What’s a suspicious domain?

The question came up on slack and I started bullet pointing what would make a domain suspicious. Seemed like a reasonable blog post. In no particular order, some features that make a domain suspicious to spam filters.

Domain is used in…

  • … mail users complain about
  • … mail users delete without reading
  • … mail sent in bulk through the ISP (example: Censorship, Email and Politics)
  • … phishing mail
  • … malware dissemination

It’s not just the mail the domain is present in. There are other things that lead to suspicion for domains, too.

Domain …

  • is located on a network with a bad reputation
  • is newly registered
  • has network connections to bad domains (like nameservers, etc)
  • is a cousin domain to some regular domain
  • has a name pattern like snowshoers use
  • has network connections to individuals with bad reputations
  • has network connections to sources of bad traffic
  • is sent through a MTA with bad behaviour (holding open idle connections, retrying too frequently, etc)

While we talk a lot about permission and user engagement and those are crucial for getting to the inbox. But there are lots of other signals that go into mail delivery, some of them will override even the best domain reputation (example: Fun with spam filters). Knowing what the other signals are means a better overall understanding of delivery and the ability to integrate deliverability into business goals and KPIs.

 

Related Posts

Reputation is in the eye of the beholder

A few years ago reputation was generally recognised as one thing. If a sending reputation or IP reputation was good in one place it was likely good in other places. Different entities mostly reputation using the same set of signals albeit slightly tweaked to meet their own needs. More recently there is a divergence in how reputation is measured, meaning delivery can be vastly different across entities.

Read More

Thinking about filters

Much of the current deliverability advice focuses on a few key ideas:

Read More

2018 JD Falk Award … a mailing list

It’s M3AAWG time. Even though we’re not there, I’m getting regular updates from friends and colleagues who are there. Yesterday, was the presentation of the 2018 JD Falk award. The award recognises “a particularly meritorious project undertaken by a dedicated individual or group reflecting the spirit of volunteerism and community building.” In this case, the award went to a group of people on the “BEC mailing list.”

Read More