage of the whole Exchange infrastructure — formerly stored in on-site servers — as well as the integration of several services such as Share Point, a cloud-version of its Office software (Word, Powerpoint, …), plus a great deal of brand-new solutions including OneNote, OneDrive and more.

Furthermore, regarding email management, it offers several advantages to system administrators, for instance; infrastructure is ready-to-work in a matter of minutes, upgrades are started automatically, anti-spam protection is shared, licences are on a per user basis, and so on.

French enterprises are moving fastly towards deploying this solution.

Thanks to the thousands of SMPT log lines collected by DeliverNow on a daily basis, we are capable of analyzing the scope of Office365’s deployment compared to the classic Exchange version or to other cloud-based solutions.

Currently, we witness the transition of several corporations towards the implementation of this solution, such is the CAC40 and some others including;

  • tf1.fr
  • bfmtv.fr
  • eiffage.com
  • vinci-energies.com
  • fr.nestle.com
  • legrand.fr
  • rexel.fr

This should be regarded with particular interest by organizations targeting enterprises through marketing campaigns. We are moving from a B2B delveralbiity — widely deployed thanks to its large variety of settings and solutions — to paying special attention to some major professionals.

If you would like to know if a domain is Office365-protected, you can easily run a test reading the DNS records — for instance; tf1.fr:

> dig MX tf1.fr +short
5 tf1-fr.mail.protection.outlook.com.

What are Office365 antispam strategies?

Each email address hosted by Office365 enjoys by default an inbound-and-outbound anti-spam protection. Most administrators deploy the standard settings of this solution, despite the possibility of performing customized settings for its own enterprise.

Regarding anti-spam protection, Office365 relies mostly on connection filters using databases from reputation data as well as from email content analysis. Content analysis verifies the different features of messages to check if they are spam-alike.

New features: Possibility of removal from Office365’s blacklist.

If sent emails are being rejected on the sending IP-address, it is likely that your IP has been blocked by Office365. It’s been a short time since it is possible to use a specific form to attempt the removal of your IP address from a blacklist. Such process implies entering your IP address as well as your email address onto a form. You will then receive a secured link to request the removal of your address from the blacklist.

The form: https://sender.office.com/

screenshot-office365-delist

Deliverability Monitoring.

To ensure the ultimate performance of your deliverability, it is highly relevant to implement the proper tools. These will allow you to promptly reply to any of the many random deliverability issues you might come across, as well as to resolve fastly any upcoming problem without taking any longer.

With this as a background, DeliverNow has created DMS (Deliverability Monitoring Suite), which enhances a large variety of tools designed to promptly alert you about even the minor issue.

As always, our team of experts is ready to listen to you if you want to learn more about this suite. Feel free to contact us.

Gmail’s wide deployment of TLS

When talking about authentication and encryption technologies —such are SPF, DKIM, DMARC—, Gmail has always been at the cutting edge of the topic. After having implemented Google Postmaster (read our related article), it is therefore possible to monitor the percentage of Google’s outgoing and incoming emails TLS encrypted or not.

Announced by Google last week, this topic concerns directly TLS. Let’s not forget that TLS (Transport Layer Security) is the successor of SSL (Secure Sockets Layer). TLS ensures the veracity, confidentiality and content integrity of all the exchanged data through the network. When 2-email servers communicate between them through this protocol, it becomes possible to exploit this technology to get safer email exchanges.

Visual aids for users.

Gmail deploys TLS as of several years from now. However, the huge change comes from the fact that Google highlights the lack of this technologies. Indeed, when incoming emails get into Google’s webmail without being authenticated by TLS, these emails are red-chained displayed to the user.

cadenas

In the same way, if a user is trying to send an email to a non-TLS domain, he will then be alerted by the same visual displays.

Adopting TLS as the encryption process.

Through these enhancements, Google manifests its will to boost TLS deployment for all email exchanges. Visual aids should encourage advertisers — who are not yet encrypting their emails — to do so by fear of thrust decrease on customer and prospects.

Keep on highlighting SPF and DKIM authentication procedures.

The other big enhancement implemented by Google is the modification of the sender’s icon when experimenting email-authentication issues (using SPF and DKIM). On the other hand, given the stringent policy applied by Gmail regarding authentication matters, it is quite rare to bump into this icon with a question mark, since emails who fail authentication end up quickly in the spam folder.

auth

DeliverNow migrating all clients to TLS.

Having acknowledged these measures, DeliverNow started as of several weeks ago the migration to TLS of all its PowerMTA clients in order to render their emails completely TLS-friendly. Feel free to contact us if you want some hand-in-hand advice regarding this topic.

Email domain voila.fr shutdowns

VoilaVoila.fr, the website created in 1998, which was once the 2nd largest search engine in use in France, just behind Yahoo!, has announced as of several weeks ago from now, the shutdown of its webmail as well as the utter suppression of all emails addresses in its domain.

The shutdown will come into effect as of January the 12th 2016: see the website about this (in French).

What to do if a voila.fr email address is found in your databases?

Even though voila.fr is part of Orange, email addresses in this webmail will not be automatically transferred to the latter. It is therefore impossible to run an automatized transfer of all email addresses towards a different domain.

The only possible action to be deployed is to contact all of your voila.fr-contacts requesting to for an update of their email addresses. When sending this email, it is important to split customers into 2 categories: the active ones and the prospect/inactive ones. It is likely that the massage aiming to redirect them to a email-update box must be edited accordingly in order to maximize impact and efficiency.

As of January 2016, all voila.fr addresses are to be disabled from your sending databases since they will be no longer active. Otherwise, you risk low-deliverability rates as well as high rates of invalid addresses.

DMARC: 3 years and a half from now. What much has been done?

DMARC-2015-logo-small-202x110It has been almost 4 years since the DMARC procedures were first launched, as well as our first publication of an article regarding this topic. As a reminder, DMARC is a Spoofing-fighting validation system. It relies on technologies such as SPF and DKIM, empowering email senders to provide receivers servers with the procedures of what actions are to be deployed if authentication has not been achieved. DMARC allows the original sender to remain updated about any failure occurring during the SPF and DKIM authentication mechanisms.

If you want to know the technical details about the DMARC mechanism, please read our article dating back to 2012.

DMARC deployed by ISPs.

Before talking about advertisers’ techniques, we will aim to explain how do ISPs and Webmails operate. This can be split into 2 major problematics.

On one hand, we find DMARC deployment on ISPs and Webmails outgoing emails. In April 2014, Yahoo! published the DMARC ‘Reject Policy’ (p=reject), through which it will reject any mail from @yahoo.com if it came from a non-authored SMTP server.

This was a rather harsh measure, specially if we consider that plenty of yahoo.com users used to send emails from other email servers such as Outlook or Thunderbird, using their ISP’s SMTP connectors. In the same manner, the great deal of minor advertisers sending their newsletters through a routing platform, were no longer enabled to use a @yahoo.com.-address. A few days later, AOL and many others continued to follow this path.

Here below a brief analyze of the most representative domains in France:

  • Gmail.com – v=DMARC1; p=none; rua=mailto:mailauth-reports@google.com – No reject policy, however it implements an error monitoring strategy.
  • Hotmail.com – v=DMARC1; p=none; pct=100; rua=mailto:d@rua.agari.com; ruf=mailto:d@ruf.agari.com; fo=1 – No reject policy, however it implements an error monitoring strategy.
  • Orange.fr – No DMARC records.
  • Sfr.fr – No DMARC records.
  • Free.fr – No DMARC records.
  • LaPoste.net – v=DMARC1; p=quarantine; rua=mailto:dmarc.agg@laposte.net,mailto:dmarc_agg@auth.returnpath.net; ruf=mailto:dmarc.afrf@laposte.net,mailto:dmarc_afrf@auth.returnpath.net; rf=afrf; – Error quarantine and monitoring.

The hard works comes when it comes to determine DMARC management. For instance, it comes to evidence to think that the PayPal domain would request for a reject policy. However it would be also necessary that ISPs and Webmails receiving scam emails duly comply to PayPal procedures, leading to a final rejection of these emails.

Here below a list of what we currently know about the beforesaid ISPs:

  • Gmail : Emails are properly filtered according to the DMARC machanisms.
  • Hotmail/Outlook.com : Emails are properly filtered according to DMARC machanisms.
  • Orange : No actions are deployed.
  • SFR : No actions are deployed.
  • Free : No actions are deployed.
  • LaPoste.net : No actions are deployed.

According to this, it comes to evidence that the French market has been quite neglected — it is impossible to claim that the major open-public sending servers have the cutting-edge technologies. Work has not been relevant, other that the actions deployed at LaPoste.net.

DMARC, universally accepted by advertisers?

Among the enterprises deploying DMARC mechanisms we may find Bank of America, JPMorganChase, PayPal, LinkedIn and Facebook, the social medias and finances big boys who are often victims of Spoofing and Phishing.

So, what about France? Are public institutions operating properly? (who had never received an email signed on behalf of the CAF or the Tax Department offering money refunds). Have the major financial institutions taken actions to improve risk-management measures?

To sum up, here below a list of the institutions put under the spotlight:

  • Crédit Agricole – No DMARC record.
  • Ameli.fr – No DMARC record.
  • CAF.fr – No DMARC record.
  • Impots.gouv.fr – No DMARC record (nor on the gouv.fr domain).
  • Caisse-epargne.fr : No DMARC record.
  • Societegenerale.fr – DMARC record in ‘none’ policy.
  • bnpparibas.com – No DMARC record.

We analyzed a great deal of domain names, however, it was sadly within the public institutions or within the banking-insurance arena that we found few domains protected.

With this in mind, the one possible question is if these major institutions — which are easy-target for phishing — are aware of their vulnerable situation? On the other hand, ISPs are also highly vulnerable to phishing. However, being aware of this condition, very little has been done to implement DMARC mechanisms.

DMARC implementation is a rather simple though. If the deployment of quarantines and reject policies might seem quite scary, it is not always the first step to start with. Most enterprises implement firstly a ‘none’ policy in order to enable alert monitoring, and it is only after a several-week analyze that the good policy is finally set up.

DeliverNow has implemented a DMARC-based email monitoring suiteIn such way, error reports sent by providers are analyzed and rendered available on our deliverability dashboards. Hence, we receive data from IP addresses that are not authorized to send emails using our customer’s domain name. We are empowered thus to detect any upcoming authentication issue on legitimate emails. An alert system enhances real-time pop-up alerts of any relevant problem.

Few of the latest DMARC updates:

Within the framework of the 35th M³AAWG General Meeting, we were informed about the new DMARC mechanisms deployed by some operators including:

  • As of early November, Yahoo! will first start to extend its reject policy to the ymail.com and rocketmail.com, domains, before doing so to some other domains in the upcoming months.
  • Google has announced the implementation of a more stringent policy in order to protect its domains. Gmail should move towards a reject policy as of June 2016.

Here below an example of the DMARC procedure deployed by DeliverNow’s deliverability monitoring suite.

dms-dmarc

Brand-new email marketing software comparative study

email-marketing-softwareWith no less than 111 solutions being analyzed, this comparative study is one of the most representative, compiled works ever performed on this subject. Bruno Forence— along with the other authors of this study, including Jordie van Rijn, Gabriele Braun et Torsten Schwarz— have identified over 350  criteria. The outcome is a 330-pages guide on how to choose an emailing solution.

Guiding you through this choice, but according to which criteria?

In order to define each differentiate of every single solution analyzed on this paper, the authors of this study have decided to divide this analysis into 19 different categories. For instance, this include professional services, pricing, customer-and-market specialized solution criteria, database management, selection and segmentation, content and customization management, among others.

One interesting part of this study sheds light on the data integration and other more frequent plug-ins. With little surprise, Magento has a leading presence, with 50% of its solutions offering integration combined with eBussines solutions. The 2nd in the list is Salesforce, counting up to 47% of the integration field.

In a different domain, the study reveals that 22% of the solutions offer a Freemium mode (free-access solution with limited features) and that 39% of these is in charge of the sender’s time table management during delivery.

Technically speaking, 99% of the solutions are available in a SaaS mode, however 28% of these offer systematically an on-premise mode.

Within this, which is the role of deliverability?

Last but not least, deliverability makes its way through this emailing-solution study. Within each solution, you are able to verify whether they provide deliverability consultancy or not, as well as the actual number of people included in their deliverability teams.

Out of this study, here below we sum up a few insights about deliverability from ESPs:

  • ESPs employ about 2.7 deliverability representatives.
  • The number of people deployed by ESPs into  deliverability fields does not exceed 6.
  • ESPs DMARC processing rate is only 78%.

On the other hand, if we put together the full amount of deliverability experts of the 111 ESPspresented in the here-mentioned study, this number will rise up to 301. Considering that these routers are a representative fraction of the most relevant routers worldwide, we realize that deliverability experts are a rare asset. This is why having a high-performance deliverability monitoring tool remains quite important.

Want to learn more about this study? Visit the Email Vendor Selection website.

Gmail – Feedback Loop and postmaster: Settings and step-by-step tutorial

As of several years, Google Gmail’s Webmail has nailed its place as the leader in innovation. This big boy from Mountain View highlighted from the others by providing high-quality spam processing, as well as by developing a successive line of innovations in terms of ergonomics, including labels, email-organization through tabs, interface-built-in unsubscribing button, etc.

However, deliverability professionals and advertisers have experienced poor long-lasting tools, especially when compared to other Webmails, and specifically compared to Microsoft’s Hotmail. Lack of Feedback loops and lack of data from reputation, among others, have been the standard up until a little more than a year from now, when this situation changed dramatically.

Gmail’s Feedback loop, which has been tested as of late 2013 by certain ESPs and announced to be launched – still at a beta level and upon prior invitation- during the MAAWG held in February 2014, has been opened as of several weeks from now to all advertisers through its brand new ‘Postmaster’ site.

As many other similar platforms of the kind, postmaster.google.com offers email senders the possibility of receiving sending-related technical data as well as data from reputation. Within this article, we will guide you step by step to set up and become familiar with these new tools.

Background: SPF, DKIM and ReverseDNS.

It is important to remember that properly setting up your email at the authentication stage is highly relevant for you, and not only for the Google Postmatser tool. It is an imperative step, otherwise your email steam risks not to be taken into account by Google when generating data available in the postmaster. The aforesaid can be understood as:

  • You own a valid SPF record referencing all your email-sending IPs.
  • Your emails have been duly DKIM-signed with a given domain name under your management (access to DNS server).
  • Your IPs hold a valid ReverseDNS (PTR record) using— in priority— a domain name attached to a DKIM signature.

Adding a domain name to the Postmaster’s interface.

In order to add a domain name, it will be necessary to login to postmaster.google.com and click on the ‘+’ bottom-right on the screen: the pop-up screen will now display:

image001

Enter the domain name to be set, and then click next. On the following screen Google will ask you to prove that you own the domain by adding a DNS TXT or a DNS record.

image002

The update of specific DNS servers may require up to 24 hours. It is possible that you are required to await before being able to click on the ‘Verify’ button — it is of course possible to switch windows and going back to it later on—.

If you use several subdomains for each one of your different e-marketing campaigns, you will entitled to embed every single one of them, as well as the main domain name. This will empower you on one hand to monitor the performance of your domain names, and on the other, to have an overall view of the main domain.

Important: The here mentioned TXT embedding operations on your DNS have to be repeated for each Google user willing to access this data. If several users require access and that you run several subdomains, the creation of a new Google account reserved to your colleagues is likely to be the better solution.

Setting your emails in order to supply the Feedback loop.

The set up of your Google’s Feedback loop is done separately from the Postmaster interface. Data upload is done through the email header.

The Feedback-ID: line should be embedded in the email header. This Feedback-id is composed of 3 changing fields separated by the character ‘:’, as well as of a SenderId, which shall remain consistent across your email sending activity. The SenderId should count between 5 and 15 characters.

See the example here below:
Feedback-ID : VarA:VarB:VarC:MyBrand

Feedback-changing fields may be used to reference your mail stream into the following categories:

  • Marketing campaign name.
  • Mail type (newsletter, update, operational).
  • Database segmentation.
  • Other.

Within the Postmaster interface, you will be empowered to follow-up the complaint rate per field when one of this displays an unusual rate.

Here below a brief list of examples used by well-known advertisers:

  • LinkedIn – Feedback-ID: accept_invite_04:linkedin
  • Twitter – Feedback-ID: 0040162518f58f41d1f0:15491f3b2ee48656f8e7fb2fac:none:twitterESP
  • Amazon.com : Feedback-ID: 1.eu-west-1.kjoQSiqb8G+7lWWiDVsxjM2m0ynYd4I6yEFlfoox6aY=:AmazonSES

Important: Google does not aim to provide identification of whoever is reporting your campaigns, but to enhance you with an indicator useful to detect untruthfully campaigns, programs, etc.
However, if you attempt to identify the source of your complaints from the Feedback-Id, Google may simply cut you off from its data stream.

Google is against spammers.

Before discussing any further about the many features available in the Postmaster interface, it is important to point out that Google’s aim is not to help spammers. All data offered in this platform is only available to good-reputation senders respectful of Gmail’s rightful guidelines https://support.google.com/mail/answer/81126.

Different dashboards available.

Spam rate.

It is one of the most relevant indicators offered by Google’s Postmmaster tool. You will be empowered to follow up completely the spam-rate percentage per domain name or subdomains on a daily basis.

image003

IPs reputation.

Gmail categorizes the reputation of IPs into 4 different levels: Bad, Low, Medium et High.

image005

By clicking on the colored area on the graph—for instance: the orange field ‘Medium’ on August 31st— You will see a pop-up list containing all IPS at this reputation level.

Domain reputation.

Just as for the reputation of IPs, domains fall as well into 4 different categories: Bad, Low, Medium and High.

image007

Feedback Loop.

If you have properly set up your Feedback-Ids, you should be able to see data on this dashboard. It is important to remember that the main goal is to segment the many different email programs in order to easily identify your email marketing complaint sources. For instance, by using an ID of the acquisition source for your addresses, you will be empowered to verify in no time your acquisition partners who are generating full amounts of spam.

Authentication.

This graph represents the percentage of emails validating the many different authentication technologies:

  • SPF: Percentage of emails having validated the SPF on the domain itself according to the overall email stream sent for this domain.
  • DKIM: Percentage of emails having validated the DKIM on the domain itself according to the overall email stream sent for this domain, carrying a DKIM signature.
  • DMARC: Percentage of emails having implemented the DMARC procedure according to the emails having validated both SPF and DKIM on the domain.

image009

Encryption.

It represents the percentage of incoming and outgoing emails running a TLS encrypted protocol.

image011

Delivery errors.

This graph shows the percentage of the traffic having being rejected— temporarily or for good— at the threshold of Gmail’s SMPT servers. This dashboard is highly important especially at the stage of warm-up, or when you are reached by a technical failure.

image013

 

Yahoo!’s feedback loop transition due on June the 29th

yahoo-emailLast Tuesday, Yahoo! announced all of its feedback loop’s users the upcoming change of its infrastructure (June 29). As of 2009, such infrastructure was handled by Return Path, and it will be from now on managed directly by Yahoo!

In the email, Yahoo! offers its feedback loop’s users to back-up the existing data saved in the Return Path’s platform, including set up domains, selectors, feedback addresses and confirmation addresses.

The service shall remain working as usual, and if you are currently receiving spam complaints from Yahoo!, it is likely that you will keep on receiving them in the same format and to the same addresses.

Nonetheless, we consider that there is one question that has not been yet answered: Will Yahoo! keep on operating by Return Path’s certification program? DeliverNow will keep you updated on the topic the sooner we get further information.

More information on Yahoo!s Feedback loop available at postmaster.yahoo.com

Deliverability Alert: Orange implements Spam-report based Dynamic Filtering.

logo-orangeAs SFR did a few weeks ago, it seems that Orange follows the same path towards implementing an email dynamic filtering based on the volume of the generated complaints. This feature is indeed managed by VadeRetro, the anti Spam solution deployed by the main ISP’s and French Webmails, including Orange, SFR, Free and laposte.net.

Thanks to VadeRetro technologies, French ISP’s are adopting— just like the world’s well-known Webmails— a Spam filter based on sender’s reputation, hence aiming to protect their email infrastructure.

With this in mind, Orange implemented this feature as of yesterday, and it seems that several email senders are involved. It is important to remember that the complaint-rate volume is significantly relevant when filtering emails from either a specific IP address, a sender’s domain name, (FROM field), or a particular campaign.

The aforesaid is quite relevant if we consider that nowadays, ISP’s are fully capable of identifying a complaint-generating campaign from receivers, regardless of the ongoing routing platform.

Therefore, it is useless to reconvey filtered email traffic towards another router: the latter will be automatically identified and filtered alike.

Today, besides Orange and SFR, this feature has been also deployed by Laposte.net.