Amayuki's: 2015

Friday, November 06, 2015

Yahoo doesn't accept cellphone number?

Recently I have big issue with yahoo. I need a couple of newest accounts at yahoo to test.
Since a while, yahoo asks for cellphone number to complete the registration process.
A verification code will be sent by yahoo to this number and you have to type this code on the webpage.
I found a lot of trash cellphone numbers. Just like trash Email addresses, these numbers can be used by anyone but the sms texts including history can be read by anyone as well.

http://vsimcard.com/free_cards.php for instant.
I used the number 004917679801863 to set up a new account.
Sadly yahoo told me this is not a valid cellphone number.

If I review the history...

Sender	Date	Content
447781470659	03/11/2015 11:05:52	7699 ist Ihr Bestätigungscode von Yahoo
447781470659	03/11/2015 09:51:04	8635 is your verification code from Yahoo
447781470659	03/11/2015 00:11:02	0697 ist Ihr Bestätigungscode von Yahoo

at least this number has been used for setting up new accounts only by today.

which means,

This number is active. Yahoo has accepted it.
The same number can be used more than once.
The same number can be used more than once on the same day.

Here is the question: is 3 times the limit for the same number?

Mobile phone

It's extremely important to keep your contact info up-to-date because it's one of the ways that we protect your account security. If you forget your password, you can easily reset it with your mobile number and get back into your account. If you don't provide a supported mobile number, you'll be unable to complete registration.
We also collect an optional phone number in the event you don't have access to your mobile so that we can call or send a text if you lost account access.

Yahoo doesn't say how often one single number can be used.
However, I found the following code in the quell text.

//SMS
    SMS_STATUS_99                           : 'Es ist ein Fehler aufgetreten. <a href="/registration">Bitte versuchen Sie es erneut.</a>',
    SMS_STATUS_101                          : 'Es ist ein Fehler aufgetreten. <a href="/registration">Bitte versuchen Sie es erneut.</a>',
    SMS_STATUS_106                          : 'Dies ist keine gültige Handynummer.',
    SMS_STATUS_107                          : 'Sie haben die Höchstgrenze für SMS erreicht. <a href="/registration">Bitte versuchen Sie es erneut.</a>',
    SMS_GENERIC_ERROR                       : 'Es ist ein Fehler aufgetreten. <a href="/registration">Bitte versuchen Sie es erneut.</a> ',

Was is the meaning of SMS status 106? I am neither a deliverability expert on SMS nor a yahoo guru...

It seems, yahoo must try to send SMS to this number but without success.

Who knows more about it? Otherwise, I will keep on testing to find out a solution.

Friday, July 10, 2015

Trackbuster untracks commercial emails at Gmail

A tracking pixel is like a tiny picture, normally being (un)seen on the left side of the bottom of an email.
Once an Email has been opened and the pictures have been loaded, this tracking pixel, which had been implanted by the Email marketers, will tell them: this mail has been opened

Since an open might generate a lead or even a buy, the open rate of a Emailing campaign becomes a huge factor.

Trackbuster is now working with Gmail to untrack the commercial emails.
This service will analyze the incoming emails at Gmail, identify the invisible tracking pixel and remove them. For the paranoid internet users, it shall protect their privacy.

I tried this tool and it works

I don't know how perfect it can be. But the opens, which the marketers track, will be even less at Gmail.

Gmail has a new release! New analytics tool with smart dashboard

Google launched its Gmail Postmaster Tools, which allow the qualified high-volume senders to get a better idea of how Gmail treats their emails.

The tool shall show lots of deliverability informations in different dashboards.

Once the domain ownership has been verified, the qualified senders can monitor the Email delivery to the biggest ISP of the world.

Wednesday, May 06, 2015

Sogou mail will be closed soon

On the login page to Sogou webmail, we now find an official announcement that Sogou will stop providing Email service by 30th of September 2015.

Since December 2014, the registration to a new Email account at Sogou has already been closed.
The existing mail addresses @sogou.com will be still active until 31st of March 2016, once a user chooses the service provided by Sohu to relocate his address to Sohu. The mails to Sogou old address will be sent forward to the Sohu address automatically. Meanwhile the user can also send his mails by using Sohu mail.

The relocation is quite easy. Sohu webmail has now the new feature "relocating by one click".
The account and password of Sogou mail are asked, then press the yellow button "relocating by one click". After 48h, all of the history mails can be read at Sohu.

If the relocation hasn't been set up manually until 31st of March 2016, a new sohu account will be created by Sohu system to continue providing Email service.

Monday, April 27, 2015

new link for the removal of Outlook IP block

Since a couple of weeks, I can't open the support page

https://support.msn.com/eform.aspx?productKey=edfsmsbl2&ct=eformts

at Outlook for mitigation the IP reputation.
If an IP is supposed to be blocked by Microsoft, it might help removing it from the blocklist.
It was an automatic process. Once we fill out the formulas and press "submit" button. Then the guys at outlook will review the IP reputation. They decide if this IP will be further blocked or the block will get lifted.

But the link above relinks now to another support page, which is useless for lifting a block.
What bad news.

Do you have the same issue? Don't worry, I found the new link for it and share here with you

https://support.microsoft.com/en-us/getsupport?oaspworkflow=start_1.0.0.0&wfname=capsub&productkey=edfsmsbl3&locale=en-us&ccsid=635639051175184163

Thursday, April 23, 2015

Case study 33iq -- SendCloud (part1)

33iq, meaning of showing how smart you are, is the biggest SN (social network) in China focusing on brain teasers.
I love solving puzzles, so I registered myself as a user.
Then I found out that they are doing quite incredible Email Marketing. To be honest, I never thought that the Email Marketing can be so highly developed in main land China.

I neither can nor want to know the total marketing operation of 33iq exactly. I am only interested in Emails, so I'd like to talk about it from the EM (Email Marketing) perspective and my point of view.

On the homepage, I can find the button to login and register easily on the right side of the head. They are sized big and clearly.

After I roll down this page, a banner pops up at the bottom, which stays from then on until the foot of this page to let you sign up using other social network IDs. Of course the biggest ones in China: QQ and weibo.

I don't know if they tested the best side of webpage to have their lead registration buttons, before they put them in these places, but very standard and pretty smart.

The registration process is not difficult. Email address is asked.

I like the slide verification, although it's not widely used. In my opinion, it's much better than typing unreadable letters or numbers.

Thanks to SendCloud, the confirmationsemail came immediately and landed in the primary tab at Gmail.

No, not the shipping company from Netherlands. SendCloud is a young but leading ESP (Email Service Platform) made by Sohu in China.

The sender has a name and is a postmaster, which is unusual but okay.

The content is clear and targeted, without a single advertising.

And there is a sidebar(!!)

Strict DOI (double Opt-in)

I digged deeper to read the header of this Email

Delivered-To: kenatexperian@gmail.com
Received: by 10.182.24.169 with SMTP id v9csp506700obf;
Thu, 23 Apr 2015 07:42:56 -0700 (PDT)
X-Received: by 10.68.65.111 with SMTP id w15mr5887472pbs.57.1429800175793;
Thu, 23 Apr 2015 07:42:55 -0700 (PDT)
Return-Path: <05561b10-e9c7-11e4-8020-00163e62bc6d@mail10.sendcloud.org>
Received: from mail36.sendcloud.org ([101.227.180.36])
by mx.google.com with ESMTP id sj10si12766109pac.198.2015.04.23.07.42.52
for <kenatexperian@gmail.com>;
Thu, 23 Apr 2015 07:42:54 -0700 (PDT)
Received-SPF: pass (google.com: domain of 05561b10-e9c7-11e4-8020-00163e62bc6d@mail10.sendcloud.org designates 101.227.180.36 as permitted sender) client-ip=101.227.180.36;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of 05561b10-e9c7-11e4-8020-00163e62bc6d@mail10.sendcloud.org designates 101.227.180.36 as permitted sender) smtp.mail=05561b10-e9c7-11e4-8020-00163e62bc6d@mail10.sendcloud.org;
dkim=pass header.i=@sendcloud.org
Message-Id: <553904ee.aae4420a.7d08.355eSMTPIN_ADDED_MISSING@mx.google.com>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sendcloud.org; i=@sendcloud.org;
q=dns/txt; s=mail; t=1429800172; h=Sender : To : From : Subject : Date
: Content-Type : Content-Transfer-Encoding : MIME-Version : REPLY-TO :
From : Subject : Date; bh=7ZxY9EvxGap9rMjKNYJEMQlD0hA1rP2s5hXlBsYwcHA=;
b=jT2xifVevJQ3Nq+3TntMfiy7hhTgo4E09lmsdtObS6BNfNm/grjMGoUW3NUVtWsx3xiXzh
+u9ZzWD1MwkEHlvJPzf6NP2PvIZKYPgQAzgITVKP25B90J6g6J4/VqIFSXjmNsJtY2Bw7Dp6
F5pv7u6oO3Uk1bRjeZW8Ybl2n5NDY=
Sender:05561b10-e9c7-11e4-8020-00163e62bc6d@mail10.sendcloud.org
Received:from localhost ([115.29.201.198]) by SendCloud Inbound Server (Haraka/2.2.4) with ESMTPA id 6803468F-B1A2-483A-B966-12278E625757.1 envelope-from <postmaster@notice.33iq.com> (authenticated bits=0); Thu, 23 Apr 2015 22:42:51 +0800
To:=?GBK?Q?=D3=C3=BB=A7?= <kenatexperian@gmail.com>
From:33IQ <postmaster@notice.33iq.com>
Subject:=?GBK?B?uNDQu9eisuEzM0lRzfijrMfr0enWpEVtYWls?=
Date:Thu, 23 Apr 2015 22:42:50 +0800
Content-Type:text/html; charset="UTF-8"
Content-Transfer-Encoding:quoted-printable
Content-Disposition:inline
MIME-Version:1.0
REPLY-TO:33IQ <postmaster@notice.33iq.com>
X-SENDCLOUD-UUID:1429800171967_21449_16810_2341.sc-10_10_127_51-inbound0$kenatexperian@gmail.com
X-SENDCLOUD-LOG:1429800171967_21449_16810_2341.sc-10_10_127_51-inbound0$kenatexperian@gmail.com#kenatexperian@gmail.com#64116#21449#0
X-SMTPAPI:

SPF and DKIM have been set up.

You can hardly believe how many IP addresses are used by SC. Who said, Ranges of IPv4 has been poorly assigned to Asia!

sendcloud

45.56.67.250/32 (1 address)

61.135.130.0/23 (512 addresses)

61.135.132.0/23 (512 addresses)

61.135.150.0/24 (256 addresses)

61.135.178.0/23 (512 addresses)

61.135.181.0/24 (256 addresses)

101.227.178.0/23 (512 addresses)

101.227.180.0/23 (512 addresses)

103.249.252.104/31 (2 addresses)

220.181.19.0/24 (256 addresses)

The DKIM signature is the most complicated I have ever seen.
Sadly the d for domain has been valued standard/default as sendcloud.org.
Shared pool maybe, easier to set up?

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sendcloud.org; i=@sendcloud.org; q=dns/txt; s=mail; t=1429800172; h=Sender : To : From : Subject : Date : Content-Type : Content-Transfer-Encoding : MIME-Version : REPLY-TO : From : Subject : Date; bh=7ZxY9EvxGap9rMjKNYJEMQlD0hA1rP2s5hXlBsYwcHA=; b=jT2xifVevJQ3Nq+3TntMfiy7hhTgo4E09lmsdtObS6BNfNm/grjMGoUW3NUVtWsx3xiXzh +u9ZzWD1MwkEHlvJPzf6NP2PvIZKYPgQAzgITVKP25B90J6g6J4/VqIFSXjmNsJtY2Bw7Dp6 F5pv7u6oO3Uk1bRjeZW8Ybl2n5NDY=

The sender IP 101.227.180.36 has at moment excellent senderscore. The rDNS has been set up.

Classified as moderate volume sender, it seems this pool has not been used consistently.
And yes, as I guessed a shared pool.

Sending Domains

info01.sendcloud.org

info02.sendcloud.org

mail.hibay.net

mail.joboto.com

mail.jubi.com

mail09.sendcloud.org

mail10.sendcloud.org

mail11.sendcloud.org

mass.mail.xiaoenai.com

triggermail.zyxd.net

usermail.okcoin.com

www.mangasearcher.com

xingyunvpn.com

Sending Domains
info01.sendcloud.org
info02.sendcloud.org
mail.hibay.net
mail.joboto.com
mail.jubi.com
mail09.sendcloud.org
mail10.sendcloud.org
mail11.sendcloud.org
mass.mail.xiaoenai.com
triggermail.zyxd.net

usermail.okcoin.com
www.mangasearcher.com
xingyunvpn.com

Depends on the domain reputation, it may be now a good point to think about segmentation and separation of transnational emails.

Ohoh I feel like knowing a lot of business secrets by now :D

Let's stop here for now, next time, I will check the newsletters and share my founds with you.

Wednesday, February 04, 2015

Trouble shooting -- an easy way to recognize IP reputation

Who's using PowerMTA to send Emails, knows the amazing backoff mode.
There is a setting named "backoff-reroute-to-virtual-mta". If this is set up, then PMTA reroutes the traffic from the trouble IP to the pointed IP automatically.

Assume I have a pool consisting of 4 IPs, IP1, 2, 3 and 4.
I set up a loop by using the setting "backoff-reroute-to-virtual-mta" to reduce the queues and bounces.
It means, the traffic will be rerouted from 1 to 2, 2 to 3, 3 to 4 and 4 to 1 automatically, if there are certain issues to send out the emails over original IPs.

Since these 4 IPs stay in the same pool, they must carry the same traffic theoretically.
After the setting of backoff rerouting, they will carry the same traffic, if and only if these 4 IPs have the similar (necessary condition) and healthy (sufficient condition) reputation.

Once I check the dashboard/report and I see very different total numbers of message counts.
Depends on the number of bounces (explanation s.b.), the IP has most total sent, has the best reputation and the one has least sent, has the poorest reputation.

Why I am saying, it depends on the bounce numbers?
It happens, that all of these 4 IPs have bad reputation.
All mails ran cycle, they are ended up in one IP, for example IP1, and bounced there.
For this case, IP1 has the most traffic, most bounces, probably most deliveries, but it doesn't have a good reputation either.

This is an easy way to measure IP reputation from the sender's side.
SNDS, Return Path, etc. are not needed.

Thursday, January 15, 2015

SMTP reply code and trouble shooting

for me and for everyone, who needs it

Reply codes grouped by command
Command	Code	Description
connect
	220	<domain> Service ready
	421	<domain> Service not available, closing transmission channel
HELO
	250	Requested mail action okay, completed
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	504	Command parameter not implemented
	521	<domain> does not accept mail [rfc1846]
	421	<domain> Service not available, closing transmission channel
EHLO
	250	Requested mail action okay, completed
	550	Not implemented
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	504	Command parameter not implemented
	421	<domain> Service not available, closing transmission channel
MAIL
	250	Requested mail action okay, completed
	552	Requested mail action aborted: exceeded storage allocation
	451	Requested action aborted: local error in processing
	452	Requested action not taken: insufficient system storage
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	421	<domain> Service not available, closing transmission channel
RCPT
	250	Requested mail action okay, completed
	251	User not local; will forward to <forward-path>
	550	Requested action not taken: mailbox unavailable
	551	User not local; please try <forward-path>
	552	Requested mail action aborted: exceeded storage allocation
	553	Requested action not taken: mailbox name not allowed
	450	Requested mail action not taken: mailbox unavailable
	451	Requested action aborted: local error in processing
	452	Requested action not taken: insufficient system storage
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	503	Bad sequence of commands
	521	<domain> does not accept mail [rfc1846]
	421	<domain> Service not available, closing transmission channel
DATA
	354	Start mail input; end with <CRLF>.<CRLF>
	451	Requested action aborted: local error in processing
	554	Transaction failed
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	503	Bad sequence of commands
	421	<domain> Service not available, closing transmission channel
received data
	250	Requested mail action okay, completed
	552	Requested mail action aborted: exceeded storage allocation
	554	Transaction failed
	451	Requested action aborted: local error in processing
	452	Requested action not taken: insufficient system storage
RSET
	200	(nonstandard success response, see rfc876)
	250	Requested mail action okay, completed
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	504	Command parameter not implemented
	421	<domain> Service not available, closing transmission channel
SEND
	250	Requested mail action okay, completed
	552	Requested mail action aborted: exceeded storage allocation
	451	Requested action aborted: local error in processing
	452	Requested action not taken: insufficient system storage
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	502	Command not implemented
	421	<domain> Service not available, closing transmission channel
SOML
	250	Requested mail action okay, completed
	552	Requested mail action aborted: exceeded storage allocation
	451	Requested action aborted: local error in processing
	452	Requested action not taken: insufficient system storage
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	502	Command not implemented
	421	<domain> Service not available, closing transmission channel
SAML
	250	Requested mail action okay, completed
	552	Requested mail action aborted: exceeded storage allocation
	451	Requested action aborted: local error in processing
	452	Requested action not taken: insufficient system storage
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	502	Command not implemented
	421	<domain> Service not available, closing transmission channel
VRFY
	250	Requested mail action okay, completed
	251	User not local; will forward to <forward-path>
	550	Requested action not taken: mailbox unavailable
	551	User not local; please try <forward-path>
	553	Requested action not taken: mailbox name not allowed
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	502	Command not implemented
	504	Command parameter not implemented
	421	<domain> Service not available, closing transmission channel
EXPN
	250	Requested mail action okay, completed
	550	Requested action not taken: mailbox unavailable
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	502	Command not implemented
	504	Command parameter not implemented
	421	<domain> Service not available, closing transmission channel
HELP
	211	System status, or system help reply
	214	Help message
	500	Syntax error, command unrecognised
	501	Syntax error in parameters or arguments
	502	Command not implemented
	504	Command parameter not implemented
	421	<domain> Service not available, closing transmission channel
NOOP
	200	(nonstandard success response, see rfc876)
	250	Requested mail action okay, completed
	500	Syntax error, command unrecognised
	421	<domain> Service not available, closing transmission channel
QUIT
	221	<domain> Service closing transmission channel
	500	Syntax error, command unrecognised
TURN
	250	Requested mail action okay, completed
	502	Command not implemented
	500	Syntax error, command unrecognised
	503	Bad sequence of commands

Error	Troubleshooting
• Rejected by server	Message was rejected by remote SMTP server due to their antispam settings. Most of large SMTP servers do not accept mail from home computers (with dial-up or cable IP addresses). You need to send mail via external SMTP server, it's highly recommended. Please open "Settings" / "Common Settings" / "SMTP" and add SMTP server of your Internet Service Provider (ISP) or hosting service.
• No such address • User not local	It usually happens if you try to send mail via an external SMTP server, but do not provide the correct username / password when it's required. Please open "Settings" / "Common Settings" / "SMTP", double click at the server name and change "Authentication type". The most popular type is ESMTP. CRAM and DIGEST are used at the less number of servers, POP before SMTP is too old, not recommended to use. Note for hotmail.com — please check HELO value. It's very important for them. Open "Settings" / "Common Settings" / "Mailer" and check value of HELO there. It must be the same as at www.massmailsoftware.com/ip.
• Delivering... forever	If you see "Delivering..." for a long time (say more than a minute), you need to check the following: 1. Your message is really large and Atomic Mail Sender need much time to deliver it. Or the outgoing mail scanner blocked it. Check your antivirus. 2. Atomic Mail Sender is completely blocked by your antivirus or firewall and can not access Internet. Please check the settings of these programs.
• Error 450: Requested mail action not taken: mailbox unavailable.	SMTP server could not access a mailbox to deliver your message. This could be caused by a process on the remote server tidying up the mailbox, or the remote mailbox could be corrupt, or the remote mailbox may be stored on another server which is currently offline, or the network connection went down while sending, or the remote mail server does not want to accept mail from your server for some reason (IP address, blacklisting, etc..). The next attempt to send by your server may prove successful.
• Error 451: Requested action aborted: local error in processing.	This error is usually due to overloading at your ISP or your SMTP relaying service from too many messages. The next attempt to send by your server may prove successful.
• Error 500: Syntax error, command unrecognized.	Your antivirus/firewall interfering with incoming and/or outgoing SMTP communications. Configure your antivirus/firewall software options to solve the problem.
• Error 501: Syntax error in parameters or arguments.	Invalid email addresses or an invalid domain name recipient. Error can indicate bad connection.
• Error 503: Bad sequence of commands or this mail server requires authentication.	Error, particularly if repeated, indicates bad connection. SMTP Reply Code 503 is more often an indicator that the SMTP server you are trying to use requires authentication and you tried to send a message without authentication (username + password). Check "Common settings" to verify authentication settings (mostly ESMTP authentication is used) for this server.
• Error 512: The host server for the recipient’s domain name cannot be found (DNS error).	One of the servers on the way to the destination has a DNS problem or does not like the recipient email address. Check the recipient email address for incorrect domain name (misspelt domain names or non-existent domain names).
• Error 513: Address type is incorrect or authentication required.	Verify that email address of the recipient is formatted correctly and resend the message. Another reason could be that you need to authenticate to the mail server before being able to send your message (SMTP authentication).
• Error 523: The Recipient’s mailbox cannot receive messages this big.	The total size of the message you have sent (ie: message + all of its attachments) exceeds the size limits on the Recipient’s server. Check the size of the email you sent, and, specifically, the size of the attachments you included, and consider splitting your email into smaller emails.
• Error 530: Access denied.	Your ISP’s SMTP server requires authentication and you tried to send a message without authentication (username + password). Check Common settings to verify authentication settings for this server. Another reason could be that your server has been blacklisted by the recipient’s server. Or the recipient’s mailbox does not exist.
• Error 535: Username and Password not accepted.	Check SMTP account settings. Make sure login and password are entered correctly.
• Error 541: Recipient Address Rejected – Access denied.	This response is almost always sent back by an anti-spam, or mail filtering appliance/firewall at the recipient’s end. Check your message with "Spam check" or ask the recipient to whitelist you.
• Error 550: Mailbox unavailable.	This error will be returned by many servers if the recipient email address simply does not exist on the remote side. Contact the recipient verbally to get the correct email address. Error 550 will sometimes also be returned by the recipient’s anti-spam firewall. Another case of SMTP Error 550 is when the recipient’s server is down.
• Error 552: Requested mail action aborted: exceeded storage allocation or size of the incoming message exceeds the incoming size limit.	The recipient’s mailbox has reached its maximum allowed size. Another case of SMTP Error 552 is when the size of the incoming message exceeds the size limit specified by the Network Administrator.
• Error 553: Requested action not taken – Mailbox name invalid.	Invalid email address. SMTP Status 553 is also sometimes returned by an ISP mail server. When this happens this is almost always because you are trying to send through a specific ISP’s SMTP server and yet you are not connected to the Internet through that ISP.
• Error 554: Transaction failed.	Recipient mail server will return an SMTP REPLY 554 when its anti-spam firewall does not like the sender’s email address, or the sender’s IP address, or the sender’s ISP server (because, for example, they are listed in an RBL) and where you will therefore either need to have the sender whitelist you in their anti-spam program/appliance, or you will need to take steps to have either your IP address or your ISP’s servers (if you send mail through your ISP) de-listed from one or more RBLs.

Monday, January 12, 2015

Google is always the first one saying "Happy Birthday" to me

another year was over.
today is again my birthday
for the 10th time, i turn 21 :D

Friday, January 09, 2015

How do I identify Hotmail spamtraps

Spamtraps are anonying.

Since the spamtraps are used as parameter to measure the sending reputation, the owner of these spamtraps will never be interested in our newsletters.

On the other word, we can't make any revenue by writting to a spamtrap.

Even worse, by hitting spamtraps, we are due to get blocked on sending IP/domain bases.

Once an IP has been blocked, other mails are not able to be delivered either, which influences the total sending.

It means, we loose money, instead of earning 40 dollars by spending one single dollar on email marketing.

Spamtraps are also tricky.

We can hardly identify a spamtrap.

The biggest ISPs, like Gmail, Outlook/Hotmail, Yahoo, etc., they normally are using inactive addresses as spamtraps, resp. the addresses with no login for 6 or more months.

The anti-spam organisations, like Spamhaus, Barracuda, etc., they have their own addresses to catch spammers.

Neither of them will tell us, which addresses are spamtraps.

Outlook provides SNDS (Smart Network Data Service) reports for big senders. We can find lots of useful information on an IP base, for example about spamtraphits.

We can look up the numbers of spamtraphits and in which period were they hit, splitting by 24 hours. The time period could be accurated to minute, when the mail has been delivered into the mailbox of an Outlook spamtrap.

If there is only one spamtrap over a certain IP. We will see a period X:

1/9/2015 5:18 AM - 1/9/2015 5:18 AM

The beginning and the end of this period are the same, so it is the exact time, when a spamtrap has been written.

We even don't need to switch the time zone.

If there are two spamtraps over a certain IP. We will see a period Y:

1/8/2015 4:55 PM - 1/8/2015 10:22 PM

The beginning of this period represents the time, when spamtrap A has been written and the the end of this period represents the time, when spamtrap B has been written.

If there are more than 2 spamtraps over a certain IP. We can at lease try to identify 2 of them.

Here I say "try", because there is no 100% guarantee to succeed finding them out.

First, we need the data logs, which record the timestamps, when the mails to whom went outbound from our SMTP server.

Second, the sending volume cannot be that big per minute. If the sending speed is too high, that there are 100 records within this minute, we should rather give up.

Third, we have to assume, the mails has been non stopped to be delivered. On the other word, we suppose, the time we read up from SNDS is approximate to the outbound time, or only a couple of minutes after.

All above was background, now I am going to tell you, what I do to identify the spamtraps at Outlook.

There is no best way to optimize the optin process.

Even the content is so fascinating, everyone would like to subscribe the newsletter, typo happens. They are non-existing addresses related to bad domains, or spamtraps.

We, unusually, separate the welcome email and the confirmation email.

These two kinds of mails have different content, and will be triggered and sent out over two different IPs A &B as transactional emails to a subscriber, after he signed up with his email address.

These two IPs A resp. B are only used for welcome resp. confirmation emails.

If an Outlook spamtrap is hit, it must be caught twice, once over IP A and once over IP B.

The really work starts! The process below is for hitting 1 spamtrap. For hitting more spamtraps, we need simply to recycle the process.

Search in logs for IP A.
Gather all Outlook addresses, which covered the outbound time between the interval introduced by SNDS and a couple of minutes before. For instance, the period X above, I'd harvest the addresses with outbound time between 1/9/2015 5:15 AM and 1/9/2015 5:18 AM

Search for the addresses one by one in the same logs to check if it appears only once regarding IP A.

Search for the same address regarding IP B to check if it appears only once covered the outbound time between the interval defined by SNDS and a couple of minutes before.

If one and only one address fits both time stamps regarding IP A and IP B, then this address should be the spamtrap, we are looking for.

The procedure can be processed automatically.

Depends on country, but mostly >20% of total sending volume consists of Outlook volume. Therefore, even it's not that simple, still worth to do.

Tuesday, January 06, 2015

V4BL is offline

Since 2 days, if you run the IP lookup for blacklisting and see these IPs, which use to be blocked by V4BL, are free now. Don't get happy too early, V4BL is just offline...

To be honest, I don't like this block list at all.

They block IPs normally for "no reason" - all right, they give reasons, but I can never figure out what's the mean of them - and one can never get lifted from their list, although they support kindly "delist".

Luckily not a single provider widely uses this list, so far I know.

I hope they will never be back online :D