Horses, not zebras

I was first introduced to the maxim “When you hear hoofbeats, think horses not zebras” when I worked in my first molecular biology lab 20-some-odd years ago. I’m no longer a gene jockey, but I still find myself applying this to troubleshooting delivery problems for clients.
It’s not that I think all delivery problems are caused by “horses”, or that “zebras” never cause problems for email delivery. It’s more that there are some very common causes of delivery problems and it’s a more effective use of time to address those common problems before getting into the less common cases.
This was actually something that one of the mailbox provider reps said at M3AAWG in SF last month. They have no problem with personal escalations when there’s something unusual going on. But, the majority of issues can be handled through the standard channels.
What are the horses I look for with delivery problems.

  1. Technical issues. These are actually getting rarer as companies move to the designed-for-bulk MTAs like MessageSystems and Port25. But they’re still worth checking and can contribute to delivery problems. Luckily, technical issues are often the easiest to solve, and once they’re solved usually stay solved.
  2. Content issues. These are getting much more common as ISPs start looking at all the URLs and links in emails, including the landing pages.  Gmail, for instance, does almost all their filtering based on content rather than originating IP. This is not that difficult to solve, but can be harder to solve than technical issues.
  3. Address collection issues. Most delivery problems start at the point of address collection, and these can be challenging problems to solve. Not only do you have to solve the problem moving forward, you also have to decide what to do with the addresses you’ve previously collected. And the problems are only solved as long as someone knows why things are done the way they are.

 

Related Posts

Weird mail problems today? Clear your DNS cache!

A number of sources are reporting this morning that there was a problem with some domains in the .com zone yesterday. These problems caused the DNS records of these domains to become corrupted. The records are now fixed. Some of the domains, however, had long TTLs. If a recursive resolver pulled the corrupted records, it could take up to 2 days for the new records to naturally age out.
Folks can fix this by flushing their DNS cache, thus forcing the recursive resolver to pull the uncorrupted records.
EDIT: Cisco has published some more information about the problem. ‘Hijacking’ of DNS Records from Network Solutions

Read More

The death of IP based reputation

Back in the dark ages of email delivery the only thing that really mattered to get your email into the inbox was having a good IP reputation. If your IP sent good mail most of the time, then that mail got into the inbox and all was well with the world. All that mattered was that good IP reputation. Even better for the people who wanted to game the system and get their spam into the inbox, there were many ways to get around IP reputation.
Every time the ISPs and spam filtering companies would work out a way to block spam using IP addresses, spammers would figure out a way around the problem. ISPs started blocking IPs so spammers moved to open relays. Filters started blocking open relays, so spammers moved to open proxies. Filters started blocking mail open proxies so spammers created botnets. Filters started blocking botnets, so spammers started stealing IP reputation by compromising ESP and ISP user accounts.  Filters were constantly playing catchup with the next new method of getting a good IP reputation, while still sending spam.
While spammers were adapting and subverting IP based filtering a number of other things were happening. Many smart people in the email space were looking at improving authentication technology. SPF was the beginning, but problems with SPF led to Domains Keys and DKIM. Now we’re even seeing protocols (DMARC) layered on top of DKIM. Additionally, the price of data storage and processing got cheaper and data mining software got better.
The improvement in processing power, data mining and data storage made it actually feasible for ISPs and filtering companies to analyze content at standard email delivery speeds. Since all IPv4 addresses are now allocated, most companies are planning for mail services to migrate to IPv6. There are too many IPv6 IPss to rely on IP reputation for delivery decisions.
What this means is that in the modern email filtering system, IPs are only a portion of the information filters look at when making delivery decisions. Now, filters look at the overall content of the email, including images and URLs. Many filters are even following URLs to confirm the landing pages aren’t hosting malicious software, or isn’t content that’s been blocked before. Some filters are looking at DNS entries like nameservers and seeing if those nameservers are associated with bad mail. That’s even before we get to the user feedback, in the form of “this is spam” or “this is not spam” clicks, which now seem to affect both content, domain and IP reputation.
I don’t expect IP reputation to become a complete non-issue. I think it’s still valuable data for ISPs and filters to evaluate as part of the delivery decision process. That being said, IP reputation is so much less a guiding factor in good email delivery than it was 3 or 4 years ago. Just having an IP with a great reputation is not sufficient for inbox delivery. You have to have a good IP reputation and good content and good URLs.
Anyone who wants good email delivery should consider their IP reputation, but only as one piece of the delivery strategy. Focusing on a great IP reputation will not guarantee good inbox delivery. Look at the whole program, not just a small part of it.

Read More

Yahoo retiring user IDs: why you shouldn't worry

A couple weeks ago, Yahoo announced that they were retiring abandoned user IDs. This has been causing quite a bit of concern among email marketers because they’re not sure how this is going to affect email delivery. This is a valid concern, but more recent information suggests that Yahoo! isn’t actually retiring abandoned email addresses.
You have to remember, there are Yahoo! userIDs that are unconnected to email addresses. People have been able to register all sorts of Yahoo! accounts without activating an associated email account: Flickr accounts, Yahoo groups accounts, Yahoo sports accounts, Yahoo news accounts, etc,. Last week, a Yahoo spokesperson told the press that only 7% of the inactive accounts had associated email addresses.
Turning that around, 93% of the accounts currently being deactivated and returned to the user pool have never accepted an email. Those addresses will have hard bounced every time a sender tried to send mail to that address.
What about the other 7%? The other 7% will have been inactive for at least a year. That’s a year’s worth of mail that had the opportunity to hard bounce with a 550 “user unknown.”
If you’re still concerned about recycled Yahoo userIDs then take action.

Read More