Inside the Gmail Kimono: A Whole Lotta Nothing?

Gmail yesterday announced and unleashed a new way of doing things. They will finally tell users why stuff is in the spam folder, and there has been a lot of excitement in the sending world that there will finally be some clarity at Gmail as to their bulking policies. All told, there is, and there isn't.

Ela Czajka, a software engineer made a posting entitled “Learn why a message ended up in your spam folder“ at the official Gmail blog. It is user-facing, and provides little deep information. However, there is a link to a new series of articles with explanations under the rubric “Why messages are marked as Spam”.

Let’s parse through them, and see what can be done on the sending side:
#1 Phishing scams
Some spammers send fraudulent messages that try to trick you into sharing personal information like passwords or credit card numbers. This practice is called phishing.
Advice for marketers: Don’t send phishing emails, duh.
#2 Messages from an unconfirmed sender
Spammers can forge a message to make it look like it's sent by a real website or company that you might trust. To help protect you from such messages, Google tries to verify the real sender using email authentication.
The authentication process tries to verify the real sender by looking at a message's authentication data. This data should be included in a message's "signed-by" or "mailed-by" headers (shown beneath the subject line when you look at a message's details). When the sender doesn't include this data, we can't be sure whether or not the message was forged.
For example, a message might claim to be from a Gmail address, but we can't confirm that claim if the message doesn't have authentication data.
Advice for marketers: See that link to the Email authentication Page? Bottom line: Use SPF & DKIM, duh. (authenticated messages will have images turned on - bonus!)

Gmail also suggests your recipients add your sending address to their addressbook. Ok, old trick, but if they say so, they must mean it.
#3 Messages users sent to spam
You previously marked these messages as spam by clicking the "Report spam" or "Report phishing" button. Both actions will send the message to your Spam folder and remove it from your Inbox.
Advice for marketers: Send relevant mail with a frequency that doesn’t annoy your recipients, so they don't report you as spam. Duh.
#4 Similarity to suspicious messages
Gmail uses automated spam detection systems to analyze patterns and predict what types of messages are fraudulent or potentially harmful. Here are just a few of the things our system considers when marking a message as spam:
  • Content that's usually associated with spam such as mature content and "get rich quick" schemes
  • Messages that falsely appear to be a "bounced message" response (a system-generated email that you might automatically get after sending a message that can't be delivered such as a message sent to an invalid email address)
  • Messages sent from accounts or IP addresses that have sent other spam messages
  • Behavior of other Gmail users, such as many people reporting spam from a particular sender
  • Similarity to other spam or phishing messages based on a combination of things like subject matter, elements like spelling and formatting, and suspicious attachments
  • A difference between your Gmail language preference and the language used in the message
Advice for marketers: Send from clean IP ranges that haven’t spammed in the past, clean your bounces, don’t get reported as spam (see #3), don’t send spam or phishing, and make sure to segment your list linguistically, if possible. Leave get rich quick schemes to the spammers. Duh, duh, derp.
#5 Administrator-set policies
If your organization uses Gmail, the administrator within your group can decide what messages will not marked as spam.
Advice for marketers: If you are sending to a company account, the email administrator may have decided he doesn’t like your email. Deal with it.

The Buried Lede

Squirreled away on a link from a user-facing page is a link to the Gmail Bulk Senders’ Guidelines; here’s where the rubber hits the road!

These guidelines are clear, senders must:
  • Use a static IP
  • Have proper rDNS on the IP
  • Use consistent 'From' Addresses
  • Provide clear opt-in, and preferably confirm subscriptions
  • Use a prominent unsubscribe URL in the email
  • Deploy the 'List-Unsubscribe' header
  • Actively unsubscribe bounces
  • Explicitly indicate the email address subscribed to your list
  • Use clear Subject Lines
  • Be completely transparent as to the sender, and payload site
  • Bulk messages sent must be formatted according to RFC 2822 SMTP3 standards and, if using HTML, standards.
  • Deploy the 'Precedence: bulk' header
  • Segment transactional and marketing email, and use discrete domains and/or IPs for each stream
  • Make certain abuse@ works on all your domains (in the from, and the body payload domains)
  • Have clear and up-to-date WHOIS information for all your domains (do not use WHOIS proxy services, they are now illegal according to a California court)
  • Have an up-to-date listing for all domains at
  • Don't be a 3rd-party sender, nor engage in affiliate marketing
    In other words, Gmail is telling senders to use common sense and adhere to Best Common Practices like those published by MAAWG.

    This isn’t rocket science, indeed, these are the fundamentals. Duh.

    No comments:

    Post a Comment

    Comments policy: Al is always right. Kidding, mostly. Be polite, and you're welcome to join in, even if it's a differing viewpoint.