Deliverability Glossary

Terms Every Email Expert Needs to Know
AJAX progress indicator
  • Term
    Definition
  • A website that has been terminated by its hosting provider for terms of service violation is said to be "404-compliant", a reference to the 404 "not found" status code in HTTP and a parody of spammers claiming their spam is 301 compliant, referring to a bill that never made it into a law.
  • A Records are the most basic type of DNS record and are used to point a domain or subdomain to an IP address. Assigning a value to an A record is as simple as providing your DNS management panel with an IP address to where the domain or subdomain should point and a TTL.
  • Also known as split testing, an A/B test is when you test two different campaigns against each other with a portion of your audience. In some scenarios, like split testing a subject line, you can conduct a three-way, or A/B/C split test to see which performs better.
  • When a user adds a product to the online shopping cart of an e-commerce site but doesn’t proceed to checkout and complete the purchase. Users may abandon because they aren’t ready to buy. Instead, they are using their cart as more of a "wish list" as they shop around and compare prices.(...)
  • The area at the top of an email, generally encompassing what most users will see without scrolling. This part of the email is considered premium real estate because it displays as soon as the email is opened and, therefore, it is often filled with the most important content of the email.
  • An open source HTML framework developed by the AMP Open Source Project. It was originally created by Google as a competitor to Facebook Instant Articles and Apple News. AMP is optimized for mobile web browsing and intended to help webpages load faster. AMP pages may be cached by a CDN, such as(...)
  • A document drawn up by an organisation that defines proper IT system usage (network, system or website), restrictions and the responsibilities of users. While users might be aware of their organisation’s AUP – they might not fully understand the rationale behind it or understand the important(...)
  • The percentage of email messages that are accepted by the mail server. Just because an email is accepted by the mail server does not mean it will get to an inbox.
  • Any company or organization that provides End Users with access to the Internet. May or may not be the same entity which the End User uses as a Mailbox Provider. Also called Internet Service Provider.
  • It is an attack whereby cybercriminals take ownership of online accounts using stolen passwords and usernames.
  • The term Administrative Management Domain, more commonly shortened to ADMD, is used in many standards and related publications related to email. It refers to a single entity operating one or more computers within one or more Internet domain names under said entity's control. One example might(...)
  • cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information.
  • When a Domain Owner publishes a DMARC policy record that includes the rua tag with an email address, this requests that Report Generators send what are known as aggregate reports to the address provided. These reports contain statistics about all messages using the domain that record is(...)
  • When three header fields (From, ReturnPath(SPF), DKIM d=) in an email are matching, proving it is a trustworthy email coming from where it’s supposed to be coming from. Strict alignment matches exactly; relaxed alignment matches on the organizational domain level with a combination of the(...)
  • Lists or filters that your recipients can create in their respective email clients. When a sender is added to a safe sender list, their emails are more likely to be delivered to the inbox. This also helps ensure that recipients won't miss future messages that they opted into receiving.
  • The text that appears in place of an image before it’s downloaded in the inbox, or if the user has images turned off. While adding alt text to your image file is not required, it is a best practice to do so because it is the text that visually impaired people will read instead of seeing the(...)
  • AMP for email allows senders to include AMP components inside emails. The AMP email format provides a subset of AMP HTML components for use in email messages.
  • Cyber criminals pose as customer support representatives of various organisations on social media platforms, such as Twitter and Facebook. Here they can initiate an interaction with a target under the pretext of helping them whilst also extracting personal information. For example, Twitter’s(...)
  • This is data which cannot identify somebody directly or indirectly. Data is anonymised because it reduces the risk of unintended disclosure when sharing data between countries, organisations and even departments. If a breach does occur the data will be useless to any miscreants. Data can be(...)
  • An international coalition unifying the global response to cybercrime.
  • Referring to something which identifies and/or filters out messages believed to be spam.
  • Open source platform-independent SMTP Proxy server which implements auto-whitelists, self learning Hidden-Markov-Model and/or Bayesian, Greylisting, DNSBL, DNSWL, URIBL, SPF, SRS, Backscatter, Virus scanning, attachment blocking, Senderbase and multiple other filter methods.
  • An interface between computer programs that simplify the implementation and maintenance of software.
  • Asymmetric means that there are two different keys. This is also called public key cryptography, because one of the keys can be given to anyone. The other key must be kept private.
  • The Authenticated Received Chain, or ARC, protocol allows intermediaries in indirect mail flows, such as mailing lists, virus scanners, and forwarders, to preserve and convey authentication results they observed to the final recipient. This is inspired by the inadvertent blocking of legitimate(...)
  • The technical process of verifying that an email is truly coming from the sender, and not an entity pretending to be the sender, as in the case of spoofing or phishing scams.
  • The automated response from an ISP's abuse desk, when it is believed that sending out the automated response is the only action the ISP will take.
  • An AS consists of blocks of IP addresses which have a distinctly defined policy for accessing external networks and are administered by a single organization but may be made up of several operators.
  • A unique number assigned to an autonomous system by the Internet Assigned Numbers Authority (IANA).
  • Systems that automatically send a series of predefined emails
  • The percentage of email recipients that open an email message from a sender.
  • Incorrectly automated bounce messages sent by mail servers, typically as a side effect of incoming spam. Recipients of such messages see them as a form of unsolicited bulk email or spam, because they were not solicited by the recipients, are substantially similar to each other, and are(...)
  • A social engineering attack that involves the attacker leaving malware infected portable storage media, such as USB memory sticks, in locations where people will find them. The hope is that the target will insert the USB device into a computer. Once this occurs, an executable malware file is(...)
  • It is a technique used by e-mail spammers to attempt to degrade the effectiveness of spam filters that rely on Bayesian spam filtering. Bayesian filtering relies on Bayesian probability to determine whether an incoming mail is spam or is not spam. The spammer hopes that the addition of random(...)
  • Method used by spam filters to identify common elements of spam. Naive Bayes classifiers are a popular statistical technique of e-mail filtering. They typically use bag-of-words features to identify spam e-mail, an approach commonly used in text classification. Naive Bayes classifiers(...)
  • the practice of disallowing certain sender domains, email addresses, IP addresses, etc. through security infrastructure because of poor reputation in the ecosystem.
  • This occurs when a message is rejected by the recipient domain without first attempting to deliver to the inbox.
  • A common shorthand referring - in an email authentication context - to a DMARC policy that results in unauthorized messages not being allowed to reach the inbox. The policy may be "p=quarantine" or "p=reject" in this case.
  • Blocklists are used by various providers and services to track and penalize senders for sending spam. While most are low priority, there are several blocklists to watch out for, such as Spamhaus, Invaluement, Proofpoint, and Barracuda. Being on these lists can result in deliverability issues(...)
  • Birds of a Feather sessions (or BoFs) are informal gatherings of like-minded individuals who wish to discuss a certain topic without a pre-planned agenda. For example, BoFs allow groups to meet and discuss issues relating to regular conference sessions and talk out common problems facing the(...)
  • It's a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. BGP is classified as a path-vector routing protocol, and it makes routing decisions based on paths, network policies, or rule-sets(...)
  • A network of bot infected devices that is used for massive denial-of-service attacks and bulk-email attacks where a huge number of emails from one point can be blocked by the service provider. In 2016, the Mirai botnet used web-connected DVRs, IP cameras, routers and IoT devices to launch an(...)
  • Malicious procedures used by hackers to automatically flood forms with email traffic, mark emails as spam, and cause delivery issues due to non legitimate emails being put into sender lists.
  • The percentage of messages that are not accepted for delivery by a recipient domain. A contact is labeled as bounced when an email campaign that is sent to them is rejected by their receiving email server. These rejection notices indicate the email address is either invalid or inaccessible.
  • A type of DNS record that is used to display a company logo inside an email inbox.
  • A single, one-off message sent to an entire email list or a segment of an email list. The most common types include sales announcements, newsletters, and company news. One of the three major classifications of eCommerce email, along with automation and transactional.
  • A type of password attack where multiple password combinations are used to gain access to a password protected device or account. Hackers use extensive off-the-shelf password databases of commonly used passwords and password combinations. Brute force attacks work because users still use weak(...)
  • Buffers are memory storage regions that temporarily hold data while it is being transferred from one location to another. A buffer overflow (or buffer overrun) occurs when the volume of data exceeds the storage capacity of the memory buffer. As a result, the program attempting to write the(...)
  • Large scale email marketing sends in which the same content goes to a large group of people.
  • A type of cyber crime that uses email fraud/spoofing to attack organizations in order to achieve a specific goal like extracting user credentials or financial details/transfers.
  • California's Consumer Privacy Act, which gives California consumers new privacy rights and control over personal data that businesses can collect from them. Included are the rights to opt-out of the sale of personal information, their right to know about what information a business collects,(...)
  • Invitation to act which is addressed to your recipients, positioned inside a button placed in a strategic position of an email. Examples are clicking on a link, buying a product, or requesting a demo.
  • A marketing email sent to multiple recipients at once. A campaign can also be referred to as a mailing and Emma uses the two terms interchangeably.
  • The Controlling the Assault of Non-Solicited Pornography And Marketing Act is a law that sets the rules for commercial email sending in the United States. Visit CAN-SPAM Act: A Complete Guide for Business for more information.
  • Canada's Anti-Spam Legislation, the federal law that controls and is in charge of regulating and preventing spam and other various election threads. To be complaint, one must obtain consent, provide identification information and also an unsubscribe procedure. Visit Canada's Anti-Spam(...)
  • It is a web security threat in which attackers use multiple, parallel attempts to authorize stolen credit card credentials. Carding is performed by bots, software used to perform automated operations over the Internet. The objective of carding is to identify which card numbers or details can(...)
  • A derisive term used to refer to a hollow lawsuit threat with which a spammer tries to intimidate an anti-spammer. This term may also refer to the spammer's lawyer (who is usually assumed not to exist). This term is a portmanteau of the words cartoon and attorney, wherein the former term is(...)
  • Language that dictates how a web page looks. It covers layout, colors, fonts, font sizes, and more. The advantage of using CSS is that its rules can apply—cascade—across all of your web pages, reducing the time to code each page from scratch. CSS also enables responsive web design, which aims(...)
  • Address to which emails sent to non-existent mailboxes of a certain domain are redirected.
  • In Network Forensics, this is where all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage. Please check "Stop, look and listen".
  • Satirical warning that a usenet posting or other writing may contain humorous material. The C&C warning originated with the usenet group news.admin.net-abuse.email, but has spread to other groups. The warning is an admonition to the reader to secure liquid beverages (particularly hot ones)(...)
  • A type of business email compromise in which the attacker purports to be the CEO, and uses a compromised or spoofed email address to make a payment request to an employee with the authority to issue payments. The receiving bank account is usually owned or connected to the attacker. This attack(...)
  • From time to time, a spammer surfaces in the group, typically ranting about how spam control activities, such as blacklisting, amount to censorship and violate that spammer's right to free speech. These visiting spammers are referred to as chew toys (because of the slight entertainment value(...)
  • A derisive term used to refer to minor or amateur spammer. Named after a colorful and humorous description one newsgroup participant made of spammers living in trailers and eating at Kentucky Fried Chicken.
  • The percentage of subscribers who remove themselves or are removed from an email list via unsubscribing, a spam complaint, or a hard bounce (collectively known as “churn”). Calculated by adding unsubscribes, hard bounces, and spam complaints for an email and dividing by the total list size.(...)
  • method for allocating IP addresses and for IP routing. The IETF introduced CIDR in 1993 to replace the previous classful network addressing Internet architecture. CIDR’s goal is slow the growth of routing tables on routers across the Internet and to help slow the exhaustion of IPv4(...)
  • The percentage of people who click on an email link after receiving an email campaign. Email click rates measure the immediate response rate of an email, and are often used as the primary conversion metric for a campaign.
  • A metric that measures the effectiveness of your email's content. It is calculated by the number of unique clicks divided by the number of unique opens.
  • A ratio that compares how many people click a specific link to the number of total users that view a webpage or email. Its used as a metric to measure the success of a marketing campaign. To calculate your email CTR - take the number of people that have clicked on a link in your email, divide(...)
  • A website URL or email attachment that appears to be from a trusted source, but is actually connected to a source set up by a hacker. Clickbait URLs or attachments will often have alluring titles such as “salary increase” or “picture of you at party” which incite human curiosity. However,(...)
  • This occurs when an email is sent that exceeds a file size, and at which point the email mail is "clipped, and requires the user to click on a prompt to see the full message.
  • Cloudmark is a privately owned company which provides protection against spear phishing, threats, spams, viruses, phishing attack. The company is located in San Francisco. This company uses users as a feedback mechanism to identify spammers and block junk emails. Cloudmark has a Global Threat(...)
  • It's a community-based filtersystem where multiple agents submit feedback about emails to nomination servers which require multiple users to confirm the claim that an email is spam. This information is submitted to a central server known as the Trust Evaluation System which computes a(...)
  • Commonly used type of DNS entry and are used to point a domain or subdomain to another hostname.
  • Court Ordered and Legally Mandated Information Network Exchange. High-risk messages intended to inform individuals of a significant change in policy and typically include information to help individuals mitigate damage they may have, offer assistance or provide noncommercial information about(...)
  • The email version of a cold call, an email sent to a recipient who you’ve never emailed or interacted with before.
  • The ratio of unique spam complaints you receive from an email campaign to the number of emails that were delivered in the same campaign is termed as Complaint Rate. Recipients have the option to label your email as ‘This is Junk/Spam.’
  • Completely Automated Public Turing Test to Tell Computers and Humans Apart is more commonly referred to by its acronym, CAPTCHA. It is a type of challenge-response test used in computing to determine whether a user is a human or a machine. Websites use CAPTCHA to prevent spam and automated(...)
  • An organizational team that coordinates and supports the response to a computer security event or event.
  • An email, sent to a new subscriber or recipient when they provide their email address to a sender. A Confirmation Message usually notifies the recipient that their email address is going to receive messages from the sender and seeks confirmation that the recipient provided the email address(...)
  • A recipient opting in to receiving communications. They are giving their permission to be contacted by the sender.
  • A single member of your audience, uniquely identified by an email address.
  • Software lters that block email based on text, words, phrases, or header information within the email itself. The goal is to identify spam and lter to the Bulk or Junk mail folders, although this often results in “false positives”
  • The percentage of email recipients who complete a desired action, such as making a purchase, leaving a product review, or following a brand on social media. Calculated by dividing the number of subscribers who took a desired action by total emails delivered. CVR is a direct indication of the(...)
  • Small pieces of information sent from a website and are stored on a user’s computer by the web browser as text strings. Cookies can be used for session management, personalisation and tracking. They allow websites to record the user’s browsing activity, such as visited pages, and also(...)
  • As commonly used a cousin domain is a domain name that is constructed in a way to fool victims into thinking it is a different, specific domain. This can be accomplished by deliberately misspelling the domain - for example, exampl3.com would be a misleading cousin domain for example.com.(...)
  • When a user injects malicious script into an otherwise trusted website. The malicious script will then run on the victim’s web browser, often in an attempt to steal user information such as credentials, session cookies and other sensitive data. Anywhere that allows user input can be vulnerable(...)
  • A digital asset/credit/unit within the system, which is cryptographically sent from one blockchain network user to another. In the case of cryptocurrency creation (such as the reward for mining), the publishing node includes a transaction sending the newly created cryptocurrency to one or more(...)
  • use of certain mathematical techniques to show that the "signed" object has a relationship with the signer, e.g. that an email message was approved by the sender. For DomainKeys or DKIM this would mean a header in the message that can be checked against a key published under the signing domain(...)
  • It is a threat that implants itself within a mobile device or computer and then employs measures to mine cryptocurrency. Cryptocurrency is virtual or digital money, which adopts the form of coins or tokens. The most prominent example is Bitcoin, however there are around 3,000 other types of(...)
  • A standard response to a posting that is suspected to be a troll. Named after a regular poster who often wrote humorous troll posts.
  • The ability to protect or defend the use of cyberspace from cyber attacks.
  • Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction,(...)
  • The Cybersecurity Law of the People's Republic of China, (Chinese: 中华人民共和国网络安全法) commonly referred to as the Chinese Cybersecurity Law, was enacted by the National People’s Congress with the aim of increasing data protection, data localization, and cybersecurity ostensibly in the interest of(...)
  • Any event where confidential data is viewed, transmitted, stolen or used by an unauthorised individual. Data breaches are often caused by user error, lost or stolen devices, data-stealing malware, targeted attacks or malicious insiders.
  • An unintentional release of confidential information to an untrusted environment. An increasingly large number of data leaks can now be attributed to social engineering attacks or plain human error.
  • An entity that collects or processes data for a data controller.
  • The Data Security Law of the People's Republic of China (Chinese: 中华人民共和国数据安全法; pinyin: Zhōnghuá rénmín gònghéguó shùjù ānquán fǎ; referred to as the Data Security Law or DSL) governs the creation, use, storage, transfer, and exploitation of data within China. The law is seen to be primarily(...)
  • A static IP address that is only used to send email on behalf of one sender/company/brand, which is responsible for the content of all the messages sent from that IP.
  • This occurs when messages are held up at the domain level for a period of time, before being accepted and routed for delivery - or rejected.
  • Also called Inbox Placement, it's the measurement of an emails success in reaching a contacts inbox. Overall email deliverability is impacted by many factors, including list quality, IP and domain reputation, content, and identification as spam via complaints.
  • Delivery tells you whether or not your emails were received by the servers of your subscribers inbox providers. An email counts as delivered if it did not bounce. It does not take into account other details (placement for example) - thats where deliverability comes in. It is the Total Number(...)
  • process of advancing DMARC domain policies from p=none to p=quarantine to p=reject.
  • A broadcast email that rounds up and/or summarizes information, sales, or links. It could include things like blog posts, user activity, transactions, or news. Digests can be personalized to a user (e.g., “A summary of your usage from June”) or sent to an entire list or a segment of a list(...)
  • Any marketing that uses electronic devices to convey promotional messaging and measure its impact. In practice, digital marketing typically refers to marketing campaigns that appear on a computer, phone, tablet, or other device. It can take many forms, including online video, display ads, and(...)
  • The activities of sending emails for advertising purposes.
  • A type of direct marketing that’s delivered physically to a prospect’s mailbox through the Postal Service or other delivery service. Postcards, flyers, and catalogs are common examples. Email marketing is the digital equivalent.
  • Marketing that is delivered directly to the customer via the company selling a product. It’s often called direct response marketing. It typically includes a call to action (CTA) requesting a desired response such as calling a phone number or visiting a website to learn more and buy the(...)
  • A list of email addresses where some or all of the addresses were obtained using poor acquisition and opt-in practices and/or where some or all of the addresses have not been kept up-to-date over time. For instance, this might be the result of poor handling of hard bounces, poor handling of(...)
  • The Display Name, also referred to as the "Friendly From," is half of the From: header defined in RFC5322. While the address field of that header is used for routing the message to it's destination, the Display Name is what the recipient's Mail User Agent (MUA) will most often show to the(...)
  • Traditionally there is no provision to make sure the Display Name and Address Field portions of the From Header refer to the same entity. Bad actors have exploited this by using one address in the Address Field, which the user won't see, and including a completely different address in the(...)
  • Anti-spam content filter that runs on a variety of operating systems. The counts can be used by SMTP servers and mail user agents to detect and reject or filter spam or unsolicited bulk mail. DCC servers exchange or "flood" common checksums. The checksums include values that are constant(...)
  • A nefarious attempt to disrupt normal traffic of a network by overwhelming the infrastructure with traffic.
  • a group of mail recipients that is addressed as a single recipient. Distribution lists are used to send e-mail to groups of people without having to enter each recipient's individual address. A distribution list is different from an e-mail list in that members cannot reply to the distribution(...)
  • when the domain from the d= value of DKIM authenticated signature and the RFC 5322 (from) match.
  • when the visible FROM domain in an email matches with at least the DKIM d= or SPF/ReturnPath domain.
  • the components of the DNS TXT record: Tag v: version of DMARC. A mandatory tag so ESP knows how to process the record. Tag p: policy for the domain. A mandatory tag so ESP knows what to do with emails that fail alignment. Modes: none, quarantine, reject, none (only reports); quarantine(...)
  • The attacker “poisons” the DNS cache of a DNS server with incorrect routing information. This results in DNS requests that resolve to the attacker’s proxy server and browser requests being surreptitiously redirected to a malicious domain where the login credentials and other sensitive(...)
  • It is an attack in which altered DNS records are used to redirect online traffic to a fraudulent website that resembles its intended destination.
  • An Internet security protocol allowing TLS certificates to be bound to domain names using Domain Name System Security Extensions (DNSSEC).
  • An organization’s centralized authority that performs the procurement, management and monitoring of Internet domains.
  • An email authentication/policy/reporting protocol that is designed to give email domain owners the ability to protect their domain from unauthorized use. There are three policies that a domain administrator can implement (none, quarantine, reject) - and mail will be filtered or blocked based(...)
  • The Internet's system for converting alphabetic names into numeric IP addresses. For example, when a URL address is typed into a web browser, DNS servers return the IP address of the Web server associated with that name. DNS plays a critical part in enabling email authentication systems. In(...)
  • A set of specifications designed to secure DNS information.
  • This term refers to the person or organization that currently holds a given Internet domain according to the relevant registrar. Note that the Domain Owner may engage or allow another entity to manage or operate the domain, on their behalf or for their own purposes. Therefore in the context of(...)
  • The overall health of your branded domain as interpreted by mailbox providers. This reputation is determined by various factors such as engagement, spam complaint rates, spam traps, and bounce rates.
  • DMARC is a technical specification that allows Message Senders and Message Receivers to cooperate and thereby better detect when messages don't actually originate from the Internet domain they claim to have been sent from. It does this by allowing the Domain Owner to indicate they are using(...)
  • Domain Connect is an open standard that makes it easy for a user to configure DNS for a domain running at a DNS provider to work with a Service running at an independent Service Provider. The user can do so without understanding any of the complexities of DNS.
  • Domain Keys, or DK, is a signature-based Email Authentication technique originally created by Yahoo!. It is documented in RFC4870, but note that it has been superseded by DKIM.
  • An authentication piece which supports transparency by identifying the sender of a message, and providing a "signature" by way of a key that verifies the sender as legitimate and allows ESPs to send their behalf.
  • A process for confirming that recipients want your email. Involves recipients confirming their subscription via a form, email, clicking a link, or other means.
  • The release of confidential personal or organisational information from a compromised computer or storage device into the public domain. An infamous case of doxing involved 11.5 million leaked documents of the Panamanian law firm Mossack Fonseca.
  • Series of emails that are pre-scheduled as per set behaviourial triggers. For instance, when a new user signs up, a welcome email is automatically sent. Next, onboarding emails are sent after a certain time gap. In drip email campaigns, one can schedule when the next email will be sent. If(...)
  • A transactional email used to notify customers about problems related to payment (e.g., the credit card on file for a recurring charge has expired).
  • content that can be displayed and triggered based on subscriber’s data.
  • E-commerce is the buying and selling of goods and services using the internet. It starts when a potential customer learns about a product. It continues through purchase, use, and, ideally, ongoing customer loyalty. Data powers the most successful e-commerce operations, which take advantage of(...)
  • A process that enables email addresses with either the domain name or mailbox name in different languages and scripts to work properly when sending and receiving emails. These may include email addresses represented in Arabic, Chinese, Cyrillic, Hebrew, Japanese or Tamil scripts. For instance,(...)
  • All the technologies and metrics used to measure email programs.
  • An email, or series of emails, sent out automatically when triggered by a customer action (e.g., abandoning a cart) or event (e.g., a customer’s birthday). One of the three major classifications of eCommerce email, along with broadcast and transactional.
  • A single, one-off broadcast email sent to a large group of recipients. This term now has a slightly negative connotation, as “blast” can indicate the email lacks proper segmentation or personalization.
  • The software that recipients use to read email. (Examples: Gmail, Yahoo!, Hotmail, Outlook, MacMail, AOL, etc.)
  • The process of obtaining lists of email addresses from various sources (forums, search engines, etc.) in order to send illegitimate bulk email campaigns.
  • Occurs when a bad actor takes control of a user’s email address via unauthorised means such as credential harvesting. Once they have control, they can prey on the user’s contacts list to propagate phishing emails and malicious download links. Email hijacking can be an extremely potent attack(...)
  • The act of sending a commercial message, typically to a group of people that make up an audience, using email.
  • The number of people waiting to receive a live email
  • Platform designed to send different types of emails on behalf of customers. Salesforce, ActiveCampaign, MailChimp, and Constant Contact are some examples.
  • It is the process of cleaning your mailing list by removing fake, invalid, sensitive or unusual emails is called email verification. It is advised to verify your email list every 3 months.
  • The process of encoding information so that only authorized parties can access it, helping to protect the data you send, receive, and store. Encryption takes readable, plaintext data and encodes it into an unreadable format.
  • A customer of a Mailbox Provider.
  • The various ways in which a contact interacts with your emails - opens, clicks, and responses to name a few. It is a key tenet of deliverability, and is crucial to keeping sender reputation high.
  • An ethical hacker (“white hat hacker”) is an information security professional who has the same skills and uses the same technologies as a malicious hacker (“black hat hacker”) to discover vulnerabilities and weaknesses in an organization’s systems. A black hat hacker operates without the(...)
  • Explicit permission, voluntarily given by a user, to receive marketing email messages from a company. Express consent is required in many jurisdictions in order for companies to legally send marketing emails to customers. It is not required for transactional emails.
  • In November 1995, RFC 1869 defined Extended Simple Mail Transfer Protocol (ESMTP), which established a general structure for all existing and future extensions which aimed to add-in the features missing from the original SMTP. ESMTP defines consistent and manageable means by which ESMTP(...)
  • A human- and machine-readable coding language that adds structure, meaning, or context to a text document. Extensible markup language (XML) ranges from very simple to highly complex (hence “extensible”). Today’s version of HTML is a specialized example of XML. Schema markup is an example of(...)
  • Occurs when a spam message is incorrectly placed in the inbox.
  • Occurs when a legitimate permission-based email is incorrectly filtered or blocked as spam.
  • A process which allows a sender to receive a report every time a recipient clicks on the mark as spam button. Mailbox providers deploy email feedback loops in order to reduce the spam received by their end users. The system is provided so that senders can identify and address the problems(...)
  • FUSSP is a label sometimes applied to a mechanism whose ability to block spam and/or phishing has been overhyped. It is sometimes used with a tone of gentle amusement, as when an idea tried and found lacking several times is introduced yet again. At other times it has been used as a term of(...)
  • Spamming method where they attempt to send spam to one or more MX hosts for a domain, but never attempt a retry.
  • A boundary or a wall to keep intruders from attacking the network. The firewall is a network device that is in between a private network and the internet. The firewall is configured to inspect network traffic that passes between the network and the internet. We can assign rules or protocols to(...)
  • The bottom portion of an email where companies usually put an unsubscribe link and legal information. This section often also includes links to sections of an eCommerce website and social media.
  • these reports, also knows as RUF, define who is trying to send failed emails. Forensic reports include additional information such as the subject line and header information as well as any URLs (URIs) included in the message. Even though the reports can be redacted, some report generators do(...)
  • The action of forwarding a message to another user
  • A DNS technical configuration that shows a relationship exists between an IP address and a hostname. By having FCrDNS, you prove that your IP address is using a sending domain that you own. This relationship provides a form of authentication that some mailbox providers use in their spam filter(...)
  • Spammers claim the right to distribute unsolicited bulk mail as part of their right to free speech under the United States Constitution. After one such person repeatedly misspelled it as "frea speach", newsgroup participants who argued that the right to free speech refers to the right to not(...)
  • The From: Header is defined in RFC5322 and has two parts - the Display Name and the Address Field. The Address Field includes the email address itself, e.g. user@example.com, which is used to determine how to deliver the message. The Display Name or "Friendly From" is intended to hold a more(...)
  • Fully qualified domain name where a domain has both an A record (IP) and PTR record (hostname) that match.
  • General Data Protection Regulation, a regulation on data protection and privacy standards in the EU. It requires businesses to protect personal data and privacy of citizens for transactions and communications that occur between the member states of the European Union. Learn more about GDPR.
  • General Law for Personal Data Protection, a law that is applicable to companies and individuals who use personal information belonging to Brazilians located in Brazil at the time the data is gathered. The law considers any information related to a person as personal data. Actions that can be(...)
  • Solicited bulk email messages that do not fit into the category of email spams. They are not read by the recipients for a long period and sometimes are never read. Greymail can also be defined as an email you want but not in the present. These emails are not spam, as users have subscribed to(...)
  • A technique used by some Mailbox Providers and email receivers to thwart spammers. A receiving mail server using greylisting will temporarily reject any email from a sender it does not recognize. The receiver presumes that if the sender is legitimate, the originating server will most likely(...)
  • Hacktivism uses cyber attacks based on political motivations who use cyber sabotage to promote a specific cause. As opposed to the hacking industry intent on data theft, hacktivism is not motivated by money and high visibility is key. Hacktivisms are motivated by revenge, politics, ideology,(...)
  • The opposite of spam, it identifies all legitimate emails
  • Occurs when the address/domain doesn't exist at all. This can be caused by anything from typos to deleted user accounts. If you receive a hard bounce, immediately removing them from your list is the best course of action, as a hard bounce indicates a permanent reason that an email cant be(...)
  • Hash blocklists focus on email content. They help filter malicious email from large ISPs that can't be filtered by IP or domain blocklists. Additionally, they can be used to block emails containing malware files and cryptowallet addresses.
  • Hash cash is payment in burnt CPU cycles by calculating n-bit partial hash collisions on chosen texts. The idea of using partial hashes is that they can be made arbitrarily expensive to compute (by choosing the desired number of bits of collision), and yet can be verified instantly. This(...)
  • Contains identify routing information of the message, including the sender, recipient, date and subject. Reviewing email headers and source code can help identify potential delays, issues, or reasons for a mail not being delivered.
  • A visual representation of data that uses color to communicate areas of highest use or likelihood. A click map is a special type of heat map that shows which parts of web pages receive the most clicks. Using a scale of red (“hot”) to blue (“cold”), areas where people look or click the most are(...)
  • HMAC with SHA-256
  • A honeypot is a security mechanism that creates a virtual trap to lure attackers. An intentionally compromised computer system allows attackers to exploit vulnerabilities so you can study them to improve your security policies. Email Honeypots (Spam Traps): Inactive email addresses set up(...)
  • It is a Web attack evasion technique that allows an attacker to craft a HTTP request in order to manipulate or retrieve hidden information. This evasion technique is based on splitting an attack vector between multiple instances of a parameter with the same name. Since none of the relevant(...)
  • The technical language used to inform web browsers how to display email data and web pages. In email marketing terms, an HTML message is an email that contains any type of formatting other than just text, including images, logos, and colors.
  • Identifier alignment is a requirement formulated in DMARC that imposes extra conditions on the identifiers used by the DKIM and SPF protocols. Specifically, it requires that any domain identifiers used by the authentication checks these protocols perform must also match or align with the(...)
  • Derived from a user taking an action that indicates a business interest in a company and, therefore, that the user is receptive to receiving email correspondence from that company. Business interest in a company could include buying a product or adding a product to a cart. With implied(...)
  • Can be defined as the rate of email messages that are delivered to the inbox, versus the spam folder. The formula for inbox placement rate is the number of emails delivered to the inbox divided by the total number of emails sent.
  • Modern day IT security does not just come under the remit of the IT department. Instead, it is everyone’s job. It can greatly enhance an organisation’s security posture if incident reporting policies create an easy way for employees to report suspicious emails, SMS messages, telephone calls,(...)
  • Organisations should develop contingency plans in preparation for a possible data breach. These should contain information, such as how individuals should be notified about the breach, how the breach is to be reported and whether remedial services, such as credit monitoring, should be provided(...)
  • This refers to a mailflow that passes through some form of intermediary - a mailing list, a forwarding service, or similar email service where messages are resent in some form. Depending on the service in question, there may be trivial or significant changes made to the message before it is(...)
  • The actual hardware which is used to deploy your emails or to have your emails implemented by an Email Service Provider (ESP) on your behalf. The hardware is called as Mailing Transport Agent (MTA).
  • Any operator or service that handles an email message it receives from one ADMD and passes on to another ADMD for delivery. An intermediary may make changes to the message before passing it on, which might range from trivial header manipulation to wholesale reformatting of the message.
  • It's the premier Internet standards body, developing open standards through open processes. The IETF is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the(...)
  • Protocol to retrieve mail from a mail server. The server syncs the contents of the mailbox and the devices that connect with it. Messages remain on the server.
  • Companies that provide access to the internet to both personal and business customers. Oftentimes, these providers also provide email inboxes to their customers as part of their service. Verizon Media and Comcast are examples of ISPs.
  • Used to distinguish senders, websites, etc. and allow the transfer of information between addresses.
  • Blocks and listings that occur on a specific IP.
  • Based on various metrics a mailbox provider has historically seen from that IP address and how users engage with mail that originates from it, both positively and negatively.
  • The act of sending out spam made to look like it came from a person or organization which the spammer dislikes. Spamhaus, SpamCop and other anti-spam organizations are often the victims of these, as are some individual anti-spammers. Being Joe-jobbed is usually taken as a sign that the victim(...)
  • A common file format of images.
  • Microsoft’s Feedback Loop program. It is used by Outlook.com.
  • Key performance indicators (KPIs) are quantifiable measures that help businesses evaluate their progress toward achieving important objectives. Although different businesses use different metrics, KPIs are always central to understanding how your company is performing and how you can improve(...)
  • The regular replacement of older DKIM keys with newer DKIM keys. It minimizes the period during which attackers may be able to compromise a private key, as well as the time for which a compromised key will be valid.
  • A lead-capture page on your website that is linked to from an email to provide additional information directly related to products or services promoted in the email's call-to-action.
  • potential customer of a given product or service, generated when a marketing initiative allows obtaining useful information from the user in order to establish a contact
  • Emails automatically sent at different points of the customer journey; a subset of automations. Pre-sale lifecycle emails include a welcome series to subscribers and cart abandonment emails; post-sale lifecycle emails include review requests and loyalty reward programs; and lapsed customer(...)
  • The average amount a customer will spend with an eCommerce store during their time as a customer. Calculated by multiplying the average number of purchases a customer makes in a year by the average purchase value—then multiplying the result by the average customer lifespan (in years). Lifetime(...)
  • An email professional who connects businesses with large lists to email marketers who want to market to that list
  • Number of contacts who have unsubscribed from a service
  • It's a condition which produces diminishing returns from a mailing list whose members have been sent just too many offers or too many emails on the same offers, in very short a period. It results in the email marketing campaign not being effective to mobilize attention and financial gains.
  • The metric to measure how fast an email list is growing. Calculated by taking the number of new subscribers in a defined period (often a month or a quarter), subtracting the number of churned subscribers in that period, then dividing by the total number of email addresses on a list at the end(...)
  • This is a process where you remove inactive, bounced, and other non-engaging email addresses from your lists on a consistent basis. Keeping subscribers on your email list who have no interest reduces your deliverability rates.
  • Practice where an advertiser or publisher pays the owner of a list for access to the entire email list they possess. The publisher or advertiser would then be the owner of the list and send it over to their system to send emails. This practice is usually one of the worst ways to gain customers(...)
  • In list renting, an advertiser or publisher pays the email list owner to send email messages to its list. But the advertiser or publisher cannot gain access to send emails to the list unless the users opt-in to their email program. The list owner sends email messages in place of the advertiser(...)
  • Spammer practice aimed at cleaning up the list of users who complain or spam traps. What is a spam trap? Read on to find out.
  • Mailbox providers that support the functionality (such as Gmail) may display an unsubscribe button in the user interface or implement backend functionality to help manage unsubscribe requests.
  • The act of responding to complaints by removing the complainer's email address from the spammer's list, without taking any further actions against the spammer.
  • Spam Trap controlled by a real person (a Spam Hunter) and that didn't subscribe to commercial mails (or were added to specific lists in a way that it’s easy to track down the source of the «leak»).
  • A group of connected computers and network devices.
  • In the context of DMARC, the term Local Policy refers to any internal policy or reason a Message Receiver may have for not enforcing a Blocking Policy published by the Domain Owner for a particular message. It is often indicated as a message like "local policy override" for messages that(...)
  • A tongue-in-cheeck conspiracy theory that claimed anti-spammers were secretly paid agents of lumber companies.
  • This record includes the mail server responsible for accepting email messages on behalf of a domain name.
  • Software that transfers electronic mail messages from one destination to another.
  • – a standard to improve the security of SMTP by enabling domain names to opt into a strict transport layer security mode that requires authentication (valid public certificates) and Transport Layer Security (TLS).
  • MUA allows users to retrieve and send emails from their computers. Examples of Mail User Agent are Netscape Messenger, Microsoft Outlook, and Eudora. They are components present in the SMTP system which is responsible for creating email messages for transfer to an MTA.
  • Companies who offer email inboxes for their customers and consumers. The level of sophistication in regards to filtering is more comprehensive as opposed to ISPs. Gmail and Hotmail are examples of mailbox providers.
  • A group of messages that share some feature or characteristic in common. Typical examples would be all messages sent by a company to it's customers, between two companies or departments, from members of a mailing list to each other, or between two individuals.
  • list of addresses to which emails are periodically sent by a single sender
  • Spam coming from a notable or well-known ("mainstream") company.
  • A party that takes actions detrimental to the sender or receiver of messages, an organization, or the Internet at large. It is a fairly broad term because the number of malicious things that can be done with, to, or through email is rather large and difficult to document. A Spammer might be(...)
  • Anything in a message that will do harm to the Recipient, or the computer and networks they use, may be referred to as Malicious Content. This typically includes the various ways of including viruses and similar content in an email message, but sometimes the term may be used to refer to(...)
  • The injection of malicious or malware-laden advertisements into legitimate online banner advertising networks. Banners of popular websites, such as The New York Times, the BBC and Yahoo, have all been the targets of malvertising. Just because a website might seem reputable, it does not mean a(...)
  • An umbrella term used to describe any malicious software. Traditionally, the target of most malware attacks has been personal computers that run Windows or Apple operating systems. But now malware is being increasingly targeted at mobile devices that run Android and iOS. In August 2016,(...)
  • A company that offers cybersecurity services to customers. MSSPs offer cybersecurity management that can include email authentication, DMARC, firewalls and virtual private network (VPN) administration.
  • The process of an email marketing software sending email campaigns to your customers and prospects based on a set of triggers you’ve pre-defined.
  • In the transmission of an email message from one ADMD to another, this is the organization receiving the message on behalf of the intended recipient or end user. The Message Receiver may do this because the intended recipient utilizes mailbox services offered by the Message Receiver (Comcast,(...)
  • In the transmission of an email message from one ADMD to another, this is the organization sending the message on behalf of the Originator or end user.
  • receives email messages from a mail user agent (MUA) and cooperates with a mail transfer agent (MTA) for delivery of the mail. The MTA accepts incoming mail, while the MSA accepts outgoing mail. Using a specific submission server is a requirement when sender policies or signing practices are(...)
  • It occurs when a recipient of a message complains about or reports a message as abuse. The most frequent mechanism for this is by clicking on the Spam button in a Web interface or MUA (mail user agent). However, it can also involve opening a ticket with a Mailbox Provider’s support or abuse(...)
  • – an organization where the industry comes together to work against botnets, malware, spam, viruses and DoS attacks.
  • It is a computer security project that provides data about security vulnerabilities and assists penetration testing. It is owned by Rapid7, a US-based cybersecurity firm. A notable subproject of Metasploit is the open-source Metasploit Framework—a tool used to develop and run exploit code on(...)
  • A large network that typically spans several buildings in the same city or town.
  • Email mis-delivery is a common cause of data breaches. This user error can occur when a user inadvertently sends an email containing sensitive data to the wrong recipient. Mis-delivery errors can also occur when the recipients of bulk emails have their names and email addresses exposed to(...)
  • Passwords have an inherent weakness as they can be stolen, guessed or brute-forced. As a result, hardware manufacturers and software providers decided this more secure authentication solution was needed. With multi-factor authentication, the user must authenticate by using two or more separate(...)
  • This is an extension of the original email protocol that allows people to send different file formats back and forth.
  • Testing more than one variable at a time (ex. subject line and call to action) as opposed to the same variables (ex. Subject line vs. subject line in an A/B test)
  • A list of anti-spam activists published by Sanford Wallace (also known as Spamford Wallace).
  • type of email sent with a certain frequency to a certain group of subscribers. Their nature is informative and relational. They are meant to attract more people to your website, share information, and strengthen a sense of community.
  • Received email may not be handled only by a human. It may be partially or even fully handled by a software program. Anti-spam software and bots can automatically click links in emails affecting the performance metrics of their email messages and reporting systems.
  • Hackers or social engineers can hide infected domains or malicious code behind official looking or shortened URLs or attachments.
  • A marketing technique of educating new customers or clients in your business’s strengths and features. Welcome emails are common examples of onboarding.
  • An online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.
  • Providing the option for subscribers to choose to receive fewer emails from a company, rather than outright unsubscribing.
  • The process of a recipient indicating that they wish to receive the messages from this sender.
  • Email marketing that assumes a general permission to send marketing messages to everyone who has not explicitly stated that they do not want to receive such information. Illegal in many countries, it's a spammer behaviour.
  • When a recipient opts out, it means they no longer wish to receive communications from a specific sender.
  • DNS provides a hierarchical relationship between Internet domains. The organizational domain concept complements this by identifying the top-level or shortest domain that is still within a given organization. For instance Example Corp operates the domain example.com, and uses the sub-domains(...)
  • The Originator is the author of a given email message. In different contexts it may refer to the end-user, application, or service that created the message; or to the ADMD providing email services to that party.
  • A bounce that occurs after the Simple Mail Transfer Protocol (SMTP) conversation has concluded. For example, Server A sends an email to Server B, then Server B accepts the email and closes the connection to Server A. Server B later realizes it does not recognize the email address, so it(...)
  • Although Bill Gates might have predicted the demise of the password over a decade ago, the humble password is still the primary means of authenticating endpoint devices, on-premise computers and cloud services for a substantial number of users. End-users must be made aware of the risks of(...)
  • The act of sending relevant email content to targeted lists of people who have signed up to receive emails from a certain company or brand.
  • The Personal Information Protection Law of the People's Republic of China (Chinese: 中华人民共和国个人信息保护法; pinyin: Zhōnghuá rénmín gònghéguó gèrén xìnxī bǎohù fǎ) referred to as the Personal Information Protection Law or ("PIPL") protecting personal information rights and interests, standardize(...)
  • The act of automatically adding information to an email unique to the recipient. While personalization can include using merge tags to include a name (e.g., “Hi Lauren, here’s a special deal just for you”), more advanced and effective personalization can include targeted cross-sells and(...)
  • Any information, such as date of birth, credit card details, home address, driving license information etc., can be classified as PII. There is a thriving black market for PII on the so-called “dark web”, which can be used for identity theft and fraud.
  • A attack that directs traffic from a legitimate website to an attack site, often configured so that it very closely resembles the original. For example, a DNS server might be hacked and it’s IP routing information is modified to redirect the traffic. The domain name will show correctly in the(...)
  • Sending fraudulent emails under the guise of pretending to be a reputable company or sender. These emails are used to target and obtain an individual's personal information.
  • Framework that correlates user attributes, such as culture, age, gender and experiential factors (technology savviness and professional experience), to phishing attack susceptibility.
  • A contract for internet services or hosting that makes it difficult to impossible to terminate the contract for spamming.
  • pointer record that lists a human readable name/hostname for an A record/IP address
  • A file format commonly used online and in email messages.
  • An Internet standard protocol which is used by local email customers to retrieve emails from a remote server over a TCP/IP connection. The POP server stores incoming messages until the client logs in and downloads the email message to their PC or laptop.
  • Certified email (known as Posta elettronica certificata in Italy, or PEC in short) is a special type of email in use in Italy, Switzerland, Hong Kong and Germany. Certified email is meant to provide a legal equivalent of the traditional registered mail: by paying a small fee, users are able(...)
  • The persons or entities responsible for managing a specific mail server.
  • A page on your website or a page hosted by your email service provider. Preference centers let subscribers edit their information and control how often they receive emails from you.
  • it's an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann(...)
  • A setting that desktop and webmail email clients oer that allow users to preview content without actually clicking on the message.
  • Email addresses which are specifically used by Blacklists, ISPs and MBPs to identify and reject senders who have obtained these addresses through illegitimate means.
  • Privacy and Electronic Communications Regulations (PECR), A law, in effect as of 2013, that establishes standards, rules, and requirements for emails sent to U.K. residents and/or sent by U.K. companies.
  • One of the optional organizational tabs implemented by Gmail in 2013 to automatically sort and separate inbox messages into different categories. Around one-third leave them enabled, and most eCommerce brand emails will be sorted into the Promotions tab. The advent of the Promotions tab caused(...)
  • Potential customer that has not yet been acquired. Unlike leads, who are only potentially interested and may only register for information without the desire to buy anything, prospects are truly interested users.
  • It's a catalog of certain Internet domain names. Entries on the list are also referred to as effective top-level domains (eTLD).
  • While QR codes may seem innocuous, the information encoded in them can be used to open a URL, send a text message or compose an email. This often automatically executes an action in the related application as soon as it is scanned.
  • Quoted-Printable, or QP encoding, is a binary-to-text encoding system using printable ASCII characters (alphanumeric and the equals sign =) to transmit 8-bit data over a 7-bit data path or, generally, over a medium which is not 8-bit clean. Historically, because of the wide range of systems(...)
  • Malware that attempts to extort money from a user or organisation by taking control of the victim’s machine, files or documents. Ransomware, such as Wannacry, Petya or Locky, and their variants can propagate from just one infected system and infect a whole network. In most cases, ransomware(...)
  • Mass email software that generates, sends, and automates spam email sending changing email header information. Ratware programs make it easy for bad actors to send thousands of malicious emails.
  • Anti-Spam system created by VIPUL VED PRAKASH and laid the foundation for Cloudmark's anti-spam. The first prototype of this system, dubbed Vipul’s Razor, was released as an open source project in 1998.3 In 2001, along with a major update (Razor2), VIPUL VED PRAKASH and ADAM O’DONNELL(...)
  • It is an email campaign sent to inactive and non-responding accounts to engage them with your emails again in the form of conversations, opens, and clicks. It can be sent as a stand-alone campaign or in the form of series of campaigns. Start with your re-engagement campaigns right away.
  • CAPTCHA system, owned by Google, that enables web hosts to distinguish between human and automated access to websites. The original version asked users to decipher hard to read text or match images. Version 2 also asked users to decipher text or match images if the analysis of cookies(...)
  • receiving servers that accept messages to be delivered to inboxes. Receiving servers decide what to do with messages because not all emails are accepted and might go to junk/spam.
  • The Mail Transport Agent that the Mailbox Provider is using to receive mail messages.
  • An email recipient is an individual who has opted-in to receive email from either an individual or a business. If an individual receives an email from a business, the email recipient has likely signed up through the business’ website in order to receive information, alerts, and other business news.
  • Old email addresses which are no longer in use are re-purposed to catch abusive mail and spammers.
  • A RAT is a piece of malware that provides a backdoor for the administrative control of the target. The goal of some phishing attacks is to install a remote access trojan onto the target’s computer. This enables the attacker to steal sensitive information, spy on victims and potentially access(...)
  • How a message is rendered on a particular mail client
  • It is the address that will receive the emails from the users when they reply to the email sent to them. It can differ from the “from” address.
  • A Report Generator is any organization that prepares DMARC aggregate reports or failure reports, and sends them to the address(es) specified in the rua and ruf tags of a domain's DMARC DNS record. This is usually something done by a message receiver, but it could also be a partnered, hosted,(...)
  • This term refers to an organization that receives the DMARC reports (aggregate or forensic) being sent to a given domain from Report Generators across the Internet, and processes them. This can be a function within the organization owning or operating the domain, or a service provided by an(...)
  • a server that receives email to be delivered to inboxes and generates RUA and RUF reports. Not all RUA reporters send RUF reports.
  • It is a numbered document, which includes appraisals, descriptions and definitions of online protocols, concepts, methods and programmes. RFCs are administered by the IETF (Internet Engineering Task Force). A large part of the standards used online are published in RFCs.
  • body responsible for assigning and administering IP addresses in Europe.
  • the design of an email that adapts to the size of the screens the user is reading from.
  • A measure of how much revenue emails are bringing in compared to the investment in those emails. Calculated by revenue generated by email marketing divided by the money invested into email marketing. (The result can then be multiplied by 100 to express as a percentage.) Email marketing(...)
  • An email header that indicates where and how bounced emails will be processed.
  • It is the process in which an IP address is matched correctly to a domain name instead of its reverse. It is a popular method of catching spammers. Spammers use invalid IP addresses which are detected easily by a reverse DNS. Emails may get rejected if the program or spam filter fails to match(...)
  • It's an attempt to egregiously misuse the UDRP to unjustly seize a domain name from its lawful owner.
  • A scenario whereby the target approaches the attacker for assistance. For example, a virus notification warning may appear on the target’s computer with an accompanying number to call for assistance, whereby they are socially engineered for their credit card details, network authentication(...)
  • DOMAIN NAMES - CONCEPTS AND FACILITIES. This RFC is an introduction to the Domain Name System (DNS), and omits many details which can be found in a companion RFC, "Domain Names - Implementation and Specification" [RFC-1035]. That RFC assumes that the reader is familiar with the concepts(...)
  • SMTP Service Extensions This memo defines a framework for extending the SMTP service by defining a means whereby a server SMTP can inform a client SMTP as to the service extensions it supports. Extensions to the SMTP service are registered with the IANA. This framework does not require(...)
  • MAILBOX NAMES FOR COMMON SERVICES, ROLES AND FUNCTIONS This specification enumerates and describes Internet mail addresses (mailbox name @ host reference) to be used when contacting personnel at an organization. Mailbox names are provided for both operations and business functions.(...)
  • The Use of URLs as Meta-Syntax for Core Mail List Commands and their Transport through Message Header Fields The mailing list command specification header fields are a set of structured fields to be added to email messages sent by email distribution lists. Each field typically contains a(...)
  • Simple Mail Transfer Protocol This document is a self-contained specification of the basic protocol for the Internet electronic mail transport. It consolidates, updates and clarifies, but doesn't add new or change existing functionality of the following: - the original SMTP(...)
  • Internet Message Format This standard specifies a syntax for text messages that are sent between computer users, within the framework of "electronic mail" messages. This standard supersedes the one specified in Request For Comments (RFC) 822, "Standard for the Format of ARPA Internet Text(...)
  • Enhanced Mail System Status Codes This document defines a set of extended status codes for use within the mail system for delivery status reports, tracking, and improved diagnostics. In combination with other information provided in the Delivery Status Notification (DSN) delivery report,(...)
  • Purported Responsible Address in E-Mail Messages
  • Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1 E-mail on the Internet can be forged in a number of ways. In particular, existing protocols place no restriction on what a sending host can use as the reverse-path of a message or the domain given on the SMTP(...)
  • The Role of Wildcards in the Domain Name System. This is an update to the wildcard definition of RFC 1034. The interaction with wildcards and CNAME is changed, an error condition is removed, and the words defining some concepts central to wildcards are changed. The overall goal is not to(...)
  • Domain-Based Email Authentication Using Public Keys Advertised in the DNS (DomainKeys) "DomainKeys" creates a domain-level authentication framework for email by using public key technology and the DNS to prove the provenance and contents of an email. This document defines a(...)
  • DomainKeys Identified Mail (DKIM) Signatures DomainKeys Identified Mail (DKIM) defines a domain-level authentication framework for email using public-key cryptography and key server technology to permit verification of the source and contents of messages by either Mail Transfer Agents(...)
  • Simple Mail Transfer Protocol This document is a specification of the basic protocol for Internet electronic mail transport. It consolidates, updates, and clarifies several previous documents, making all or parts of most of them obsolete. It covers the SMTP extension mechanisms and best(...)
  • Internet Message Format This document specifies the Internet Message Format (IMF), a syntax for text messages that are sent between computer users, within the framework of "electronic mail" messages. This specification is a revision of Request For Comments (RFC) 2822, which itself(...)
  • Internationalized Email Headers Full internationalization of electronic mail requires not only the capabilities to transmit non-ASCII content, to encode selected information in specific header fields, and to use non-ASCII characters in envelope addresses. It also requires being able to(...)
  • DomainKeys Identified Mail (DKIM) Signatures DomainKeys Identified Mail (DKIM) permits a person, role, or organization that owns the signing domain to claim some responsibility for a message by associating the domain with the message. This can be an author's organization, an operational(...)
  • Internationalized Email Headers Internet mail was originally limited to 7-bit ASCII. MIME added support for the use of 8-bit character sets in body parts, and also defined an encoded-word construct so other character sets could be used in certain header field values. However, full(...)
  • Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1 Abstract Email on the Internet can be forged in a number of ways. In particular, existing protocols place no restriction on what a sending host can use as the "MAIL FROM" of a message or the domain given(...)
  • Domain-based Message Authentication, Reporting, and Conformance (DMARC) Domain-based Message Authentication, Reporting, and Conformance (DMARC) is a scalable mechanism by which a mail-originating organization can express domain-level policies and preferences for message validation,(...)
  • Interoperability Issues between Domain-based Message Authentication, Reporting, and Conformance (DMARC) and Indirect Email Flows Domain-based Message Authentication, Reporting, and Conformance (DMARC) introduces a mechanism for expressing domain-level policies and preferences for email(...)
  • A communication protocol between mobile telephone carriers and between phone and carrier, aiming at replacing SMS messages with a text-message system that is richer, provides phonebook polling (for service discovery), and can transmit in-call multimedia.
  • The use of autodialing systems to make automated calls that deliver prerecorded voice messages.
  • It is a software program, typically malicious, that provides privileged, root-level (i.e., administrative) access to a computer while concealing its presence on that machine. Simply put, it is a nasty type of malware that can severely impact your PC’s performance and also put your personal(...)
  • RSA (Rivest–Shamir–Adleman) is an algorithm used by modern computers to encrypt and decrypt messages. It is an asymmetric cryptographic algorithm.
  • RSA Signature with SHA-256
  • Rspamd is an advanced spam filtering system supporting a variety of filtering mechanisms including regular expressions, statistical analysis and custom services such as URL black lists. Each message is analysed by rspamd and given a spam score.
  • XML reports that provide a comprehensive view of all of a domain’s traffic. RUA reporting is the only requirement for building and maintaining DMARC compliance.
  • Same-Domain Phishing refers to phishing campaigns where each message fraudulently uses a domain in the address portion of the RFC5322.From header without permission of the owner. This is one of the most effective types of phishing if it isn't prevented with DMARC or other email authentication(...)
  • Also known as “fake anti-virus”, Scareware software issue a pop-up alert that aims to frighten unsuspecting internet users into purchasing worthless security software. Scareware can also take the form of “system optimisation” software. Many scareware applications are vectors for malware that(...)
  • cryptographic protocol designed to provide communications security over a computer network.
  • The standard for public key encryption and signing of MIME data. An SMTP server to route email to an intermediate mail server rather than directly to the recipient’s server.
  • The process of educating users about IT security risks and reinforcing the importance of compliance with security policies. Most employees will have a level of awareness about the risks posed by, for example, the opening of unknown email attachments, but awareness does not always translate(...)
  • sentinel addresses that are included in a list with different purposes, such as monitoring the deliverability of a message, detecting the sending times of a server, detecting spam sending activities, verifying theft, or list abuse
  • A way of separating your contact lists - it is recommended to split lists into active and inactive segments. Active refers to those who have opened or interacted with an email in the last 60-90 days. Inactive refers to recipients with little to no activity historically since sending to them.
  • How often a brand sends emails to subscribers. It is a hotly-debated topic with no universally “correct” answer.
  • Person, Company or ESP sending an electronic message.
  • It was an authentication protocol designed by Microsoft to protect against exploits such as phishing and domain spoofing. It was the result of merging the SPF and Microsoft's CallerID specifications, and was published as an Experimental document by the IETF as RFC4407 in 2006. Also known as(...)
  • Also referred to as the “from” name, this is the part of your emails where a subscriber can see who’s sent them the email message. Sender name is visible from the inbox. In some email clients it is more prominent than the subject lines.
  • TXT records on your domain that authorize certain servers to send mail using your domain name. It was published as a Experimental document by the IETF as RFC4408 in 2006, and updated as a Standards Track document as RFC7208 in 2014. More information is available from OpenSPF.org or Wikipedia.
  • It is used by Microsoft Live Hotmail, MSN Hotmail, and Outlook.com. It is a collection of responses from feedback loop participants over a period.
  • it's a reputation rating from 0 (bad) to 100 (good) for every outgoing mail server IP address. Mail servers will check your Sender Score before deciding what to do with your emails.
  • The domain name a person or company has purchased for themselves or their business to use for email marketing.
  • The Mail Transport Agent that the sender is using to send the mail messages.
  • It is the act of taking control of a user session after successfully obtaining or generating an authentication session ID. Session hijacking involves an attacker using captured, brute forced or reverse-engineered session IDs to seize control of a legitimate user’s Web application session(...)
  • The SHA (Secure Hash Algorithm) is one of a number of cryptographic hash functions. A cryptographic hash is like a signature for a data set. If you would like to compare two sets of raw data (source of the file, text or similar) it is always better to hash it and compare SHA256 values. It is(...)
  • An IP that has many different senders using it simultaneously. It is usually identified with the ESP that owns the IP rather than one of the brands sending from that IP.
  • This is the capture of confidential data by observation of a target, while passwords or PIN numbers are being input into a computing device, such as a tablet, ATM machine or door entry system. Shoulder-surfing can take the form of direct observation or be aided by the use of hidden cameras.
  • The online form a person fills out when they want to start receiving emails from a company or brand.
  • The process used to transfer and send email over the internet.
  • An exercise which involves computer users being sent phishing-type emails to investigate their susceptibility to phishing attacks. This can also be used as a training and security awareness tool.
  • The process of a recipient indicating that they wish to receive the messages from a particular sender. This can be done via forms, emails, and other means.
  • A session and user-authentication service that permits a user to use one set of login credentials (e.g. name and password) to access multiple applications.
  • a type of MTA that allows an SMTP server to route email to an intermediate mail server rather than directly to the recipient’s server.
  • Windows Live Hotmail offers Smart Network Data Services. SNDS sends data to senders which are based on actual emails sent to Hotmail subscribers. Metrics reported include complaints, Smart Screen filter results, and spam trap hits. Green color indicates less than ten percent spam; yellow color(...)
  • This is a technique whereby targets are sent SMS messages from an attacker masquerading as a trustworthy entity who is requesting personal information. One popular smishing scam involves a message being sent to the target that informs them their credit card details have been compromised with(...)
  • Snowshoe spamming is a strategy in which spam is propagated over several domains and IP addresses to weaken reputation metrics and avoid filters. The increasing number of IP addresses makes recognizing and capturing spam difficult, which means that a certain amount of spam reaches their(...)
  • Social Engineering refers to any number of techniques used to manipulate the target into disclosing information that they shouldn't, usually without realizing that they are doing so. It could be as simple as successfully impersonating a trusted party like a government agent or a co-worker at a(...)
  • Indicates that an email cannot be delivered to the recipient due to temporary failures such as: a full mailbox, a connection problem, a technical issue at the mailbox provider, or deferral of the connecting IP by the mailbox provider due to volume thresholds and other various factors. At(...)
  • Used more in affiliate marketing than B2B or B2C marketing. A solo ad is when an email marketer pays to have a list owner send a message to their list. Similar to list rental.
  • a company that sends emails on behalf of others. Following are the most notable types of sources: ESPs – offer the ability to send bulk (marketing and/or transactional) emails with their own domain ISPs – offer the ability to receive and send emails with your own domain (business or(...)
  • Also known as Unsolicited Bulk Email (UBE) or Unsolicited Commercial Email (UCE).
  • An action taken by the end user to report your email as spam, this is done by hitting the "mark as spam" button in your respective email client.
  • The folder in a recipient’s inbox where emails believed to be spam from their email service provider automatically are sent to
  • Emails being routed to spam folders for recipients.
  • The SpamAssassin spam score is a widely used measurement to predict how your email may be received by various mailbox providers and ISPs. A spam score ranges from zero (good) to 10 (bad). Other anti-spams, like Rspamd, use a similiar score.
  • An email address which does not belong to a real person, or used for any kind of communication. They are commonly used by mailbox providers and blocklist services to catch senders who have poor list hygiene or may not be sending to opted in lists.
  • E-mail spam filtering software by Apache. It uses a variety of spam-detection techniques, including DNS and fuzzy checksum techniques, Bayesian filtering, external programs, blacklists and online databases. It is released under the Apache License 2.0 and is a part of the Apache Foundation(...)
  • A spambot is a computer program designed to assist in the sending of spam. Spambots usually create accounts and send spam messages with them.
  • Originally, this term was used as a derogatory epithet to refer to any individual ISP that had mostly or only spammers for customers. Nowadays, it more often refers to the anti-spam organization of the same name.
  • those sending spam
  • Software that was written explicitly for the purpose of spamming, or has features that are mostly or only useful to spammers and other abusers. Also called 'ratware'.
  • Just like phishing, but targeted at a specific person or group. Spear-phishing is a highly focused attack with a higher probability of success due to a well-researched pretext. Anti-phishing training can make employees more resilient against spear-phishing attacks. Pretending to be a bank in(...)
  • substituting SPF include clauses in the record with direct IP addresses in order to not exceed the allowed DNS lookup requests for the record.
  • A technique used by spammers in which they falsely identify themselves as a means to acquire access to a system to steal data, spread malware, send spam or phishing messages.
  • When mass emails are sent to as many people as possible to run a fraud/scam (fraudsters playing the numbers game). A common approach in traditional phishing.
  • It is a type of malware that logs information about the user of a computing device and shares it with third parties.
  • It is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed. This information may include any number of items, including sensitive company data, user lists or private customer details.
  • A term used in A/B split-testing. Before you call a winner in an A/B split test, you need to know your results are statistically valid.
  • The practice of concealing a file within another one. For example, a social engineer might hide a malicious executable inside a JPEG file, which he then emails to his victim. Upon clicking a seemingly benign photo, a malicious trojan then gets activated which communicates back to the(...)
  • In Network Forensics, this is where each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires a faster processor to keep up with incoming traffic. Please check "Catch-it-as-you-can".
  • Some mail services support a tag included in the local-part, such that the address is an alias to a prefix of the local part. For example, the address joeuser+tag@example.com denotes the same delivery address as joeuser@example.com. RFC 5233, refers to this convention as sub-addressing, but it(...)
  • A subdomain is an additional part to a main domain name. Subdomains are created to organize different sections of your website or mail streams. For example: store.yourwebsite.com In this example, ‘store’ is the subdomain, ‘yourwebsite’ is the primary domain and ‘.com’ is the top level(...)
  • Copy that identifies what an email message is about. It is often designed to entice the recipient into opening the message. It’s also the first thing the recipient sees in the inbox, making it an important aspect of email marketing.
  • A Sybil attack uses a single node to operate many active fake identities (or Sybil identities) simultaneously, within a peer-to-peer network. This type of attack aims to undermine the authority or power in a reputable system by gaining the majority of influence in the network. The fake(...)
  • A reasonably general term for any attack that singles out an audience based on knowledge known or inferred about them. This could range from thousands of individuals who all work for a given company, where it can be inferred that they have a relationship with a vendor known to supply services(...)
  • Lingo from NANAE
  • There is no We. The poster recognizes that NANAE does not have a collective opinion.
  • By marking something as NOT spam, your subscribers may save you from the spam filter. This requires them to go into their spam folder and manually allowlist your address.
  • Controlling the amount of email messages sent to a mailbox provider at one time. Sometimes providers will throttle messages when there is a large amount of volume originating from one sender because they may be concerned about potential spam.
  • DNS TTL (time to live) is a setting that tells the DNS resolver how long to cache a query before requesting a new one. The information gathered is then stored in the cache of the recursive or local resolver for the TTL before it reaches back out to collect new, updated details.
  • The rightmost part of every domain name. In topdeliverability.com, ‘topdeliverability.com’ is the domain name, and ‘.com’ is the TLD.
  • technology that allows monitoring a user’s behavior
  • Real-time, automated emails sent to users after a certain action takes place on a platform, app, or website. Types of transactional emails can include password resets, purchase receipts, and email verifications.
  • (transmission control protocol/Internet protocol) – one of the two underlying internet protocols that are commonly used today to transmit reliable, ordered and error-checked delivery of a stream of data packets across the Internet.
  • Transport Layer Security, or TLS, is a widely adopted security protocol designed to facilitate privacy and data security for communications over the Internet.
  • email that is automatically triggered and sent after a user has performed a certain action which constitutes, in fact, the sending trigger.
  • Trojans are deceptive programs that appear to perform one function, but in fact perform another, malicious function. They might be disguised as free software, videos or music, or seemingly legitimate advertisements. The term “trojan virus” is not technically accurate; according to most(...)
  • A type of multi-factor authentication (MFA). It is a security process that cross-verifies users with two different forms of identification, most commonly knowledge of an email address and proof of ownership of a mobile phone.
  • A type of DNS record that contains text information for sources outside of your domain. You add these records to your domain settings. You can use TXT records for various purposes. For example, Google uses them to verify domain ownership and to ensure email security.
  • Eail address with a misspelled domain name, used to catch senders who have poor list hygiene practices.
  • When a hacker registers a domain name that is similar to an established one for the purposes of advertising, drive-by malware or phishing attacks. For example, a hacker might register a domain, such as Vodaphone.ie (as opposed to the legitimate site Vodafone.ie) and lure people into entering(...)
  • It's a process established by the Internet Corporation for Assigned Names and Numbers (ICANN) for the resolution of disputes regarding the registration of internet domain names. The UDRP currently applies to all generic top level domains (.com, .net, .org, etc.), some country code top-level(...)
  • String of characters that identifies a particular Internet-based resource.
  • number of individuals who have clicked on links in an email. Unique clicks do not include multiple clicks made by the same recipient
  • User whose email address does not exist. It may be due to spelling errors or when certain users have deleted their email address. Hard bounces occur due to unknown users. If you have many unknown users in your mailing list your sender’s reputation may go drastically down.
  • When emails are no longer relevant or important to a contact, they can unsubscribe to cancel their subscription to the list or service. In many countries, the law requires all emails sent to a mailing list to include an unsubscribe button or a similar functionality.
  • A web address that has been obfuscated in the browser address bar. For example, a URL might be encoded to disguise its true value by using hex, dword or octal encoding. This is a form of social engineering and is commonly used by hackers in phishing attacks. Cyber security awareness train.
  • This was originally designed to make long URLs (website links) more manageable when typing or more easily transmitted in mediums where character limits exist (e.g. SMS messaging). However, URL shortening is also used by social engineers to hide malicious website addresses because it makes(...)
  • How a person feels about using a product or service. The discipline of user experience (UX) makes digital experiences efficient, effective, and sometimes entertaining. In the world of digital marketing, UX is often equated with optimizing the user interface (UI) on the website. For example,(...)
  • Variable envelope return path (VERP) is a technique used by some electronic mailing list software to enable automatic detection and removal of undeliverable e-mail addresses. It works by using a different return path (also called "envelope sender") for each recipient of a message.
  • a specific type of business email compromise scam that targets vendors or suppliers via phishing emails and then sends fake invoices to their customers.
  • VMTA stands for Virtual Mail Transport Agent. In a nutshell, a mail transport agent is (or mail server) is a software tool that forwards incoming email from senders for further delivery. VMTAs are email servers that assign different IP addresses to particular types of emails, e.g.(...)
  • A social engineering scam in which confidential information (such as credit card information) is extracted from a target over the telephone for financial gain. A common vishing scam involves an attacker who uses the guise of a technical support employee to call the victim and inform them that(...)
  • The process of starting with smaller sending volumes and scaling up over time to help build sending history and reputation.
  • service that lets you consult your mailbox by accessing a website
  • An automated email, or series of emails, sent to new subscribers or customers that serves as the start of their relationship with an eCommerce brand. Welcome emails can include a general greeting, an introduction of the store’s values and story, and/or a promotional coupon code for their next(...)
  • The act of repeatedly causing spammers' throwaway accounts and drop boxes to be terminated. Named after the Whack-A-Mole arcade game.
  • Targeting a group or company to gain sensitive information by imitating a key stakeholder at the company. Pretending to be the CEO and asking to have money transferred from one business account to another is an example of whale phishing.
  • the practice of allowing sender domains, email addresses, IP addresses, etc. through security infrastructure.
  •  connects LANs and may be limited to an enterprise or accessible to the public. The technology is high speed and relatively expensive. The Internet is an example of a public WAN.
  • A Wildcard is something that matches anything. When speaking of DNS, a wildcard record is one that will be returned for any matching query. For example, a wildcard record can be defined or published as *.example.com, and any request that matches will receive that value. So apple.example.com or(...)
  • An automated email, or series of emails, to re-engage inactive customers or subscribers. Win-back campaigns often feature a message saying something like “We miss you” and include an incentive to entice the customer to return to the store. Customers or subscribers that don’t become active(...)
  • Person-to-person conversation that promotes a product or service. For example: “Hey, I loved that movie. You should check it out.” Word-of-mouth marketing (WOM marketing) can be organic. A brand can also script and direct it. In social media marketing, influencers are a common type of WOM(...)
  • It is a user-defined header element which is injected into the header portion of an email message.
  • It's is a line in the header of an email message that shows which software the sender used to send the message. When applicable, this line will also show the version of the software. For example, the x-mailer may state that you sent a message with Mozilla Thunderbird 4.61. While it's a(...)
  • An attack that exploits a zero-day vulnerability.
  • A vulnerability in hardware or software of which is unknown to the manufacturer/ developer or general public. The name “zero day” references the number of days that the software or hardware vendor has known about a vulnerability. As zero-day vulnerabilities are unpatched and unknown, they are(...)
This website uses cookies and asks your personal data to enhance your browsing experience.