Select or Set your Region  
... home / news
Newsflash #23 18th October 2005
Email Deliverability: Ensuring eMailBill Inbox Penetration

Current figures show that in excess of 60% of all email in North America is spam. Over the past 24 months very real advances in spam filtering technology have ensured that the majority of this is blocked or delivered directly to spam folders. The downside of this efficiency is that a significant amount of legitimate email is not arriving in the intended 'inbox'.

Successfully ensuring that your email reaches your customer's inbox is a fundamental requirement of any email project. However, recent survey results performed on a test group of 100 companies indicate that:

  • 54% of companies were impacted by false positives (legitimate email stopped as spam).
  • Over 33% of the companies paid for accreditation and/or certification programs. These programs did not provide protection against false positives - in fact the companies using them noted an increase in false positives.
  • Half the companies surveyed out-sourced the deployment of their emails and had a slightly lower false positive rate than those who deployed from in-house systems.
  • 73% of the companies impacted by false positives had SPF (Sender Policy Framework) authentication implemented.

The only way to gain maximum email deliverability is to continuously action, monitor and implement all possible technical and strategic penetration tools available. In today's Newsflash we highlight a handful of the most important tools:

'Ensuring eMail bill inbox penetration'

The following are some of the major technologies and techniques used to block spam and prevent fraudulent email from being delivered.

It is essential to have a detailed understanding of each and take the necessary actions to ensure that your email campaigns are compliant.

Sender ID: The Sender ID Framework is a type of email sender authentication. As sender authentication does not currently exist in today's standard SMTP logic for email, spammers can easily disguise their identity and locale. Without sender authentication, email users have seen huge increases in email domain spoofing (falsifying the "from" address/domain) and phishing (fraudulent spam that attempts to capture private information or credit card numbers).

SPF: SPF fights return-path address forgery and makes it easier to identify spoofs. Domain owners identify sending mail servers in DNS. SMTP receivers validate the envelope sender address against this information, and can distinguish authentic messages from forgeries before any message data is transmitted.

Domain Keys: Domain owners digitally sign outgoing email and publish the corresponding public keys in DNS. Yahoo and GMail make use of Domain Keys for authentication.

Identified Internet Mail (IIM): IIM applies cryptographic signatures to email messages to demonstrate that the sender was authorized to use a given email address. Message recipients can consult the sender's domain to verify that the signature was authorized by that domain for that address.

DomainKeys Identified Mail (DKIM): DKIM validates the identity associated with a message while being transferred over the Internet, holding it accountable for the message. DKIM uses public key cryptography to let users verify and maintain message integrity, and identifies legitimate messages. The proposed standard uses DNS in the same manner as DomainKeys. DKIM also leverages IIM header-signing technology, ensuring signature consistency as messages are sent through networks.

Whitelisting/Accreditation: Whitelists are lists of trusted, opt-in emailers. Generally speaking, if you appear on the relevant whitelist or accreditation program, your emails will be delivered successfully. Very few ISP's have their own whitelisting mechanism at a server level and tend to rely on users to whitelist at the mailbox level.

Greylisting: Each time a given mailbox receives an email from an unknown contact, that mail is rejected with a "try again later" message. (This happens at the SMTP layer and is transparent to the end user.) This results in all mail getting delayed at least until the sender tries again. Most spam is not sent out using compliant mailers and therefore the spamming software will not try again later.

Tarpitting: Tarpitting is the practice of inserting a small sleep in an SMTP session for each RCPT TO after a certain number of RCPT TO's. The idea is to thwart spammers who would hand your SMTP server a single message with a long list of RCPT TO's. If a spammer were to attempt to use your server to relay a message with, say, 10,000 recipients, and you inserted a five-second delay for each recipient, after the 50th, the spammer would be "tarpitted," and would most likely assume that their connection had stalled and give up.

Blacklisting or Real-Time Blackhole Lists (RBL): Blacklists are lists of known or suspected spammers that include their IP addresses and perhaps their domain name. RBL is a list of IP addresses whose owners refuse to stop the proliferation of spam. The RBL usually lists server IP addresses from ISPs whose customers are responsible for the spam and from ISPs whose servers are hijacked for spam relay. Subscribers to the RBL will know from which IP addresses to block traffic. Most traffic blocking occurs during the SMTP connection phase.

Throttling: The email server will only accept a certain number of simultaneous connections from any particular mail server.

Content filtering: A major goal is to ensure that the spam filters don't reject or place the email in the Bulk folder based on message content. Spam filters block messages that are detected to match program-specified or user-specified criteria, such as words in the subject line like "FREE", or messages that are detected to be machine-generated, part of a bulk mailing, or from a known source of spam. Other spam filters, such as Bayesian and heuristic programs, take a more complex approach to detecting spam.

Strategies and technologies exist to take all of the above into account, but lack of reporting is your biggest hurdle. It is a pre-requisite of any email project that you have the tools to accurately measure not only your true delivery rate, but also certainty that your customers received, read and actioned your email.

While this short Newsflash is by no means conclusive, it's aim is to highlight the intense and complex levels of effort required to ensure maximum inbox penetration.

Striata offers highly advanced Email Deliverability Services as an integral part of every secure email bill presentment & payment project. Our average North American delivery rates continue to exceed 97%, which is well above the industry average.

Please contact us for a detailed document in this regard.

Regards,

Garin Toren
Chief Operating Officer

Toll free: +1 88 88 USAPAY

Striata ~ North, Central & South America
Messaging innovation
Striata.com | Contact us | Unsubscribe | Press Office | Past Newsflashes | Striata BillPay
Editorial: 48 Wall Street, Suite 1100, New York, NY, 10005. Visit our Press Office here

(c) 2005 Striata North America. You may forward this newsletter without cutting. All other rights reserved. Contact us for reprints/story use at usa @ striata.com, or call +1 88 88 USAPAY.

To unsubscribe: Send a blank email to leave-usanews @ usa.striata.com or call us at (877) 531 9666 for assistance.

Have you received this email from a friend or colleague? Why not get your own copy of our bi-monthly Newsflash about secure email 'Electronic Invoice Presentment & Payment'. To join now Go here
Quick Links
Demos »
Downloads »
MyStriata Login »
Partners »
Contact details »


Get our monthly NewsFlash... Join now »

The NewsFlash Editions
#71 -News-2008-09-30 »
#70 -News-2008-08-26 »
#69 -News-2008-07-29 »
#68 -News-2008-06-25 »
#67 -News-2008-05-27 »
#66 -News-2008-04-22 »
#65 -News-2008-03-25 »
#64 -News-2008-02-26 »
#63 -News-2008-01-29 »
#62 -News-2007-12-11 »
#61 -News-2007-11-13 »
#60 -News-2007-10-18 »
#59 -News-2007-08-14 »
#58 -News-2007-06-26 »
#57 -News-2007-06-06 »
#56 -News-2007-04-24 »
#55 -News-2007-03-20 »
#54 -News-2007-02-20 »
#53 -News-2007-01-23 »
#52 -News-2006-12-19 »
#51 -News-2006-12-05 »
#50 -News-2006-11-14 »
#49 -News-2006-10-31 »
#48 -News-2006-10-17 »
#47 -News-2006-10-03 »
#46 -News-2006-09-19 »
#45 -News-2006-09-05 »
#44 -News-2006-08-22 »
#43 -News-2006-08-08 »
#42 -News-2006-07-25 »
#41 -News-2006-07-11 »
#40 -News-2006-06-27 »
#39 -News-2006-06-13 »
#38 -News-2006-05-26 »
#37 -News-2006-05-16 »
#36 -News-2006-05-02 »
#35 -News-2006-04-18 »
#34 -News-2006-04-04 »
#33 -News-2006-03-21 »
#32 -News-2006-03-07 »
#31 -News-2006-02-21 »
#30 -News-2006-02-07 »
#29 -News-2006-01-24 »
#28 -News-2006-01-10 »
#27 -News-2005-12-13 »
#26 -News-2005-11-29 »
#25 -News-2005-11-15 »
#24 -News-2005-11-01 »
#23 -News-2005-10-18 »
#22 -News-2005-10-04 »
#21 -News-2005-09-20 »
#20 -News-2005-09-06 »
#19 -News-2005-08-23 »
#18 -News-2005-08-09 »
#17 -News-2005-07-26 »
#16 -News-2005-07-12 »
#15 -News-2005-06-28 »
#14 -News-2005-06-14 »
#13 -News-2005-05-30 »
#12 -News-2005-05-19 »
#11 -News-2005-05-04 »
#10 -News-2005-04-19 »
#09 -News-2005-04-05 »
#08 -News-2005-03-22 »
#07 -News-2005-03-07 »
#06 -News-2005-02-22 »
#05 -News-2005-02-07 »
#05 -News-2005-01-25 »
#04 -News-2005-01-11 »
#03 -News-2004-12-13 »
#02 -News-2004-11-30 »
#01 -News-2004-11-15 »

Why choose Striata?

  • Flexible
  • Configurable
  • Multi-channel
  • Cross platform
  • Levels of control
  • Extensive reporting

    Read further »
    •   |    website terms of use     |    antispam     |    top of page  |