ISP Panel: What We Learned About Sender Reputation, Spam and the Impact of Apple’s MPPNathalia Velez Ryan
Email deliverability should be a high priority for any sender. After all, you can’t achieve your email program goals if your emails never reach recipients’ inboxes.
In a recent Twilio SendGrid webinar, we caught up with a panel of inbox service providers (ISPs) to talk about the latest trends and best practices in email deliverability. The panel included:
- Annalivia Ford – Email, Anti-Spam, and Deliverability at Spamhaus
- Marcel Becker – Senior Director, Product Management at Yahoo!
- Jaren Angerbauer – Manager, Postmaster and Deliverability at Proofpoint
The panelists answered all our questions about sender reputation, current spam tactics, Apple’s Mail Privacy Protection (MPP), and more. This post rounds up their top tips for email senders, plus our deliverability experts’ answers to attendee questions about their email programs.
1. Focus on your sender reputation
According to Angerbauer, the most important signals cybersecurity providers like Proofpoint look at when deciding where to place an email are:
- Sending IP reputation
- Domain familiarity or web presence
So how long does it take to build a good reputation for a new domain, and what signals affect reputation? Becker tells us that it all boils down to a simple maxim: send emails users want.
If enough users tell ISPs they don’t want your emails—by marking them as spam, for example—it signals to providers that you don’t follow best practices. This could lead ISPs to filter your emails to the spam folder.
Not sure what your current sender reputation is? Try these 5 reputation tools to check, and follow these sender best practices to protect your account and sender reputation.
2. Follow unsubscribe best practices
Nobody wants to lose subscribers. But it’s better to lose a few uninterested recipients than to get flagged as spam for not respecting their desire to be unsubscribed.
Angerbauer recommends following email unsubscribe best practices, such as including an unsubscribe link in all automated marketing messages and immediately honoring unsubscribe requests.
This can be trickier for personal sales emails, but Angerbauer assures that Proofpoint doesn’t want to block legitimate sales campaigns. Angerbauer suggests that if a sales lead asks you to stop emailing them, do so right away to avoid them flagging your email as spam.
3. Ended up on a Spamhaus blocklist? Do your reputation homework
Even if you think you’re following all the best practices, you may still end up in the spam folder at some point. If you landed on a Domain Name System-based blocklist (DNSBL), commonly known as a blocklist, Ford shared a few tips for how to get removed.
First, if you’re on the exploits blocklist, a database of IP addresses of computers infected by malware or bots, the solution is straightforward: remove the malware or bot infestation and notify Spamhaus.
However, if you’re on the reputation-based domain blocklist, it’ll take more work to get removed. Consider these questions before you ask Spamhaus to remove you:
- Is your WHOIS anonymous? WHOIS is the widely used internet record listing of who owns a domain and how to reach the owner. Legitimate companies have no reason to use an anonymous WHOIS.
- Are you using low-rent hosting? You may be surrounding yourself with blocklisted domains, which can hurt your reputation.
- Have you carefully built your domain’s reputation over time and followed best practices? New domains have no reputation by default, and it takes time to build it.
- Is your authentication set up correctly? Read up on how to authenticate your emails.
- Have you already reviewed data collection and list hygiene practices with your customers?
- Did you buy an email list? Buying recipient lists is an industry no-no and a quick way to end up on a blocklist.
Once you’ve identified the potential reason for your blocked domain, you can resolve the issue and contact Spamhaus to ask for removal from the blocklist.
4. Avoid falling for new spam tactics
Ford shared some of the most common spam tactics Spamhaus has seen lately and how to avoid them.
There’s been a surge in spam coming from residential proxy networks due to people connecting their personal devices, which were already compromised, to work virtual private networks. Keep your devices safe by avoiding third-party apps that could have something buried deep in the end-user license agreement about sharing your connection.
As a general rule, Ford says, avoid anything that sounds too good to be true, such as free streaming and channel unlocking. If an app isn’t in an official app store, like Google Play Store or the Apple App Store, there’s a reason. Also, be careful of what you install in smart devices, like doorbells, remotes, etc.
5. Track negative signals and clicks to determine user engagement
Apple’s MPP launched in September 2021, and email marketers have been keeping track of its impact on email metrics since.
For Apple device users, they can choose to enable MPP and hide their IP address. However, for email senders, one of the implications of MPP is that it can create false opens, making engagement data, like open rates, unreliable for marketers.
In light of this, Becker recommends looking at negative signals like feedback loops and Simple Mail Transfer Protocol error messages to identify any deliverability issues. Becker also suggests that senders look at click rates, which aren’t affected by privacy policies, to track email engagement.
Read more about MPP and its impact on email, and learn how to use Twilio SendGrid’s Apple Open Indicator to identify MPP opens.
6. Implement BIMI for your brand
Brand Indicators for Message Identification (BIMI) is a standard that attaches your brand’s logo to your authenticated email messages—Google, Yahoo!, Fastmail, Mailchimp, Proofpoint, Twilio SendGrid, Validity, and Valimail all currently support it. Becker encourages brands to adopt BIMI to leverage recipients’ reliance on visual signals to decide which emails to open.
Also, according to Becker, brands send 96% of the emails Yahoo! sees in users’ inboxes. Studies show that the way we decide which email to open is by parsing out the visual information, and the largest visual element is the avatar. This is helpful when you’re communicating with people and can easily determine who the message is from by the sender’s photo. But brands didn’t have that avatar photo to rely on, so a group of ISPs came together to create BIMI, a trustworthy source that allows brands to control the logo displayed with the messages.
Learn more about BIMI, how it works, how it can increase trust in your brand, and how it can even protect you against phishers and spoofers trying to impersonate your brand.
Still have questions? So did our webinar attendees. Read on to see what Twilio SendGrid’s Deliverability experts have to say about nonhuman interactions (NHIs), email verification, hard bounces, and more.
- How do you recommend senders filter out bot/spam filter clicks from business-to-business (B2B) or security vendors?
How to identify NHIs:
- Check if there are contacts who opened all the emails delivered to them.
- Check if there are contacts who clicked all the links in the emails.
- See if there were suspiciously short intervals (a few seconds) between email clicks.
- Monitor the time logs recorded by the system. If the recipients read the emails within seconds after you sent them, this could indicate bot activity.
- Identify domains (small domains/B2B) known to be hosted by third-party filtering programs/pipelines, such as Proofpoint, Barracuda, Mimecast, etc.
- See if click rates (e.g., clicks per email, clicks per domain, clicks per campaign) are extremely high compared to campaign averages. If so, NHIs might be impacting metrics.
How to minimize NHIs/bot clicks:
- Use HTTPS exclusively for all links. Emails with a mix of secure and nonsecure tracking links appear disproportionately targeted. This mixed link usage—e.g., a nonsecure HTTP link directing to an advertiser from a HTTPS tracking link—seems to trigger the most unwanted behavior.
- Distinguish between and maintain separate campaigns for confirmed engaged and unengaged recipients, especially when inbox placement at certain domains is an issue.
- Monitor the content quality—not only at the link level but also image-to-text ratio and other factors. Aggressive email marketing tactics (e.g., using emoticons in subject lines, using large catch words, and the like) tend to lead to higher amounts of NHI.
- Maintain your sender reputation, which plays a significant role in the number of NHI clicks. Senders with highly engaged recipients see considerably fewer NHI clicks.
Email verification and hard bounces
- My company doesn’t currently have email verification for our lead forms, and one of our autoresponder emails has a 4% hard bounce rate. Is 4% high for hard bounces? Will it cause negative inbox placements?
High hard bounce rates are a negative metric that can impact your sender reputation. In general, we advise senders to aim for a hard bounce rate lower than 0.5%.
If your email program sees higher hard bounce rates, the first step is to attempt to understand why this is happening. Are you forcing opt-in as a part of the purchase process? Are you offering a discount for opt-in? After you address any problematic areas in your email sign-up process, the next step is to implement email validation to help reduce hard bounce rates. Learn more about Twilio SendGrid’s validation tool.
- From an ISP perspective, how should I handle hard bounces? Should I delete the email addresses immediately?
If you send an email and receive a hard bounce response code, the ISP is letting you know that this isn’t a valid email address, and you shouldn’t attempt delivery again. If you continue to attempt to send to an email address that previously hard bounced, it can have a negative impact on your reputation with that ISP. It’s best to remove the email address from your list.
- How do you set up BIMI?
There are several steps to set up BIMI. First, you’ll need to properly set up Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting & Conformance (DMARC). With your DMARC record, you’ll need to have a policy of “quarantine” or “reject” defined. You’ll also need to create and publish a Scalable Vector Graphic (SVG) Tiny 1.2 logomark. Finally, you’ll need to create a BIMI record and add it to your Domain Name System records. Read up on the additional steps needed for BIMI to work in Gmail.
Key email metrics
- What are the key negative signals to focus on since open rates are unreliable?
Unique open rates can still be a valuable metric. With the “machine_open” data passed through via the webhook, we can learn a lot from your “conventional opens.” That said, we recommend that all senders focus more on negative metrics.
Spam complaints are the most important negative metric, and anything over 0.08% is considered a high complaint rate. We also advise keeping an eye on hard bounces and any reputation-related soft bounces/blocks that you see.
- For Gmail accounts, we don’t get much back in terms of spam complaints in the webhooks. Why is that? Do you have any additional data we can get back to know which users have marked emails as spam so that we can unsubscribe them?
Gmail doesn’t utilize a traditional feedback loop like Yahoo! or Microsoft. As a result, you won’t receive spam complaints and will need to review other key metrics to determine how well or how poorly recipients receive your email. We typically recommend that senders sign up for Gmail Postmaster Tools and Microsoft Smart Network Data Services. These services provide insight into several crucial components of deliverability, such as domain and IP reputation as well as spam complaint data.
Improve your campaigns with Twilio SendGrid’s Deliverability and Messaging Insights
Deliverability is crucial to the health of your email program, and the best way to understand your performance is through data. Learn about Twilio SendGrid’s Deliverability and Messaging Insights and how you can use these tools to improve your email performance.