One of the questions that I am frequently asked is if we get a sudden burst of outbound mail from a customer using us to send outbound, will we throttle their mail? 

Throttling is the process of slowing down outbound mail such that a sending organization can only send a certain amount of messages in a certain timeframe.  For example, if the rate limit is 2500 messages per hour and the organization wants to send 25,000, throttling would slow down their connection speed and it would take them 10 hours to send out their entire email campaign.  In a similar manner, I am frequently asked if we will block their mail if we detect a sudden burst in traffic due to an email campaign, the idea being that spammers are known for bursty mail behavior and this technique could potentially make them look like spammers.

In my department, throttling is not a mechanism that we have found to have extensive value.  However, elsewhere within Microsoft, particularly Hotmail and Exchange, throttling is used quite a bit.  By contrast, we are more content driven – as long as your email isn’t spam, then we will relay it.  The idea is that we try very hard not to interfere with legitimate mail flow.  If it is illegitimate mail, then we will interfere with it.  We will take action very quickly, as illustrated by my recent blog series.

Customers than ask me for a set of best practices when sending mail.  How can they ensure that mail they send, in bulk, arrives at the destination?  They are looking for advice for when they send from their own servers, or through our own servers.  Here is what I tell them.

  1. Ensure that you have proper SPF records set up in DNS.  SPF records are a mechanism for ensuring that mail coming from a domain really is coming from that domain.  In other words, it is an anti-spoofing mechanism, and helps in the delivery of mail in some cases because it allows the receiver to verify the sender and build up a reputation on it.
    - Open SPF wizard
    - Microsoft’s SenderID wizard
    I’ll have a bit more to say on delivery to Hotmail below.

  2. If they are sending mail in bulk (ie, emailing lots of receivers), then it is probably in newsletter format.  They should have a way of unsubscribing at the bottom of the email.  It would look something like the following:

    This email was sent to by
    Update Profile/Email Address | Instant removal with SafeUnsubscribe™ | Privacy Policy

    Some mailers require you to send an email to a certain email alias with “Unsubscribe” in the subject.  I don’t like those very much, I much prefer to click on the link.  But if you do it this way, at least have the courtesy to have it as a link and when it is clicked on, all the required fields are pre-populated.

  3. Double opt-in is a great idea.  Here’s how it works: you know how sometimes you download software and there is a little checkbox saying “Yes, please sign me up for your annoying offers” and it’s checked by default, and often in small text?  That’s built on the assumption that people simply don’t notice that it is checked and it’s a free avenue for mailers to harvest your email address.  In the world of email security, it is considered a grey marketing technique.

    Double opt-in is different.  The check box for things like that are unchecked by default, so the user has to select it.  Secondly, once they submit the form, an email is sent to the end user with a link saying “Please click on the link below to verify that you really want to hear from us.”  That forces the user to opt into announcements but it gives the mailer a good reputation.

  4. The sender of mail should have forward-confirmed DNS.  That means that if the sender is, and does not actually exist or resolve in DNS, they will have problems delivering to a lot of places since many spam filters consider that in their weighting.  For example, if the sending domain has no A-record in DNS, nor an MX record, a certain large ISP will reject the mail or at least throttle mail from that IP.  It is a common spamming tactic to fill in the sending email address with non-existent domains.

  5. Similarly, the sending IP should have a reverse DNS entry.  For example, is  A lot of senders do not have a reverse DNS entry for the IP.  Adding this in DNS makes it easier for spam filters to know who the mail is coming from.  It is common for spammers to send from IPs with no reverse DNS entries (ie, PTR records).

  6. This is pretty obvious, but the subject line of the message should be what the message is about.  The sender of the message should reflect who is sending the message.  If you are sending out mail for the Shopper’s Handbag Company, here is what you should do:

    Subject: New updated catalog for the Christmas season!

    Here is what you should not do:
    Subject: Catalogs
    The easier you make it for people to know who you are and what you are doing, the less you will annoy spam filters around the Internet.

  7. Process bounces and remove non-existent email aliases from your lists.  Email addresses change over time, and people sometimes discard them.  Companies delete non-existent accounts and when you send mail to them, they will bounce it back to you.

    If you get an email bounce from somebody you sent mail to, remove it from your email list.  Not doing so annoys spam filters around the Internet.  Yes, I understand the bouncing email server may be sending you a form of backscatter mail, but you’re the one who originated the mail; deal with it.  Send to people’s email aliases that exist.

  8. Windows Live Mail (Hotmail) has a program set up called Smart Network Data Services, you can check out the link here.  Basically, they allow senders to sign up and if they agree to be good senders, it improves their deliverability to Hotmail.  It also involves checking complaints sent by end users.  I don’t know that much about this program, but I hear that it helps some senders deliver mail to Hotmail.

    Hotmail can sometimes be one of the trickier ones to deliver to.  Steps 1 (especially), 4, and 5 really aid in delivery to Hotmail.  It also makes it much easier to escalate to them if you have everything set up properly, and it also improves delivery to the rest of the Internet.

  9. Alternatively, if they were to do steps 1-5, they could consider talking to the folks at ReturnPath.  ReturnPath is a company that checks the reputation of bulk senders to ensure that they are good senders of email; they enforce compliance.  I know some guys there and I know that they check for items 1-5.  They do charge to get on that list, however, once a sender does get on and takes their sending reputation seriously, they will have a mcuh easier time delivery to Gmail, Yahoo and Hotmail.

    Disclaimer: Microsoft does not a formal relationship with ReturnPath, and neither do I.  I point this out based solely upon my own personal observations of how the email industry works, and I am familiar with the work that ReturnPath does.

  10. There are companies out there that provide bulk mailing services and are familiar with sender’s best practices.  Two that I know of are ExactTarget and ConstantContact.  Both of these two are pretty sharp and on the ball, and can be of assistance when you need to keep in contact with lots of people.

    Once again, neither myself nor Microsoft has a formal relationship with these two companies, I point this out based solely upon my own personal experience and my familiarity with their work.

Those are the big ones I can think of.  I’m sure email marketing folks everywhere would more than likely agree with what I have said above, and may even have a thing or two to add.

I think that the good thing about this list is that these are best practices for delivering mail through all spam filters, not just ours.  They are paraphrased recommendations of some of the larger organizations that deal with email.  They are not special tricks that spammers could use to evade filters because it would de-anonymize them.  They are techniques that say “Here’s the proper way to send mail – make sure you can be authenticated, and don’t be deceptive.”  Good guys do that, bad guys do not.