The spam battle is escalating: As ISPs get better at identifying and blocking unsolicited email messages, spammers are trying harder to make it past filters. One of the ways they get around filters is by making their unsolicited spam look like your "ham" (legitimate email). Your mail gets blocked because, in one way or another, your mail looks like spam to the ISPs of the recipients you’re trying to reach.
How can you ensure your legitimate mail isn’t mistaken for spam? You probably already know that certain words, however innocuous, can be suspect when found in the subject line of an email message (think "hammer" or "teen").
But what you might not know is that many ISPs may be blocking your mail before they even see the subject line. Why? Because they can’t be sure that you are who you say you are.
Helping ISPs verify your identity, therefore, is a crucial part of ensuring that your email messages make it to the recipient’s inbox. Your email can get past this first delivery hurdle if you (1) have a static IP address, (2) have both forward and reverse DNS set up for your domain name, and (3) have an SPF record.
What is DNS?
DNS stands for Domain Name System, and it’s how computers find each other on the internet. DNS is like one giant phone book in which you can look up a domain name and find the IP address of the computer to which you’d like to connect.
For example, if you wanted to send email to us here at Lyris, your mail server would perform a DNS lookup to determine where to send it. This DNS lookup lets you send mail to the easily remembered [email protected], instead of to [email protected], the IP address to which our mail is currently routed.
The importance of a static IP address
In order to have a complete DNS record, you need to have a static IP address for your email server. Static IP addresses are generally used by web and email servers. Generally speaking, a static IP address is "assigned" to a particular computer, and it stays the same, more or less (hence the "static" part of the term).
A dynamic IP address, on the other hand, changes every time the computer connects to a network or the internet. Dynamic IP addresses are typically used by individual users with dial-up or DSL accounts on personal computers. Such users are not typically sending their email directly to recipients; instead, they’re sending their email to their ISP’s email server, which is then responsible for the actual sending and receiving of their email.
Usually, you can’t make a complete DNS record for a dynamic IP address, and they are typically not used for email servers. Some email list management programs like ListManager won’t even function correctly if they are configured with dynamic IP addresses.
ISPs typically won’t accept email sent directly from "here today gone tomorrow" email servers using dynamic IPs, since these messages are likely to be from a virus-infected computer or a spammer. Having a static IP is analogous to having a consistent phone number or physical address -- it tells the world you’re stable, that you’ve been around and plan on being around in the future.
As deliverability expert Robb Wilson of Piper Software puts it, "You’re building a relationship with ISPs, and your relationship is integrally linked to that IP address. A lot of companies think that they can’t afford a static IP address, but that’s not true at all anymore. They’re very affordable these days."
DNS, backwards and forwards
Because DNS is such an important way of establishing identity on the internet, spammers will often forge domain names or IP addresses to hide where their mail is coming from. To detect these forgeries, ISPs often perform what’s called a reverse DNS lookup on incoming messages. A forward DNS lookup begins with the domain name, and checks to see which IP addresses are associated with it. A reverse DNS lookup takes the IP address that’s trying to make the connection, and checks to see if there is a registered domain associated with it.
For example, if an incoming message claims to be coming from the 220.127.116.11 IP address, an ISP would look up the domain to see if it resolves to lyris.com. If it doesn’t, the message may be a forgery -- or, the hapless sender may not have a correct DNS entry. In either case, the message will most likely be identified as spam. (When ISPs block spam, they shoot first and ask questions later -- if at all.)
You can help ISPs verify your identity by making sure that your DNS entry is complete and correct. To make sure your domain has all the correct entries, you can use a website like http://www.dnsreport.com/. If you have any questions about the entries there, the person or organization responsible for your domain should be able to answer them and make any necessary adjustments.
So, where does SPF come in?
A newer form of authenticating incoming email is SPF, or Sender Permitted Framework, which was created to help prevent spammers from damaging the reputations of reliable publishers. In a nutshell, SPF is a more specific DNS entry that lists which IP addresses are approved to send mail for your domain. If a connection comes from a different IP address than that specified in the record, the recipient may rightly suspect a forgery, and reject the message as spam. To learn more about SPF, or to learn how to make an SPF record for your domain, see http://spf.pobox.com/.
SPF has not been universally adopted, and not all ISPs check for it. But of the many systems proposed to prevent forgeries, it’s the most widespread, and the most easily implemented.
Performing these types of DNS lookups is an easy way for ISPs to differentiate legitimate email publishers from those who are out to scam their customers. Correcting DNS issues won’t guarantee that your email gets delivered, but it’s a kind of hand-raising gesture that identifies you as a conscientious internet citizen and displays a willingness to be checked out by the organizations that process your messages. By using a static IP address, having both forward and reverse DNS set up for your domain name, and adding SPF information to your record, you’re letting the ISPs know that you’re one of the "good guys," which makes it far less likely that your email will be mistaken for spam.
Wendy Roth is the training manager for Lyris Technologies, a pioneer in email marketing solutions since 1994. She works closely with enterprise-level marketing and advertising professionals to help them achieve their email-related objectives, and collaborates with engineering teams to ensure Lyris' products continue to be based on marketers' changing needs.