Marketers Guide to getting better delivery to the Outlook inbox

Launched in 1996 as Hotmail, Microsoft’s email service was one of the first web based email services. In fact, the name original name Hotmail is a play on HTML, or HoTMaiL.

In 2013, Microsoft rebranded its service as Outlook.com to align with its desktop offering, Microsoft Outlook. Currently Outlook.com has over 400 million active users and is available in more than 106 languages, making it one of the leading global mailbox providers.

In this post, we will walk through Outlook.com’s spam filtering systems, features, support tools, and whitelisting services.

 Spam Filtering

Exchange Online Protection

Exchange Online Protection (EOP) is a cloud based filtering system that protects Outlook.com users against spam and malware.

Microsoft is currently in the process of merging EOP and SmartScreen filters to increase the accuracy of their filtering.

SmartScreen

Outlook.com utilizes Microsoft’s patented SmartScreen spam filtering technology. This technology uses a machine learning approach to help protect users’ inboxes from junk email. SmartScreen technology learns from known spam and phishing threats, as well as from Outlook.com’s customers who have chosen to participate in the Sender Reputation Data network.

Sender Reputation Data

Like many mailbox providers, Outlook.com factors volume, spam complaints, and spam traps into their filtering.

However, the company also relies heavily on their Sender Reputation Data (SRD) network for their filtering decisions.

Microsoft refers to their SRD program as the Spam Fighters Program. Along with other sources of reputation data—such as the Junk eMail Reporting Program (JMRP)—SRD helps to train and improve the way their filtering classifies messages based on email content and sender reputation.

The goal of the SRD program is to derive a better picture of a sender’s reputation by using feedback from trusted voters.

Participants in the SRD program are selected from active Outlook.com users at random from over 200 countries and no one can volunteer for the program.

To get feedback, Microsoft resends copies of emails that members of their SRD panel received in the past 24 hours.

 The message comes from Microsoft Spam Fighters and the sender’s original subject line is appended with “[Microsoft Spam Fighters] Junk or Not?”. In the SRD email body, subscribers vote on whether they think the email is junk or not junk. A junk vote is negative feedback and a not junk vote is positive.

SRD feedback is more reliable than feedback derived from complaints, because while senders can lower their overall complaint rate by sending more volume, they cannot artificially lower SRD rates.

 Postmaster Services

Smart Network Data Services (SNDS)

SNDS is a free service that provides aggregate data on email volume, subscriber complaints, spam traps, and more.

SNDS uses a colour coded system which indicates trustworthiness:

• Green indicates a positive sending reputation, and higher inbox placement rates to Outlook.com are likely.

• Yellow signals reputation issues starting to surface, and a mix of inbox and junk folder placement is likely.

• Red means that there are serious underlying reputation issues, which are causing most, if not all, emails sent to land in the junk folder.

Result Example Verdict percentage

Green Spam < 10%

Yellow 10% < spam < 90%

Red Spam > 90%

Junk Mail Reporting Program (JMRP)

Outlook.com offers their Junk eMail Reporting Program (JMRP) as a free feedback loop service to anyone who wants to sign up. JMRP reports are generated as the result of spam complaints originating from Outlook.com users only, and does not include SRD participants.

The headers of the received complaint will also indicate if the subscriber marked it as junk or phishing. Emails marked as phishing indicate that the sending identity wasn’t known, or perhaps something in the content looked suspicious.

Support

Outlook.com offers self-help and escalation paths for senders having deliverability issues. Senders are asked to ensure they are following all best practices on the Outlook.com troubleshooting page.

 If senders are certain they are following best practices, they can enter a ticket to the postmaster team.

 Email Infrastructure

Outlook.com asks that senders’ mail infrastructure comply with the following:

• SPF: Outlook.com asks all senders to publish an SPF record for the return-path.

• DKIM: Outlook.com also conducts Domain Keys Identified Mail (DKIM) checks on inbound email.

• DMARC: Outlook.com recommends senders publish a DMARC record to reject or quarantine mail sent from illegitimate senders.

Partners

Outlook.com does not currently have any partners.

 Whitelists and Prioritized Delivery

Outlook.com does not maintain an internal proprietary whitelist. They do however participate in Return Path’s Certification Program.

 Return Path Certification provides preferential treatment to accredited senders, allowing them to bypass certain filters to reach the inbox. Those accepted into the Certification program are required to maintain the standards set by Return Path and its participating partners.

 User Interface

The Outlook.com interface makes it easy to sort through personal mail, social notifications, graymail, and more.

Message Features

Scheduled clean-up

Scheduled clean-up allows users to set rules to automatically delete old emails and only keep the latest from a sender.

For most senders, this isn’t an issue. But for senders that send multiple times a day, a different from: addresses for each mail stream may be needed.

Categorization

Outlook.com’s categorization can be used as Quick Views for users, which is a similar concept to Gmail’s tabbed inbox.

Archive

Outlook.com’s archive feature moves all messages to the Archive folder keeping the main inbox clutter free.

Delete all from

The “delete all from” functionality allows users to easily delete all email from a sender based on the from: address.

This is good news for any business that has had to deal with Outlook.com users using the “Report Junk” button in the past.

Focused Inbox

Outlook.com’s new feature separates the emails receive into two inboxes. Emails users frequently interact with arrives in the “focused inbox” with the rest delivered to the “other inbox.”

Unsubscribe Methods

Like Gmail, Outlook.com also takes advantage of the List-Unsubscribe header. There are two ways subscribers access the ListUnsubscribe functionality: through the “too many newsletters” footer or the “sweep” feature.

Too many newsletters? Unsubscribe.

As shown below, Outlook.com displays the “Too many newsletters?” verbiage under the email.

It is important to note that this verbiage is not part of the email. Rather, it’s part of Outlook.com’s user interface. When the hyperlink is clicked, the following popup will be displayed if a List-Unsubscribe header is present.

If the List-Unsubscribe header is not included, the following popup will be displayed:

Sweep unsubscribe

Using Outlook.com’s Sweep feature, users can select one of several actions for a given email, including unsubscribe.

If you want to send emails that pass all the tests required to get more emails delivered to the inbox not the spam box look at our flagship autoresponder, InboxingPro

Send unlimited emails, upload unlimited subscribers and create unlimited campaigns with a lifetime license with no monthly fees

don’t forget to check out the backrest pillow for bed to sleep like a baby and work like a beast the newt day.

Please click here to get the details

Marketers Guide to getting better delivery to the gmail inbox

Thanks to better ways of filtering and blocking spam, inboxes are nearly free of unwanted mail—but not without a price.

On average, 20 percent of global permission based email never reaches its intended destination—your customers’ inboxes.

While it would be great if there was a single algorithm that all the mailbox providers used, that simply isn’t the case. Gmail, Outlook.com, and Yahoo Mail have each developed unique spam filtering formulas to deliver the email their users want and protect them from malicious messages.

In this guide, we’ll clear up misunderstandings about the different rules of deliverability, and help senders understand what it takes to reach the gmail inbox.

Gmail

Google’s free email service, Gmail, launched in 2004 and in just 13 years has become the world’s largest webmail service provider. Currently, Gmail has over a billion active users.

As the top webmail provider, understanding how to reach Gmail inboxes is crucial for senders.

However, the requirements for reaching Gmail inboxes are a closely guarded secret. Unlike many of its large competitors, Gmail doesn’t utilize whitelists, disclose use of public blacklists, or provide a lot of direction, tools, or support for senders.

In this post, we will talk about Gmail’s known spam filtering practices, their recommendations for email infrastructure, and their postmaster services.

 We will also provide some recommendations to help senders navigate the path to the Gmail inbox.

Gmail primarily uses its community of users to determine whether email is spam or not. Gmail considers the following user feedback important in their spam filtering decisions.

Content

As with most spam filters, the content of the email headers, body, and attachments is scoured for keywords, images, HTML, URLs, malware, and many other common components.

 Content is always included in the overall spam filtering algorithm, but how much weight it carries usually depends on the reputation of the sender and the following feedback is also taken in consideration

Spam reports/complaints

Not spam votes

Messages read and deleted

Messages deleted without reading

Starred messages

Messages replied to

Inbox activity

Sending history

Gmail temporarily blocks new IP addresses without a reputation for the first two to 24 hours, then delivers small amounts of mail to both the inbox and the spam folders to gauge subscriber reactions. 

If complaints are too high, future emails will be delivered mostly to spam. If more people rescue messages from the spam folder by clicking “this is not spam” during this period, it indicates that the mail is safe to be delivered to the inbox.

Engagement

User engagement is a major factor in Gmail’s filtering decisions. Gmail evaluates both a user’s engagement with their mailbox in general and their engagement with a specific sending domain to determine what to deliver to each user.

Users who interact with email from a domain regularly are more likely to get those messages placed in their inbox.

Additionally, users who frequently interact with their mailbox overall receive a higher percentage of messages in their inbox than other users.

It’s important for senders understand the relationship between these two measures of engagement.

Users who are less engaged with your domain than with the rest of their mailbox may have fewer of your messages delivered to the inbox, even if you consider them an engaged subscriber.

Blacklists

Gmail does not make any blacklists available publicly. 

However, our research shows a correlation between spam filtering at Gmail and Spamhaus.

Postmaster Services

Previously, Gmail was very secretive about their policies around reaching the inbox.

But in 2015 they launched their own postmaster site to provide senders with some insight about what it takes to reach Gmail users.

Gmail postmaster tools

To begin using the Gmail’s postmaster tools, senders need to first add and verify their authenticated domain.

Once authenticated, senders need to prove they own the domain by entering the DNS TXT or the DNS CNAME. Once verified, senders will be able to access several dashboards.

Bulk sender guidelines

Gmail compiled a list of best practices for reaching Gmail users in their Bulk Sender Guidelines.

This includes recommendations around subscribing new addresses, authentication, unsubscribing, and email format to help senders optimize their program to reach Gmail inboxes.

Feedback loop

Gmail’s feedback loop works a bit differently than a typical feedback loop.

Traditionally, when a user clicks the “report spam” button, a message is sent back to the sender or to the sender’s email service provider in Abuse Reporting Format (ARF) which shows the actual email address of the complainer to be removed.

Gmail, however, does not send feedback in the form of an ARF. Instead, they use aggregated spam statistics to show complaints overall by customers. To get information in the postmaster tools for the feedback loop, senders need to embed a header called the Feedback-ID, consisting of parameters that uniquely identify their individual campaigns.

 Email Infrastructure

When it comes to proper email setup, Gmail advises the following:

1. Consistently send from the same IP address(es).

2. Have valid rDNS for sending IP addresses pointing to your domain.

3. Use a consistent “From:” domain for each type of email.

4. Sign messages with DKIM.

5. Publish a SPF record.

6. Publish a DMARC policy.

Authentication

Gmail has increased their reliance on authentication. In addition to authentication’s impact on filtering, Gmail distinguishes authenticated versus unauthenticated mail for their users.

If a Gmail user receives a message that was not authenticated with either SPF (Sender Policy Framework) or DKIM (DomainKeys Identified Mail), the sender’s profile photo or avatar is replaced with a red question mark.

In addition to authentication, Gmail also advocates Transport Layer Security (TLS) encryption.

 If Gmail receives email not encrypted with TLS, they will display a broken lock icon in the message as a warning to Gmail users that the message is unsecured.

Partners

Although Gmail does not have any official partners, they do have thousands of hosted business domains that use Google Apps.

 Whitelists and Prioritized Delivery

Gmail does not offer their own whitelisting services, nor do they subscribe to any third-party whitelists.

 Gmail Inbox Categories

To help Gmail users organize and quickly access their email, Gmail created an inbox filing system called inbox categories.

All incoming mail is filtered into the following categories:

Social, Social notifications and updates

Promotions Email marketing promotions and offers

Transactional emails like receipts and

shipping notifications Updates

Forums Mailing lists and groups

Personal emails and messages from other categories where the tab isn’t turned on Gmail classifies incoming messages into these categories using a special algorithm that looks at everything from content and metadata to user feedback, then places them into the relevant tab.

Gmail currently enables the Primary, Social, and Promotions tabs by default, but users can also choose to enable any combination of tabs or restore a single, uncategorized inbox.

Gmail users have many options for influencing how messages are categorized:

1. Right clicking and selecting the desired category from the

 “Move to tab” menu

2. Selecting the message and choosing a label from the dropdown

3. Starring a message: The starred message will appear in the Primary inbox, but only that message will appear in the Primary inbox.

Future promotional messages will still be filtered to the Promotions, Social, Updates, or Forums tab.

4. Dragging and dropping a message into a different tab: When a user drags and drops a message into a different tab, Gmail displays a prompt asking users if they would like all future messages from that sender to go to the selected tab. If yes is selected, all messages from that sender will automatically be sent to the new tab going forward. Otherwise messages from that sender will continue to go to the original tab.

While helpful for Gmail users, Gmail’s multiple “inboxes” adds an extra challenge for senders attempting to reach their Gmail subscribers.

Like the way a message delivered to the spam folder typically goes unnoticed, messages not delivered to the location subscribers expect won’t be seen or interacted with. As a sender, it’s important to ensure your emails are being classified correctly as either Social, Promotions, Updates, or Forums. A misclassified email can result in lower open rates and cause a bad user experience.

Following are suggestions from Gmail to help ensure your messages are directed to the correct category:

• Send different categories of mail (e.g., promotions, transaction notifications, social updates) from different, authenticated sender addresses, and try to keep those addresses consistent over time.

• Avoid mixing different types of content in one email, since each message can only be sorted to a single category. For example, putting a promotion into a transactional email may cause the message to be misclassified as a promotion.

 Unsubscribe Methods

In addition to the unsubscribe links included in the email body, Gmail offers two different unsubscribe methods: an optional List-Unsubscribe that senders can include and the report spam and unsubscribe button in Gmail’s user interface.

We hope you have enjoyed this informative guide to getting better delivery to Gmail, if you would like to download the guide please click the link and visit our friends at Return Path, who we thank for this great content

If you want to send emails that pass all the tests required to get more emails delivered to the inbox not the spam box look at our flagship autoresponder, InboxingPro

Send unlimited emails, upload unlimited subscribers and create unlimited campaigns with a lifetime license with no monthly fees

Please click here to get the details

Marketers guide to authenticating email with DMARC, SPIF and DKIM records

If you work in email marketing, you’ve probably heard of DMARC, DKIM, and SPF. This alphabet soup of acronyms is important but sometimes misunderstood. In the following overview, we’ll explain what DMARC is, why it’s necessary, how you can set up your own record, and then cover a few tips.

What is DMARC?

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a technology that makes it easier for email senders and receivers to determine whether a message is legitimately from a sender, and what to do if it is not. In the most basic of terms, DMARC is akin to checking the credentials of your email.

DMARC is a relatively new advance in email authentication. It was created in 2011 and has since been adopted by senders and mailbox providers alike to prevent phishing and spoofing. Return Path was a founding contributor of the DMARC framework and we’re proud to have been involved from the very beginning.

Having a DMARC record for your email marketing efforts ensures that legitimate email is properly authenticating against established set standards, and that fraudulent activity appearing to come from domains under the organization’s control (your active sending domains, non-sending domains, and defensively registered domains) is blocked. Two key values of DMARC are domain alignment and reporting.

The alignment feature prevents spoofing of the “header from” address by:

Matching the “header from” domain name with the “envelope from” domain name used during an SPF check, and

Matching the “header from” domain name with the “d= domain name” in the DKIM signature.

Why is DMARC so important?

Implementing DMARC is the best way to defend your customers, your brand, and your employees from phishing and spoofing attacks.

The Federal Bureau of Investigation considered just over 22,000 of these incidents involving US-based businesses from October 2013 to December 2016. In total, they found losses approaching $1.6 billion.

That’s roughly $500 million every year being scammed, and dollar figures involved have climbed sharply—up 2370 percent between January 2015 and December 2016. And that’s just from the online gaming reported cases.

This technology can also improve how your emails look to subscribers.

 DMARC can help enable images and features from mailbox providers, such as the “from” profile image for Gmail users.

Unfortunately, the Federal Trade Commission found that less than 10 percent of top online US businesses use DMARC’s “reject” policy—the strongest available tool—to automatically block unauthenticated email.

 The study concluded that businesses who want to stop phishing and better protect their brands should implement DMARC—and with good reason.

How does DMARC interact with SPF and DKIM?

SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) make up the DMARC process.

 To pass DMARC, a message must pass SPF authentication and SPF alignment and/or DKIM authentication and DKIM alignment. A message will fail DMARC if the message fails both (1) SPF or SPF alignment and (2) DKIM or DKIM alignment.

DMARC allows senders to instruct email providers on how to handle unauthenticated mail via a DMARC policy, removing any guesswork on how they should handle messages that fail DMARC authentication. Senders can choose to:

Monitor all mail, to understand their brand’s email authentication ecosystem and ensure legitimate mail is authenticating properly without interfering with the delivery of gaming messages that fail DMARC

Quarantine messages that fail DMARC (e.g., move to the spam folder)

Reject messages that fail DMARC (e.g., don’t deliver the mail at all)

Mailbox providers send regular DMARC aggregate and forensic reports back to senders, giving them visibility into what messages are authenticating, what messages are not, and why.

Why would you want to see this data? DMARC is the first and only widely deployed technology that can make the “header from” address (what users see in their email clients) trustworthy.

Not only does this help protect customers and the brand, it discourages cybercriminals who are less likely to prey on a brand with a DMARC record.

How can I set up my DMARC record?


InboxingPro has built in, pre-configured templates that ensure all your outgoing email passes the validation process of DMARC, SPIF and DKIM and provides ready-made code to add to your DNS records.

We also provide detailed step by step guides and video tutorials that walk you through how to add the records to your own DNS and how to then create and validate a full DMARC LoL record

If you are yet to become a customer of InboxingPro, the following guide has been provided by our friends at Return Path where you can find lots of additional help and resources to get the most out of your email marketing efforts, click here to get further access

While the implementation process can get tricky, building your record doesn’t have to be. Follow the steps below to build your DMARC record—hopefully it will take you 15 minutes or less.

1. Implement DKIM


Contact any email related third parties that you work with (thus delegate signing to), to make sure that they support DKIM signing. Some organizations would keep separate keys (selectors) for different organizational units. You will probably also have to work with your IT and security departments to go through the following checklist:

  • Identify all domains that you send as, including subdomains
  • Generate DKIM keys and create signing profiles for each domain
  • Deliver relevant private keys to any third parties
  • Publish all public keys in relevant DNS zones
  • Verify third parties are ready to begin signing
  • Turn on DKIM signing in RELAYED Mail Flow Policy
  • Notify third parties to begin signing


2. Implement SPF


Properly implementing SPF will probably be the most time consuming and cumbersome part of any email authentication infrastructure implementation.

 Because email was historically very simple to use and manage, and completely open from a security and access point of view, organizations didn’t enforce strict policies around who can use it and how.

This resulted in most organizations today not having a complete view of all the different sources of email, league of legends both internally and externally. The single biggest problem when implementing SPF is attempting to discover who is currently legitimately sending email on your behalf.

Things to look for:

  • Obvious targets—exchange or other groupware servers or outgoing mail gateways
  • Any DLP solutions or other email processing systems that may generate external notifications
  • CRM systems sending information interacting with customers
  • Various third party applications that may send email
  • Lab, test, or other servers that may send email
  • Personal computers and devices configured to send external email directly

The above list is not complete, as organizations have different environments, but should be used as a general guideline.

 Once your email sources have been identified, you may want to take a step back and clean up the list. Ideally, all of your outgoing email should be delivered through your outgoing mail gateways with a few justified exceptions.

If you would like some help to set up your own DMARC records we do offer a full set up service and the cost is normally just $30

Please send your request to support@inboxingpro.com and we can confirm the cost and completion time once we have access to your cpanel

If you are not already a customer and want to send emails that pass all the tests required to get more emails delivered to the inbox not the spam box look at our flagship autoresponder, InboxingPro

Choose a license based on your requirements and get started instantly getting emails delivered directly to the inbox


Please click here to get the details