Blog

Yahoogle Requirements Update

Since I wrote about it last month the requirements for bulk senders to Yahoo and Google have changed a little.

The big change is that bulk senders need to authenticate with both SPF and DKIM, rather than SPF or DKIM. Only one of those has to align with the 822 From: header.

Can you STARTTLS?

Email supports TLS (Transport Layer Security), what we used to call SSL. Unlike the web, which split it’s TLS support off into a completely different protocol – https, listening on port 443 vs http listening on port 80 – SMTP implements it inside it’s non-encrypted protocol. A mailserver advertises that it supports this by having the word “STARTTLS” in the...

Customer subdomain authentication

On Tuesday I wrote about using DNS wildcards to implement customer-specific subdomains for email authentication. As I said then, that approach isn’t perfect. You’d much prefer to have per-customer domain authentication, where each customer has their own DKIM d= and ideally their own SPF records, rather than having all customers sharing those records and relying on loose DMARC...

Wildcards and DKIM and DMARC, oh my!

If you’re an ESP with small customers you may have looked at the recent Google / Yahoo requirements around DMARC-style alignment for authentication and panicked a bit. Don’t impersonate Gmail From: headers. Gmail will begin using a DMARC quarantine enforcement policy, and impersonating Gmail From: headers might impact your email delivery.…For direct mail, the domain in the...

Deferrals at Microsoft

If you’re seeing a lot of “451 4.7.500 Server busy. Please try again later” from Office365 this morning you’re not alone. Microsoft are aware of the issue, and incident EX680695 says: Current status: We’ve identified that specific IP addresses are being unexpectedly limited by our anti-spam procedures, causing inbound external email delivery to become throttled and delayed...

When Asking a Question

A lot of beginner questions about email delivery aren’t about broad strategies for success, or technical details about authentication, or concerns about address acquisition. They’re something like: My mail to $ISP is being blocked. How do I contact someone there? Asking a question to your peers about how to deal with a concrete problem you’re having is a great thing to do...

New Requirements for Bulk Senders

UPDATE: You need to authenticate with both DKIM and SPF. Google are circulating a new set of requirements for bulk senders on their blog. So are Yahoo. It’s almost like postmasters talk to each other or something. If you dig through the links in the Gmail blog post you can find this summary of what they’ll be requiring from bulk senders by February: Set up SPF or DKIM email...

Validity Charging for Feedback Loop Emails

History Return Path was a major driver for the establishment of Feedback Loops (FBLs) back in the mid to late 2000s. They worked with a number of ISPs to help them set up FBLs and managed the signup and validation step for them. In return for providing this service to senders and receivers, they used this data as part of their certification process and their deliverability consulting. Return Path...

The trouble with CNAMEs

When you query DNS for something you ask your local DNS recursive resolver for all answers it has about a hostname of a certain type. If you’re going to a website your browser asks your resolver for all records for “google.com” of type “A”1or “AAAA”, but that’s not important right now and it will either return all the A records for google.com it has...

Unsubscribe vs Suppress

When someone sends a complaint to your compliance desk there are a range of things you want to do, but one thing you always want to do is ensure that the recipient doesn’t receive any more unwanted email from your customer. Or, at least, not from your network. There are usually several different ways you can make sure that happens. There are big hammers a compliance desk can use in...

Recent Posts

Archives

Follow Us