Feb 20, 2007

Emails Blocked By Spam Firewall?

Companies have to deal with so much spam these days (here’s a slew of stats for you), they’re just outsourcing their email management duties to vendors like Barracuda Networks, Postini, and Symantec.

The nice thing about this trend is that those vendors can block spam a whole lot more efficiently than individual IT managers ever could.  So that means IT managers can spend less time updating their home made blocklists, and more time supporting real problems around the office.

The bad thing about all this is if you send a legitimate email marketing campaign that gets blocked by one of these vendors, it’s tough getting un-blocked. They’re not the same as getting blocked by an ISP (like AOL or Hotmail). Big ISPs usually have feedback loops that help marketers prevent blocks before they happen. These email firewalls are very proprietary, and rarely, if ever, share information with senders.

This means you’ve got to learn how to tell when you’re getting blocked (note that I said "when," not "if") then how to deal with the situation…

How can you tell if your email campaigns are getting blocked by email firewalls and spam filters?

After every campaign you send, look at your bounceback numbers.

You should have a feel for what’s "normal" for your list. If you haven’t sent enough emails to know "what’s normal" for you, here are some email stats by industry.

If you see an abnormal amount of bouncebacks for a particular campaign, that’s a clue that something has gone wrong, and you need to look into it.

How To Read Bouncebacks

I’m not going to go into detail about bounced SMTP headers, but if you’re an email marketer, you should know why and how to read them. (here are some tips from our knowledge base).

This is as much fun as poking your eyeball with a hot needle. So you really only have to do this if you spot abnormalities in your bounce stats.

In MailChimp, click into a campaign report, then click on "Bounces." You’ll see "soft" bounces, and "hard" bounces. Check them both, because some email firewalls are deceptive, and send their bounces as "hard," hoping you’ll never contact the recipient again.


Click on the "See why these bounced" links.

Next, you’ll see a list of whose emails bounced.

Tip: If your list is huge, clicking through all these email headers could take all day. So look for groupings of bouncebacks. Like if 4 people from the same company domain name bounced, read their headers first. It’s very likely their corporate email firewall blocked your email:


If you’re using Mozilla Firefox, or Internet Explorer 7, use "tabbed browsing" to your advantage. Just CTRL+CLICK on all the emails you want to read through, and each bounce header will open in a new tab. Then just tab through them (CTRL+TAB) and look for common clues.

For the most part, you’ll just find a bunch of "email doesn’t exist" bounces.

But this is (roughly) what it looks like when you’ve been blocked by Barracuda or Postini or one of the spam firewalls:



and sometimes, you come across a SMTP-reply like this:


What’s cool about that one is they actually give you an email address to report the mistake to. That’s very rare.

What to do if you’re blocked by a spam firewall

So now you can tell if you’ve been blocked by a firewall. What do you do next?

Your best bet is if you know the recipient. Contact him and tell him, "You know our email newsletter that you signed up for? Your company’s email firewall keeps blocking it. You should tell your IT people to unblock us."

What normally happens next is the IT person will ask your recipient, "Ok, who’s the sender, and what’s their domain name or IP address?" If you use an email service provider like MailChimp, chances are your email was sent from a wide range of IPs and domains, so you’ll need to give them a list of all the IPs we use (here’s a list of MailChimp servers).

Or, if you have a dedicated IP address, you can just provide that.

If you don’t know the recipient, you can try contacting the recipient’s IT team. 

Guilty Until Proven Innocent

Keep in mind that when you’re dealing with IT people, you’re pretty much guilty until proven innocent. They deal with crap all day. So be prepared to provide absolute proof of opt-in for that recipient (MailChimp stores all that for you).

Did you just import an old list of people, and you never collected IP addresses or date/time stamps? Oof, this is going to be an uphill battle for you.

Do not, under any circumstances, tell the IT person that "we do not spam." The simple fact of the matter is, their firewall says you’re a spammer, so to them, you’re a spammer.  Just politely explain how the recipient specifically requested your emails, and that you’re being erroneously blocked, and gosh it sure would be nice if they’d unblock you. 

If the IT person believes you’re legit, they can whitelist you to prevent this from happening in the future. Sometimes, the IT person says it’s out of their hands, and that you (or MailChimp) needs to contact their email vendor. That’s a hint that they don’t believe you’re legit. No amount of explanation from MailChimp will help convince them either.

So long as you’re sending valuable emails that people truly requested,
it’s really not that hard to get IT people to whitelist you.

On rare occasions, it’s something that your ESP has to clear up with Barracuda (or Postini, or Outblaze, etc). For example, if MailChimp introduces a new feature (like our forward-to-friend link, or our unsubscribe link) that’s embedded in all emails sent from our system, the link that we use for that particular feature will suddenly appear in millions of emails sent across the Internet every single day. That tends to look suspicious to the email firewalls, so they’ll start blocking all emails with that URL in it (until someone contacts them about it). That’s when we call them up or email them and explain what’s going on.

If this sounds like a lot of work, it is. Luckily, email service providers (like MailChimp) have a dedicated abuse desk person to work with ISPs and Email vendors to keep these problems to a minimum. But a lot is on your shoulders, too. Never send to people who didn’t opt-in, and always check your campaign stats for abnormalities. Alert your ESP if you think there might be a problem, but don’t assume the problem’s all theirs.