Over the past few months, we have been working on designing and implementing a new ultra-efficient spam detection system across our entire outbound email delivery infrastructure. Processing billions of messages a year through our SMTP servers makes it difficult to scrutinize each and every message to the level of detail we desire. As we have incrementally begun to implement this new system, we’ve noticed different patterns and trends in the results.
One of the biggest patterns that is impacting our customers’ outbound messages is the use of blacklisted domains in the email content. While the term blacklisting is generally associated with IP addresses, it also applies to domains that appear in abusive messages. There are many domain-based blacklists, but the 3 most well known and utilized are:
SURBL [ http://www.surbl.org/ ]
Spamhaus DBL [ http://www.spamhaus.org/dbl/ ]
URI-BL [ http://www.uribl.com/ ]
Interestingly, we have found that rarely are the blacklisted domains actually owned by the sender. It is a risk to use links in your messages to third party domains. We do not recommend including third party links, unless there is an existing relationship with the organization or the link is to a reputable major social network such as Facebook, Twitter, etc.
The most commonly used blacklisted domain is the URL shortener bit.ly. Spamhaus listed the domain due to malicious users hiding phishing URLs in their messages [http://www.spamhaus.org/dbl/removal/record/bit.ly]. A short URL may look nice in your content layout, but it could come at the risk of your outbound email not reaching the inbox. To avoid this issue, bit.ly does offer custom solutions specially designed for businesses using customized domain URLs.
Another common cause of blacklisted domains appearing in legitimate email messages are third party open-and-click tracking services. The same way malicious users take advantage of URL shorteners, the use of a click tracking service is an easy way to hide the real destination URL in a message. A single outbound message sent to a spam trap address using a generic tracking domain in the message content could get the domain blacklisted. In most cases we found that those creating the message content were completely unaware of the poor reputation of the domains that were being included in their messages.
All of these risks are why SocketLabs has a strict policy requiring the establishment of a CNAME record for our own open-and-click tracking feature. Although this is an extra step in leveraging open and click tracking, it protects your email from any damage that could be caused by other senders.
In short, don’t let your outbound messages get put in the spam folder because of the poor reputation of a third party domain. Ensure that you are linking to only trusted domains and don’t use a shortening or tracking service that doesn’t allow for custom branding to protect your reputation.
Sign-up now for SocketLabs On-Demand to see how we can help your messages hit the inbox.