Insights For Marketersdownload.microsoft.com/download/3/4/d/34ded8dc-21ed-422c...IP Throttling and block lists (reduce overall volume) Signatures, most content based spam What we’ve

4/27/2007

© 2007 Microsoft Corporation. All rights reserved. This presentation is for informational

purposes only. Microsoft makes no warranties, express or implied, in this summary.

1

© 2007 Microsoft Corporation.

Insights For Marketers

April 17, Boston Sheraton


Welcome And Goals

Craig SpiezleDirector, Safety Technologies and StrategyMicrosoft Corporation

4/27/2007



2


Agenda

Introduction and Changing Rules of Deliverability

Craig Spiezle, Director of Safety Technologies and Strategy

Introduction to Windows Live Hotmail

Steve Bassler, Product Planner, Windows Live Hotmail

Optimizing e-mail deliverability into Windows Live Hotmail: Part I

Brian Holdsworth, Senior Product Planner, Safety Technologies

Break

Optimizing e-mail deliverability into Windows Live Hotmail: Part II

Kelly Sieben, Windows Live Escalation and Policy Manager

Evaluations, Drawings and Networking Access


General Housekeeping

Please turn off cell phones

Complete Evaluations forms – located in folder – place name on form to stand chance to win Zune!

Athletic bags for all attendees

Questions – 3x5 cards – will be answered after break

AOTA Summit - Single day registrations are available!

4/27/2007



3


Changing Rules Of DeliverabilityVectors, Volumes & Velocity

Receiving networks and ISPs are under attack

Message content is no longer king

Impact to infrastructure

Impact to user trust and confidence – our #1 priority

Chaf

BotnetsCompromised

PC’s

Phishing Brand Fraud

Image spam

IP Reputation

Domain Authentication

User Feedback

ISP Policies Graymail

Unsubscribe

Mailing Lists

Can SPAM


Trends

Growing level of sophisticationAnti-virus to remove “competing” malware

Pump and dump schemes

Increased precision, profiling, testing and targetingThey are become great direct marketers!

The weakest link is the end user, falling prey to social engineering

Consumer and business data at risk

Impacting interactive marketing ROI

4/27/2007



4


Lowlights

Spam – a plague of biblical proportionsVolumes from bots increasing

Image spam defeating traditional filters

Phishing – increased precision

Redefined from unsolicited email marketing to malicious and deceptive email and web sites

Thriving black market for dataSelf-Policing – denial of service attacks against rivals

Criminal underworld – competition driving down pricing

Consolidation – increased intensively and severity


Highlights

Sender ID adoption has skyrocketed to 43% of legitimate email

Supported by over 8 million domains

Vibrant growth of the internet economyOnline Holiday sales up 21%

Online banking up 27%

Business continue to realize productivity increases from the internet

Phishing exploits seem to have leveled off

Internet fraud to FBI down 10.4%

4/27/2007



5


Introduction To Windows Live HotmailSteve BasslerProduct PlannerMicrosoft Corporation


Overview Of Microsoft’s Email Ecosystem

Corporate Servers and Services

Enterprise-class availability and protection (with Forefront)

Exchange Server 2003 and Exchange Server 2007

Exchange Hosted Services

Email Clients

Providing access from anywhere

Microsoft Office Outlook, Windows Mail and Entourage

Outlook experience from desktop to web to mobile devices

Consumer and Small Business

Windows Live Hotmail is the next generation of MSN Hotmail

Office Live offering solutions to small business

World-class protection and ease-of-use features

4/27/2007



6


Corporate Clients Consumer Clients

Corporate And Consumer Email Clients


Online Persona

Family/Intimates

Friends

Classmates

Affinity Groups

Casual Games

Action Games

Fantasy Games

Multiplayer Games

Virtual Worlds

Word Processing

Spreadsheets

Presentations

Documents

News & Research

Email

Instant Messaging

Internet Calling

Blogs

Discussion Forums

Photos & Video

Music & Movies

Shopping

Personal Interests

News & Research

Work Communicate Connect Live Play

Services Transformation

4/27/2007



7


Hotmail History


Windows Live Hotmail

Powerful free e-mail, with security by Microsoft

Protected Productive Unified

Windows Live Hotmail now gives

you the control you need to keep

your e-mail private, safe, and

secure

Windows Live Hotmail is Familiar,

Fast and Powerful helping you get

more done anywhere on the web

Windows Live Hotmail brings the

power of desktop software to

your personal webmail

http://byfiles.storage.msn.com/x1p2Wff27YrL-rg7tNkg7T2FCNBeWZTlwix7nYK2Kmr0idsTR0pt-2mHGWWNVdbrq0PPjhqIgfMQzRZGK9lonKWFI-ilgjX58CCyeWrxfSgMJMsHmwRinV18w

http://byfiles.storage.msn.com/x1p2Wff27YrL-rg7tNkg7T2FG6j_k7CfcxL5cwMcrcU7NSTmpM-jGntSCYAFUZNGpq0mWW4yUi1pGVpiH-AkZmKCkSX2G8ylS0LDB8tfITKqbSzPwNs26AZQA

http://byfiles.storage.msn.com/x1p2Wff27YrL-rg7tNkg7T2FGROL_VVFuatYIUbzk9bK3wUELl3k9eTKd8EfHKsmWUTTeeBKnWJQ4DlZ75C46pnaA5TpXxemYurkG5Ex5MlRqb50WYdF8YgeA

4/27/2007



8


Windows Live Hotmail – Ad UXDisplay E-Mail


Optimizing E-Mail Deliverability Into Windows Live Hotmail: Part I

Brian HoldsworthSr. Product PlannerMicrosoft Corporation

4/27/2007



9


Spam Trends And Tactics

Main defense is content filtering and Block lists2005 Authentication without

Reputation2006Authentication +reputation greatly

improves catch rate2007

Spam Tactics

And Volume

Spam In

The Inbox

Volume manageable

Increases slowly over next 2 years

Users become aware of identity theft

Phishing and false positives biggest complaint

Senders with mixed or no reputation begin having delivery problems

Users become aware of Image spam and botnets

Amidst new threats and volumes, spam in the inbox continues to decrease

To combat reputation systems, spammers increase distributed attacks

2-3X increase of spam past 12 monthsWorking around Content Filters

Spoofing and identity theft (phishing) grows rapidly

Shifting to illegal, illicit and high margin products

Large increases of spam

Wide range of products

Malicious payloads

First There Was Content Filtering, then Authentication


Windows Live Hotmail TrendsDistributed or Short Lived Attacks

Spam volume up 40% since June 2006, 80% of increase from Botnet’s

Bots send a lot of spam over a very short time period

Botnet attacks involve a group of computers launching distributed attacks at the same time, not confined to a single IP range

A single attack can be from 100k machines in over 100 different countries

Examples of short lived spam attacks

Total EmailVolume

% Spam Length

(min)

1 2,800,000 98.5% 15

2 2,990,000 99.7% 22

3 4,800,000 99.0% 45

4 5,280,000 98.2% 47

5 1,950,000 98.5% 18

4/27/2007



10


Windows Live Hotmail TrendsImage-based Spam

33% of spam that Hotmail deletes has images

74% of images are one single image

17% at Exchange Hosted Filtering

19

Examples of Image Spam


Windows Live Hotmail Trends Spam Business Has Changed Over Time

Example of selling trends over time

Percent of email reported as spam by Windows Live Hotmail Users

4/27/2007



11


Microsoft’s Anti-Spam StrategyProtect users from unwanted and fraudulent communications

21

Education and Prescriptive Guidance Industry and Business Collaboration

Industry Business and government partnerships

Legislation and enforcement376 enforcement actions since inception of Internet Safety Enforcement team

Best practices, standards and policies

Online and offline resources

Whitepapers and case studies

Microsoft.com/security

Microsoft.com/safety

Postmaster.live.com

Sender Reputation

Servers, services and clients sharing reputation data

IP + URL + domain + user reputation

Attack detection systems

Authentication + Identity

Sender ID Framework

Outlook Email Postmark

Content Filtering

Low cost machine learning algorithm (user driven)

User Personalization

Learn from user behavior and direct feedback

Graymail, email that is wanted by some, not others

Innovative Technologies Investments Protecting 600M today - 1B by 2009

Product Logos go here!

CorporateServices

Enterprise Servers

Desk topClients

Consumer Services

Windows Live Hotmail Anti-Spam Technology

Delete

Attack Detection and

Connection Filtering

SmartScreen™Spam / Phishing / Signatures

Symantec Brightmail

Computational Proof (Outlook Postmark) Check

Sender Score Certified (Safelist provided by Return Path)

Sender ID Check

Reject Connections

User Based Filters and Lists

Updates

IP Block Lists

Inbox

Junk

SmartScreen ™ Patented Machine Learning System

User Feedback

Junk Mail Reports

Rapid Response Analysis and Metrics

Trap Accounts

Average of 4.5+ Billion emails per day90% classified as spam

4/27/2007



12


Windows Live Hotmail Anti-Spam Technology

What we’ve done to protect users and reduce spam in the inbox

New simplified UI to add users to safelist, report junk, or warn about dangerous emails

IP Throttling and block lists (reduce overall volume)

Signatures, most content based spam

What we’ve done to improve deliverability for Legitimate Senders

Volume based reputation data, IP safelist improvements

Combine Sender ID and previous reputation

Computation Proofs (Outlook Postmark)

Unsubscribe option reduces user complaints

e-mail user

Reputation andAuthentication

Attack Detection, Rules and Polices

Content Filter and Personalization


Remember, The Rules For Deliverability Have Changed

Past mailing behavior or patterns

Reputation and authentication

User feedback and unsubscribe opt-out

Clean mailing lists - know who wants your mail and who doesn't

Message header and content

Chaf

BotnetsCompromised

PC’s

Phishing Brand Fraud

Image spam

IP Reputation

Domain Authentication

User Feedback

ISP Policies Graymail

Unsubscribe

Mailing Lists

Can SPAM

4/27/2007



13


Why Reputation Matters?

Impact to legitimate e-mail senders

Content filtering alone causes unpredictable delivery behavior

Not all content filters are created equal, without reputation content rules

Reputation drives a large portion of e-mail delivery decisions

End user experience

Content Filters can be fooled, takes time to learn

Authentication and Content Filtering feed into reputation systems

User Complaints

Spam Traps

Unknown Users

Bad Mailing Lists

Sending Infrastructure

Patterns and Consistency


Why User Reputation Matters – Junk Mail ReportsEmail Classified as “Junk” by Windows Live Hotmail Users

4/27/2007



14


Why User Reputation MattersWindows Live Hotmail Feedback Loop

Feedback Loop, what is it?

Non-biased, opt-in user feedback

Data used with JMR and other sources, input into SmartScreen technology

How does it work?

Email randomly selected and sent to user

Previously deleted or delivered email

User classifies as “junk” or “not junk” e-mail

How are users selected?

Random

Multiple Languages

Why is FBL important?

Users active for 6 months

Additional input into both reputation systems and SmartScreen filtering

Good trending indication of both legitimate email or spam

10M participants

Users in 233 countries

12 langs, 60% non-U.S


Winning Back Inactive Subscribers

Ebay Transaction

Amazon Order Confirmation

HTML + Newsletter Promotion

Why User Reputation Matters – FBL ReportsEmail Classified as “Not-Junk” by Feedback Loop Users

4/27/2007



15


Why User Reputation MattersJunk Email Options for Windows Live Hotmail Users

Known Sender

User added sender to personal “safelist” or “contacts:

Images and links enabled

Allows unsubscribe option

Unknown Sender

Sender not in user safelist or contacts

User chooses

“junk”, “delete”

“mark as safe” or “unsafe”

Potentially Dangerous

Could be phishing or sender ID failure (spoofed)

User options same as unknown sender


Why User Reputation Matters Unsubscribe from Unwanted Mailing Lists

Helps users and legitimate email marketers

Best practice developed with input from users and marketers

Works for Windows Live Hotmail, not MSN Hotmail

How does it work?

Sender adds List Unsubscribe header (as specified in RFC 2369)

Users adds sender to personal “safellist”, “contact list”, or be member of Sender Score Certified global safelist

Allows user to tell senders “please remove me” from unwanted mailing lists

Does this apply to all mail sent?

Applies to email previously identified by users as wanted or legitimate

4/27/2007



16


Why Authentication Matters - Sender ID FrameworkAuthentication + Reputation = Identity

Most anti-spam solutions use reputation and authentication to aid spam filters

Authentication provides a “driver's license” for the sending domaina basis for reputation - SPF Text Record (DNS Zone file)

Provides a way to tell if the “from line” in the email was spoofed

Prevalent in phishing - PRA/Mail From Lookup

Significantly improves deliverability of legitimate email

Along with past sender reputation and user feedback

31

Sender Reputation User Feedback


Personal Reputation - IdentityOutlook 2007 Email Postmark

Problem

Individual users mail may appear like spam to filters but are legitimate

Improving deliverability & legitimacy, reducing the risk of being junked

Solution – Outlook Email Postmark

Microsoft SmartScreen analyzes the mail for content that might trigger heuristics on receiving networks

Outlook attaches a Postmark or computational puzzle on the mail before being sent, (takes 8-10 seconds of computing time), transparent to the user.

Receiving networks validate the token and apply a score to the Spam Confidence Level (SCL)

4/27/2007



17


Sender Best PracticesIncrease your chances for successful deliverability

Format a reply header to ensure subscribers see your "friendly" email address

Use a consistent "from address" and your company's name in the subject line

Add text to the top of emails asking subscribers to add you to their address book or specifically "mark as safe"

By doing so future emails will have images and links will be enabled by default

Keep mailing lists clean!

Purge old, bad, or inactive addresses from your mailing lists

Acquire names responsibly and send mail only to users that "opt-in” to receiving your email

Add text reminding subscribers where they opted-in to receive your email

Add "list unsubscribe" header offering subscribers a clean way to opt-out

Honor unsubscribe requests! Opting out should be just as simple as opting-in

Remove names responsibly without follow-up emails or extra steps.

Choose content wisely

Don’t look like a spammer

Verify URLs are look normal and point to valid domains


Sender Best Practices Increase your chances for successful deliverability

Use a reputable email service provider who has relationships with ISP's such as AOL, Yahoo and Hotmail

Be consistent – Send mail from same IP’s

Use domain authentication – Sender ID

Helps protect from spoofing and ensure your MTA is authorized to send mail

Separate traffic by brand or type of mail

Customer acquisition, customer retention and transactional should be separated

Less is more!

Send less mail more often vs. lots of mail for short periods of time

Setup, monitor and proactively manage your user feedback data

Feedback loops contain valuable spam complaint information

Monitor and manage both hard and soft bounces.

Bounce notices provide invaluable information regarding the ISP’s treatment of your mail

4/27/2007



18


Sources Of Feedback

The short list

Hotmail Postmaster Services

Microsoft JMR Program

Microsoft SNDS

Blacklist reports

Spamcop, Spamhaus

AOL and other ISP’s

AOL scomp

AOL report card

Deliverability Consultants

Habeas

Return Path

Senderbase

For ISPs

Monitor effectiveness of spam filtering

Feed internal reputation systems

Monitor outbound spam

For Senders

Monitor brand and IP reputation

Stay below complaint thresholds for good deliverability

Adjust frequency and relevance of messaging

Identify problem

For Deliverability Consultants

Feed independent reputation aggregators

Help senders fix deliverability problems


Postmaster Serviceshttp://www.microsoft.com/postmaster or http://postmaster.live.com

Services and self-help documentation to help improve email deliverability and reduce outbound spam

Junk Email Reporting Program (JMR) - Info [email protected]

Instant feedback on user complaints for list maintenance & daily reporting

Tailored to large senders remove recipients from their lists.

Senders receive any mail that is reported as junk mail.

Smart Network Data Services

At a glance deliverability reports

Measures of outbound traffic and complaints from your IP space

Isolate compromised hosts/servers

Sender ID information

Support Information including

FAQ’s and escalation options

http://www.microsoft.com/postmaster

http://postmaster.live.com/

mailto:[email protected]?subject=Partner Program Questionnaire

4/27/2007



19


Smart Network Data ServicesWhat is Smart Network Data Services?

Provides data that empowers service providers to track spam originating from within their IP space

Provides data to empower senders to track reputation

Expected Use

Detect unexpected or suspicious mail activity – spammers, botnets, malware

Improve reputation of your sending domains

What will you get?

Mail traffic data

Data representing factual information about email sent from your IP space to Hotmail

Activity over SMTP, verb and message recipient counts, and sample commands

Junk mail data

Filter results, complaint reports, spam trap hits, virus reports, open proxy status

Who’s using it?10k+ unique users with over 150M authorized IPs

Represents 48% of mail sent to Hotmail

Access

http://postmaster.live.com/snds


Smart Network Data ServicesExample

4/27/2007



20


Future: Anti-Spam RoadmapContinued Investments In The Following Areas:

Content Filtering

Continued orthogonal protection

Improve with more reputation sources

Centralized and distributed reputation

Servers, services and clients sharing central reputation data

Broad data sources and detection: IP + URL + domain + user reputation

Low latency

Authentication

Sender ID Framework

Continues to supplement reputation and content filtering

Personalization

Learn from user behavior

Direct and indirect feedback

Key to opt-in email (graymail) wanted by some and spam to others

39

Product Logos go here!

CorporateServices

Enterprise Servers

Desk topClients

Consumer Services

Shared Central

Reputation System


SendersAuthentication ALL outbound email

Manage your reputation – on your own or with help from others

Follow sender best practices – good clean mailing lists, unsubscribe, quality content

IT Infrastructure and ISP’sAuthentication both inbound and outbound email

Aggregate IP reputation to authenticated domain

Use authentication + reputation in your filtering decisions

Use SNDS, find out who is sending email from your IP space

Things to Remember

4/27/2007



21


Optimizing E-Mail Deliverability Into Windows Live Hotmail: Part II

Kelly Sieben Escalation Policy ManagerMicrosoft Corporation


Complaint Prevention Privacy And Reputation Are Tied At The HIP

Notice – Manage registration process to

meet future expectations

Give subscribers a positive choice

Give them a good idea of what they will receive

Give instructions on address book inclusion

Consent – Use the highest permission

standard you can support

Best: Double opt-in; Low bar: Confirmed opt-in

Advantages: Fewer unsubscribes, Fewer complaints, Better Reputation, Better Deliverability

Choice – Give them options Make opt-in choices granular

Newsletters, Brands, Frequency, Partner Offers

Show them examples

Frequency and Relevancy – Message

content and program relevancy impacts

behavior

Send a welcome message

Ensure appropriate mail frequency /avoid subscriber fatigue

Stay consistent

Use customization and personalization

Target messaging

Opt-Out – always respect unsub requests Make it easy to unsubscribe

Make sure it works

Global and granular choices

Ensure CAN-SPAM and EU/AU compliance

4/27/2007



22


Complaint Prevention Notice: Show New Subscribers What To Expect

Manage your customers Expectation versus Experience

What will they get?

How often will they get it?

Who will it come from?

What will it look like? Provide an example.


Complaint Prevention Choices: Give Users Options

Messages (Newsletters, Featured Offers,

Promotional, etc..)

Brands

Addresses (Which one/ones)?

Formats

Timing

Prospects/Third Party Lists

4/27/2007



23


Complaint Prevention Set Boundaries For Transactional Email

Up sell footer

Privacy Implications:Transactional Emails are “NOT” covered but…dual purpose e-mail MAY be covered under proposed FTC rules if:

Subject line focused on commercial/promotion messages

Content can be “reasonably interpreted” as being “primarily” advertising

Factors to watch:Placement of the commercial message at the

top of the message

Advertisement is clearly in higher proportion to other types of content (information or transactional information) Graphical weight (type size, font, colors, etc)

Recommendation:Consider use dedicated IP(s)

Target and Test

Monitor Complaints


Complaint Prevention Set Boundaries for Peer-To-Peer/Viral MarketingPrivacy Implications: CAN SPAM “may” apply depending on who the sender is

and is the service is being promoted.

“E-mail to a friend” - the web site operator is not the “sender” of the forwarded message.

“Tell-A-Friend…Help spread the word by forwarding this message to friends!” - the web site operator becomes the sender of the forwarded message, and assumes all the corresponding obligations.

Reputation Impacts:

User account abuse and phishing concerns

Negative PR

“The social networking site … is requesting their users' AOL, Gmail, Yahoo and Hotmail passwords, and then using them to access users' address books and send 'invitations' to join …. making them appear to come from the user. The password prompt screen includes the ISP's logo right next to the password prompt. Rather than hiding this little 'feature,' … “ / “…. does they same. They ask for your e-mail address and e-mail address password, then spam your contact list. I can't believe people will give them their password, but some actually do. Preposterous!”

“One new social networking site is a poster child for the abuse of social networking...when a user signs up…they're practically forced to put in their Webmail credentials. ….then logs into your Webmail account as you, accesses your address book and prompts you to e-mail your contacts using your Webmail address as the reply-to."

Sources: Slashdot “Deceptive Viral Practices? “ Monday March 26 and eWeek.com “Harvesting Teenagers: “ By Larry Seltzer April 10, 2007

4/27/2007



24


Complaint Prevention Set Boundaries for Peer-To-Peer/Viral Marketing

Recommendations:

Get Permission

Provide users with communication choices

Provide Clear Notice

Don’t ask for users passwords

Use Windows Live Contacts ControlClient Side tool that enables users to share their Windows Live Contacts with your site in a safe and secure way.

http://dev.live.com/contactscontrol/v0.2/default.aspx


Windows Live Hotmail Optimizing the Inbox

Known Sender

User added sender to personal “safelist” or “contacts:

Images & links enabled

Allows unsubscribe option

Unknown Sender

Sender not in user safelist or contacts

User chooses

“junk”, “delete”

“mark as safe” or “unsafe”

Potentially Dangerous

Could be phishing or sender ID failure (spoofed)

User options same as unknown sender

http://dev.live.com/contactscontrol/v0.2/default.aspx

4/27/2007



25


Windows Live Hotmail Optimizing the Inbox

Ideal ScenarioPublishing Sender ID

Known Sender (Marked as Safe/In Contact List)

Images and Links enabled for all messages

Publishing UnsubscribeHelps reduce complaints


Outlook 2007Optimizing the InboxBest Practices:

Do not use background images

Do not use CSS (cascading style sheets)

Inline style attributes are your only option

Use only basic HTML tags (For instance, to underline text, use the <u> tag, for bold use the <b> tag.)

If you’re developing content in Dreamweaver, be sure to use the validation schema for Microsoft Word 2007

More Info:Outlook 2007’s HTML capabilities

http://msdn2.microsoft.com/en-us/library/aa338201.aspxOutlook 2007 Content Compatibility Tool

http://www.microsoft.com/downloads/details.aspx?familyid=0b764c08-0f86-431e-8bd5-ef0e9ce26a3a&displaylang=en

http://msdn2.microsoft.com/en-us/library/aa338201.aspx












4/27/2007



26


Microsoft Phishing Filter

51

Dynamic protection against fraudulent websites

Built-in Vista/IE7 and Windows Live Toolbar

3 “checks” to protect users from phishing

Compares web site with local list of known legitimate sites

Scans the site for characteristics common to phishing sites

Double checks site with online Microsoft service of reported phishing sites dynamically updated

Two Levels of Warning

and Protection in IE7

Security Status Bar


Microsoft Phishing Filter Prevention of “False Warnings” a Key Goal

Built-In Online Reporting for Individuals and Website owners Website owner submits a request

Microsoft will examine the request and have a human grader make a determination on the site

Aggressive turnaround time for each request

Website owner gets confirmation e-mail after request is examined

52

http://msweb/tipsntricks/Redirect/MSWRedir.asp?countme=http://micronews/MicroNews/Articles/2005/August/08-12IE7Beta.mspx&source=HPLP

4/27/2007



27


Outlook 2007Don't look like a Phisher


Windows Live HotmailDon't look like a Phisher

4/27/2007



28


Phishing Do’s And Don’ts

Authenticate - SenderID

Domain - Use consistent naming conventions (it’s your Brand)

Avoid requests for personal information

Avoid live links in Billing Communications

Avoid alarmist messaging

Make it personal and professional

E-mail Content Web Content

Certify – SSL (Trusted Authority)

Protect - Prevent XXS Vulnerabilities

Domain - Use a fully-qualified domain name

Don’t use the @ symbol

Don't encode or tunnel your URLs

Phishing Filter FAQ:

https://phishingfilter.microsoft.com/faq.aspx


Deliverability - Top Support Drivers

Postmaster Tools

General Deliverability

Policy Based IP Blocks

Sender ID

Content Filtering

Brightmail

Other

https://phishingfilter.microsoft.com/faq.aspx

4/27/2007



29


Deliverability Troubleshooting “Whitepaper” Preview

Scenario 1: Your inbound e-mail to MSN Hotmail or Windows Live Mail users is not being delivered as expected.

Symptoms

1. Your e-mail appears to be getting blocked by MSN Hotmail or Windows Live Mail.

2. Your e-mail is being delivered to recipients’ Junk E-Mail Folders (JMF).

3. Your e-mail is bouncing or you can’t connect

Common Causes Recommended Actions

Server

Configuration

Properly configure anti-virus software on your firewall or your SMTP

Gateway

Configure your Domain Name Server (“DNS”) server correctly

Enable Reverse DNS Lookup

Be aware of MSN Hotmail and Windows Live Mail Volume Caps

Insure your outbound mail is Sender

MSN Hotmail and

Windows Live Mail

Complaint Rate

Sign-up for JMRP

Check the age of your user lists

Use Double Opt In when customers sign up to receive your e-mails

Make the Unsubscribe option easy to find and that you honor all requests

Monitor the frequency of your e-mail. Ask customers for feedback.

Are customers receiving what they originally signed up for?

Microsoft Block list If you believe your e-mail has been blocked by Microsoft check third party blacklists

Contact Support


Deliverability Issues?Windows Live Mail Support Options

Step 1 - Ensure Compliance - Make sure you are in compliance with Windows Live Policies and Technical Requirements

http://postmaster.live.com/Guidelines.aspx

Step 2 - Follow best practices and FAQ’s

http://postmaster.live.com/troubleshooting

http://www.microsoft.com/postmaster read FAQ’s and Improving Deliverability whitepaper*

Step 3 - Adopt SenderID and Keep Your Record Current

Microsoft.com/safety & Microsoft.com/SenderID

Step 4 – Join the Junk Mail Reporting Program

http://support.msn.com/default.aspx?productkey=edfsjmrpp&mkt=en-us

Step 5 – Leverage Smart Network Data Services (SNDS)

https://postmaster.live.com/snds/index.aspx

Step 6 – Contact Deliverability Support - If you’re doing all of the above.

http://support.msn.com/eform.aspx?productKey=edfsmsbl&mkt=en-us

Deliverability and Reputation Consulting Services:

Acxiom Media , Datran Media, Epsilon, Habeas, Return Path, TRUSTe, etc…

Members of www.espcoalition.org

http://postmaster.live.com/Guidelines.aspx

http://www.senderscorecertified.com/

http://www.senderscorecertified.com/


http://microsoft.com/safety

http://microsoft.com/safety

http://microsoft.com/senderid

http://microsoft.com/senderid










http://www.espcoalition.org/

4/27/2007



30


Windows Live HotmailDeliverability Optimization Summary

Complaints Drive Reputation – prevent them!

Notice/Relevancy – Ensure you users know your mail and expect it

Optimize the UIUser Safelist – Get users to mark you mail as safe / add your address to their contact list

Publish Unsubscribe

Don’t look like a Phisher

Monitor via SNDS

Join the JMRP

Complaint Issues – Make sure you are doing all the above and do analysis


For more informaiton

Postmaster Services www.microsoft.com/postmaster

JMR & SNDS http://postmaster.live.com

Sender ID www.microsoft.com/senderid

AOTA www.aotalliance.org


http://postmaster.live.com/

http://www.microsoft.com/senderid

http://www.aotalliance.org/

4/27/2007



31


How Sender ID Works


SPF ExamplesSPF Record Description

example.com TXT “v=spf1 -all” This domain never sends mail

Can also protect sub domains

example.com TXT “v=spf1 mx -all” Inbound email servers also send

outbound mail

example.com TXT “v=spf1

ip4:192.0.2.0/24 -all”

Mail originates from a specific IP

address range

example.com TXT “v=spf1 mx

include:myesp.com ~all”

Outbound email service provider is

included as an authorized sender

example.com TXT “spf2.0/pra

ip4:192.0.3.0/24 ?all”

Explicit SPF record for PRA check

• Refer to RFC4408 for complete details

4/27/2007



32


SPF Record Syntax

SPF Mechanism Description

ip4 Explicitly specify a single IP v4 address or CIDR range

mx Refer to the MX records of the sending domain or any other domainRecommend including “mx” since most inbound servers also send DSNs

a Refer to the A records of the sending domain or any other

domain

include Refer to the SPF records of another domainFor outsourced email service providersFor referring to IP addresses shared by multiple divisionsFor splitting up large SPF records into smaller components

ptr Refer to PTR records (reverse DNS) of sending IP

Discouraged due to DNS overhead

all Default when all other mechanisms fail to match


Common SPF Problems

1. Wrong version string for spf2.0 records

Incorrect Correct

“v=spf2.0 ….” “spf2.0 …”

Incorrect Correct

“v=spf1 … mx:mail1.example.com …” “v=spf1 … a:mail1.example.com ….”

Incorrect Correct

“v=spf1 a mx ip4:10.1.2.3/24

mx:example.com …”

“v=spf1 a mx ip4:10.1.2.3/24 …”

2. Use of “mx” for a mail host

3. Redundant use of “mx” for same domain

4/27/2007



33


Common SPF Problems

4. Including a non-existent SPF record

Incorrect Correct

“v=spf1 … include:nospf.com …” “v=spf1 … include:myesp.com …”

Incorrect Correct

“v=spf1 … redirect:contoso.com” “v=spf1 … redirect=contoso.com”

5. Incorrect redirect

Incorrect Correct

“v=spf1 … +all” “v=spf1 … -all” or “v=spf1 … ~all”

6. Use of “+all”