Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

English | German


 INHALTSVERZEICHNIS

According to various studies, spam emails account for over 50% of email traffic as a whole. This in turn means, that over half of the emails sent worldwide are messages that are actually unwanted. Spam emails can overload systems and contain malicious software or unwanted advertising. However, even legitimate and desired emails – such as your survey invitations or other messages from EFS – may be classified as spam. In the following, we will therefore give you an overview of how email is classified as spam and how you can check in the Mail report whether your email has been received by participants. In addition to that, we will show you some ways to ensure that your messages are less likely to be declared as spam and more likely to be delivered to participants.

How Is Email Classified As Spam?

In order to ensure that an email is not a spam message and that there is no virus in the email or an attachment, every email passes through multi-stage filtering and security systems at the receiving mail server.

This spam detection is based on various technologies:

Filter Lists:
Every spam filter includes a so-called blacklist, which contains all spam characteristics – such as sender, IP address or certain keywords. If the spam filter recognizes a spam message based on these characteristics, the message is flagged, moved or deleted. The counterpart to the blacklist is the whitelist. Messages from senders on this list are always delivered.

Checking IP Addresses:
The IP address of the sender can be used to determine whether the sender is known for spam. Using the sender's address is less reliable – spammers often fake email addresses.

Content Filtering:
Certain keywords are typical for spam, so content is scanned for these keywords. If terms such as "Viagra" appear frequently, the message is classified as spam. The catch with this technique is that if special characters or deliberate spelling mistakes are included in the keywords, the filter is not effective anymore.

Reputation Score:

All of the above factors are used to calculate the so-called reputation score for an email. If the total score exceeds a previously set threshold, the email is classified as spam. As we have no influence on the receiving mail server, it is difficult to ensure that no mail accidentally gets caught in the spam filter or that the mail ends up in the recipient's Junk folder.

You can check your mails in advance with online tools, e.g.   https://www.mail-tester.com/.

What’s the Role of the Mail Report When it Comes to Spam?


The Mail report, which can be found in the Survey menu, helps you to monitor the sending process and intervene, if necessary. It provides an overview of all emails sent during the survey. Each time you send one or more emails from the participant administration, an entry is created in the report.

By selecting the ID under Mailing, you can display a detailed overview of the mailing process. Here you can, for example, filter according to the status "Not reachable" and view the response from the receiving mail server for each individual mail.

Status

The following table contains the statuses relevant to the topic of spam that can be displayed for your mailing process.

Status

Explanation

Sent

The number of mails that were successfully delivered to the receiving mailing server.

Rejected

The number of all emails the server rejected and classified as spam mail without placing it in the user’s spam folder.

Delivery failed

The number of emails which could not be delivered due to trouble on part of the recipient address.

Not reachable

The number of all emails which could not be delivered because the recipient‘s address or the domain do not exist.

Responses from the Receiving Mail Server

The following list shows some examples of possible responses from the receiving mail server with regard to the statuses described above. The list is not complete and TIVIAN has no influence on the responses.

Not reachable

  • 550-5.1.1 user unknown{CRLF}550 5.1.1 Unknown recipient. In response to the RCPT TO command.

  • 550 Requested action not taken: mailbox unavailable In response to the RCPT TO command.

  • 550-5.1.1 The email account that you tried to reach does not exist. Please try{CRLF}550-5.1.1 double-checking the recipient's email address for typos or{CRLF}550-5.1.1 unnecessary spaces. Learn more at{CRLF}550 5.1.1 https://support.google.com/mail/?p=NoSuchUser m24si2824391pfo.129 - gsmtp In response to the RCPT TO command.

Rejected

  • 421-4.7.0 This message does not have authentication information or fails to pass{CRLF}421-4.7.0 authentication checks. To best protect our users from spam, the{CRLF}421-4.7.0 message has been blocked. Please visit{CRLF}421-4.7.0 https://support.google.com/mail/answer/81126#authentication for more{CRLF}421 4.7.0 information. cm23si5831536edb.119 - gsmtp In response to the end of message mark (CRLF.CRLF)

  • 550 91.217.141.35 is not allowed to send mail from xxxxrlin.de. Please see the SPF record, with scope mfrom, identity e.xxxld@xxxx-xxxx.de, and ip 91.217.141.35 In response to the end of message mark (CRLF.CRLF).

Delivery failed

  • 550 91.217.141.36 is not allowed to send mail from xxxxxx.de In response to the RCPT TO command.

How Can I Prevent Messages from Being Classified as Spam?


There are a number of options and security standards that can help to improve the deliverability of your emails. However, please note, that none of these options can guarantee that your messages and invitations will not actually be declared as spam. In the following, we will introduce you to SPF, DKIM and DMARC as well as the configuration of your own mail server and the correct process of adding a mail sender in EFS as options.

As of version 24.1, EFS requires a SPF record when creating a mail sender with your domain.

Sender Policy Frame Work (SPF)

SPF is a technique for preventing spam or virus emails. The SPF record of the sender's domain is checked for a record of the mail domain of the sending mail server, which ensures that the domain is authorized to send the mail. If there is a record of the mail domain, there is a higher probability of the mail being delivered (there may be other queries and checks by the mail server). If there is no record of the mail domain, the mail may not be delivered at all or may be marked as spam. The behavior at this point depends on the settings of the receiving mail server and cannot be influenced by TIVIAN.

Checking the SPF Record

The decisive factor is which mail sender you use. Example: surveys@example.com

https://mxtoolbox.com/spf.aspx

For emails sent by EFS in your name, the receiving mail server checks whether the TIVIAN mail servers are allowed to send emails from the “surveys@example.com” domain. For this purpose, the SPF record of the “surveys@example.com” domain is read. The IPs of the TIVIAN mail servers are recorded in the domain _spf.tivian.com. If this domain is not included in your SPF record, you must add it.

Complete example with other entries:

v=spf1 mx a include:mail.zendesk.com include:_spf.tivian.com ~all

Adding the SPF Record

It is possible to store the mail domains of our mail servers on your site so that emails will not be marked as spam due to the SPF check. (Spam marking/deletion can also be carried out based on other rules of the receiving mail server).

To do this, have your system administrator add the following include to the SPF record for your domain:
include:_spf.tivian.com

A detailed breakdown of the stored IPs can, for example, be found at https://mxtoolbox.com/spf.aspx..

If you only add the IPs and not the SPF record, we would like to point out that these IP addresses may change in the future, but you might not be informed about this. For this reason, we strongly recommend that you add the above-mentioned SPF record (_spf.tivian.com). Further information can also be found at https://en.wikipedia.org/wiki/Sender_Policy_Framework.

DKIM (Domain Keys Identified Mail)

DKIM is a method of email authentication. DKIM adds a signature to the email, which is assigned to the sender domain and is used for all outgoing emails. The use of a domain key is a technique (similar to SPF) that is intended to make it more difficult to forge the sender of an email.

Adding a DKIM Record

There are two different scenarios for adding a DKIM record. Which one is right for you depends on whether you manage the domain yourself or whether it is managed by TIVIAN. The domain key is free of charge for you.

If you manage the domain, proceed as follows:

  • Request the domain key from Support, naming the technical contact person in your organization who will be responsible for implementation.

  • IT Operations creates the key and Support forwards the key to the technical contact person you have specified.

  • The technical contact person you have specified stores the key in the DNS.

If the domain is managed by TIVIAN, proceed as follows:

  • Request the domain key from Support.

  • IT Operations will create the key and you will be informed by Support after implementation.

DMARC (Domain-based Message Authentication, Reporting and Conformance)

DMARC was developed to reduce the misuse of emails. The protocol is intended to eliminate the inadequacies in relation to authentication problems when sending emails and can be used in addition to DKIM and/or SPF records.

A DMARC record can be used to define additional recommendations on how the recipient should deal with an email that does not comply with the rules. For example, you can specify whether emails should be quarantined or rejected. In addition, email addresses for reporting violations can be specified. Further information on this topic can be found here: https://www.netplace.de/de/blog/dmarc.

Adding a DMARC Record

An existing SPF and DKIM entry is a prerequisite for adding a DMARC record. DMARC is free of charge for you. Proceed as follows:

  • Request DMARC from Support, naming the technical contact person in your organization.

  • IT Operations will set up the DMARC record.

  • After implementation, you will be informed by Support.

Own/External Mail Server

It is generally possible to use a different mail server for the entire installation. However, you will then lose some EFS features: the Mail report will no longer be available and there will be no hard bouncing for mails. This means that all mails are marked as sent and you can no longer see which participants could not be reached.

Setting up Your Own/an External Mail Server

If an external mail server is to be set up, we need the following information from you:

  • Server/host

  • Port

  • Account/User

  • Password

If all data is complete, processing will approx. take 3-5 days. The standard setup is free of charge. You should be aware that this is an open SMTP relay, i.e. there is no separate authentication between EFS and the mail server.

Adding Mail Senders Correctly in EFS

Not only the content of emails, but also the sender addresses are usually defined in advance in EFS. This is particularly important if you want to use addresses you do not own when sending emails, e.g. a general mailbox that other employees also have access to. In order for you to be able to select these addresses in the EFS mail form, they must first be added in the system.

  • Sender addresses are managed under Libraries → Mail templates → Mail senders.

  • Use the Add e-mail address button to open the dialog for creating a new sender. Enter the email address, the associated realname (if required) and the authorized teams.

When adding a mail sender under Mail templates → Mail senders in EFS, an SPF check of the sender's domain is performed to ensure that it complies with our recommendations. This allows users to be contacted earlier if problems with mail delivery (e.g. delivery not possible or classification as spam) potentially occur due to the setup. A conspicuous result in the SPF check prevents the sender from being created.

If you cannot change the SPF record for your email domain, you still have the option of using the default sender address Survey <noreply@customervoice360.com>. Just create a new mal sender, as described above, using the email address noreply@customervoice360.com, and enter the name of your company as a realname instead of "Survey", for example.

image-20240222-105254.png

  • No labels