Feedback loop (email)

Last updated
A sender and a recipient connected by a mailbox provider (MP). The feedback provider and the feedback consumer are the two formal endpoints of the feedback loop (blue arrow). Senders need to subscribe, possibly using a web form similar to the one depicted on the upper left corner, in order to become feedback consumers. Recipients typically click a spam button on a web mail page to start the process. Feedback loop (email).png
A sender and a recipient connected by a mailbox provider (MP). The feedback provider and the feedback consumer are the two formal endpoints of the feedback loop (blue arrow). Senders need to subscribe, possibly using a web form similar to the one depicted on the upper left corner, in order to become feedback consumers. Recipients typically click a spam button on a web mail page to start the process.

A feedback loop (FBL), sometimes called a complaint feedback loop, is an inter-organizational form of feedback by which a mailbox provider (MP) forwards the complaints originating from their users to the sender's organizations. MPs can receive users' complaints by placing report spam buttons on their webmail pages, or in their email client, or via help desks. The message sender's organization, often an email service provider, has to come to an agreement with each MP from which they want to collect users' complaints. [1]

Contents

Feedback loops are one of the ways for reporting spam. Whether and how to provide an FBL is a choice of the MP. End users should report abuse at their mailbox provider's reporting hub, so as to also help filtering. [2] As an alternative, competent users may send abuse complaints directly, acting as mailbox providers themselves.

Rationale

Marketers striving for their mail to be delivered have a twofold advantage: they can remove subscribers that don't want to receive that kind of advertising (listwashing), and they can analyze the complaint rate and hence how their advertising meets market expectations. By unsubscribing users who complain, marketers reduce their overall complaint rate per IP or domain, ensuring that targeted mail is much more likely to reach subscribers who actually want to receive it. [3]

ESPs, when playing the sender's role, are very sensitive to how sending mail on behalf of their customers may affect their reputation. Monitoring the complaint rate is one of the ways they can control what their users are sending. [4]

Reporting process

  1. Spencer sends a message to Alice.
  2. Alice complains to Isaac (her ISP or MP) about the message, e.g. by hitting the report spam button.
  3. Isaac encapsulates the message as either an Abuse Reporting Format MIME part, or (less commonly) a standalone message/rfc822 MIME part, and sends it to Spencer if Spencer has signed up to receive that feedback. [5]

As sketched above, the process implies that Spencer, besides being the author (or sender) of the message, is connected to the postmaster responsible for his mail domain. Subscribing to an FBL usually involves the postmaster's authorization. An FBL subscriber may or may not forward abuse reports to the relevant authors. If no subscribers exist for a given mail domain, Isaac can omit sending an abuse report at all. In fact, subscriptions have to be done one by one, a laborious task that mail domains not engaged in mass mailing may want to skip. RFC   6650 addresses the latter shortcoming by proposing auto-subscribe just-in-time FBLs, which can be started by sending an unsolicited abuse report with further directives (at a minimum, a way to unsubscribe). [6]

Ipsos noted that a majority of respondents to a survey on spam reporting marked messages as spam based solely on the subject and sender data.

For years, end users have been told not to trust email unsubscribe links, so many users hit the spam button as an alternative to unsubscribing. [7] Consequently, report spam may act as unsubscribe in some cases. [8] One of the reasons not to hit unsubscribe links is to avoid confirming that the message had been received and opened. [9]

Reporting formats

The Abuse Reporting Format (ARF) is the standard format for FBL reports. Much like bounce messages, whose design is inherited by ARF, an abuse report consists of a human readable part, followed by a machine readable part, and the original message. The report is characterized by a Feedback-Type field whose values may indicate one of abuse, fraud, virus, or other (more types are registered at IANA).

Microsoft, who use the name Junk Mail Reporting (JMR), also use their own format. [10]

Google's Gmail is beta testing a non-traditional FBL with select ESPs. [11] Gmail uses their own format—an aggregate report that reveals spam rate per notable sender. SendGrid reports that the Gmail FBL, developed and launched by Julian Tempelsman and Sri Somanchi, is effective at identifying spam that other anti-spam systems miss. [12]

See also

Related Research Articles

<span class="mw-page-title-main">Email</span> Mail sent using electronic means

Electronic mail is a method of transmitting and receiving digital messages using electronic devices over a computer network. It was conceived in the late–20th century as the digital version of, or counterpart to, mail. Email is a ubiquitous and very widely used communication medium; in current use, an email address is often treated as a basic and necessary part of many processes in business, commerce, government, education, entertainment, and other spheres of daily life in most countries.

Within the Internet email system, a message transfer agent (MTA), mail transfer agent, or mail relay is software that transfers electronic mail messages from one computer to another using the Simple Mail Transfer Protocol. In some contexts, the alternative names mail server, mail exchanger, or MX host are used to describe an MTA.

The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to a mail server for relaying, and typically submit outgoing email to the mail server on port 587 or 465 per RFC 8314. For retrieving messages, IMAP is standard, but proprietary servers also often implement proprietary protocols, e.g., Exchange ActiveSync.

<span class="mw-page-title-main">Open mail relay</span> SMTP server that allows anyone to send e-mail through it

An open mail relay is a Simple Mail Transfer Protocol (SMTP) server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular because of their exploitation by spammers and worms. Many relays were closed, or were placed on blacklists by other servers.

<span class="mw-page-title-main">Email client</span> Computer program used to access and manage a users email

An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email.

An email address identifies an email box to which messages are delivered. While early messaging systems used a variety of formats for addressing, today, email addresses follow a set of specific rules originally standardized by the Internet Engineering Task Force (IETF) in the 1980s, and updated by RFC 5322 and 6854. The term email address in this article refers to just the addr-spec in Section 3.4 of RFC 5322. The RFC defines address more broadly as either a mailbox or group. A mailbox value can be either a name-addr, which contains a display-name and addr-spec, or the more common addr-spec alone.

Various anti-spam techniques are used to prevent email spam.

Sender Policy Framework (SPF) is an email authentication method that ensures the sending mail server is authorized to originate mail from the email sender's domain. This authentication only applies to the email sender listed in the "envelope from" field during the initial SMTP connection. If the email is bounced, a message is sent to this address, and for downstream transmission it typically appears in the "Return-Path" header. To authenticate the email address which is actually visible to recipients on the "From:" line, other technologies, such as DMARC, must be used. Forgery of this address is known as email spoofing, and is often used in phishing and email spam.

A bounce message or just "bounce" is an automated message from an email system, informing the sender of a previous message that the message has not been delivered. The original message is said to have "bounced".

Email marketing is the act of sending a commercial message, typically to a group of people, using email. In its broadest sense, every email sent to a potential or current customer could be considered email marketing. It involves using email to send advertisements, request business, or solicit sales or donations. The term usually refers to sending email messages with the purpose of enhancing a merchant's relationship with current or previous customers, encouraging customer loyalty and repeat business, acquiring new customers or convincing current customers to purchase something immediately, and sharing third-party ads.

The Sender Rewriting Scheme (SRS) is a scheme for bypassing the Sender Policy Framework's (SPF) methods of preventing forged sender addresses. Forging a sender address is also known as email spoofing.

DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in email, a technique often used in phishing and email spam.

Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. The purpose and primary outcome of implementing DMARC is to protect a domain from being used in business email compromise attacks, phishing email and email scams.

An email service provider (ESP) is a company that offers email marketing or bulk email services.

Email forwarding generically refers to the operation of re-sending a previously delivered email to an email address to one or more different email addresses.

The Abuse Reporting Format (ARF) also known as the Messaging Abuse Reporting Format (MARF) is a standard format for reporting spam via email.

<span class="mw-page-title-main">Gmail interface</span>

The Gmail interface makes Gmail unique amongst webmail systems for several reasons. Most evident to users are its search-oriented features and means of managing e-mail in a "conversation view" that is similar to an Internet forum.

Spam reporting, more properly called abuse reporting, is the action of designating electronic messages as abusive for reporting to an authority so that they can be dealt with. Reported messages can be email messages, blog comments, or any kind of spam.

A mailbox provider, mail service provider or, somewhat improperly, email service provider is a provider of email hosting. It implements email servers to send, receive, accept, and store email for other organizations or end users, on their behalf.

Murray S. Kucherawy is a computer scientist, mostly known for his work on email standardization and open source software.

References

  1. J.D. Falk, ed. (November 2011). Complaint Feedback Loop Operational Recommendations. IETF. doi: 10.17487/RFC6449 . RFC 6449 . Retrieved 30 November 2011.
  2. John R. Levine (9 December 2009). "Adding a spam button to MUAs". mail. ASRG . Retrieved 22 April 2011.
  3. "What are feedback loops (fbl's) and how can they help my deliverability?". Email Manual. 2009-07-15. Archived from the original on 6 March 2012. Retrieved 15 July 2009.
  4. "Your Reputation Holds the Key to Deliverability" (PDF). ReturnPath. 2008-08-18. Archived from the original (PDF) on 11 May 2013. Retrieved 16 November 2008.
  5. J.D. Falk (2008-11-11). "FeedBack loops". ASRG mailing list (Mailing list). IRTF . Retrieved 18 November 2008.
  6. Murray Kucherawy, ed. (June 2012). Creation and Use of Email Feedback Reports: An Applicability Statement for the Abuse Reporting Format (ARF). IETF. doi: 10.17487/RFC6650 . RFC 6650 . Retrieved 28 June 2012. Feedback Providers MUST provide a way for report recipients to request that no further reports be sent.
  7. Derek Harding (2006-09-07). "Getting in the Feedback Loop". ClikZ. Retrieved 16 November 2008.
  8. John Levine (2008-11-13). "FeedBack loops". ASRG mailing list (Mailing list). IRTF . Retrieved 18 November 2008.
  9. "Spam Unsubscribe Services". The Spamhaus Project. 2007-01-19. Archived from the original on 2009-03-09. Retrieved 16 November 2008.
  10. "Services for Senders and ISPs". Microsoft . Retrieved 11 November 2011.
  11. "Best Practices for Senders: A Gmail Perspective (slides 47, 48)". MAAWG. 2014-02-20.
  12. "Gmail's Spam Feedback Loop: SendGrid's First-hand Experience". SendGrid. 2014-03-28.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.