Forward set up. Technical team

Similar documents
SMTP Relay set up. Technical team

Report API v1.0 Splio Customer Platform

Trigger SMS API. API Documentation SPLIO - SPRING Contact and Campaign Trigger SMS API - EN v4.0.docx

Factors that Impact Deliverability

Account Customer Portal Manual

Communicator. Branded Sending Domain July Branded Sending Domain

Technical Brief: DYN DELIVERY

Marketing 201. March, Craig Stouffer, Pinpointe Marketing (408) x125

Optimization of your deliverability: set up & best practices. Jonathan Wuurman, ACTITO Evangelist

Anti-Spoofing. Inbound SPF Settings

Office 365: Secure configuration

Securing, Protecting, and Managing the Flow of Corporate Communications

Mail Assure. Quick Start Guide

Mail Assure Quick Start Guide

Synology MailPlus Server Administrator's Guide. Based on MailPlus Server 1.4.0

Table of content. Authentication Domain Subscribers Content Sending practices Conclusion...

Best Practices. Kevin Chege

Based on material produced by among others: Sanjay Pol, Ashok Ramaswami, Jim Fenton and Eric Allman

How to Configure Esva for Office365

On the Surface. Security Datasheet. Security Datasheet

Instructions Microsoft Outlook 2007 Page 1

SMS Relay. API Documentation SPLIO - SPRING Contact and Campaign SMS Relay API - EN v1.2.docx

s and Anti-spam

anti-spam techniques beyond Bayesian filters

DomainKeys Identified Mail Overview (-01) Eric Allman Sendmail, Inc.

AWEBDESK MARKETER

October 4, 2000 Expires in six months. SMTP Service Extension for Secure SMTP over TLS. Status of this Memo

HOW-TO GUIDE. How to Optimize Your s for Deliverability

Using Trustwave SEG Cloud with Exchange Online

Introduction to Antispam Practices

Managing Spam. To access the spam settings in admin panel: 1. Login to the admin panel by entering valid login credentials.

Instructions Microsoft Outlook 2010 Page 1

Office 365 Standalone Security

A Federal Agency Guide to Complying with Binding Operational Directive (BOD) 18-01

Teach Me How: B2B Deliverability in a B2C World

Deliverability 2016: It s beyond just reaching the inbox

Instructions Microsoft Outlook 2003 Page 1

KantanMT.com. Security & Infra-Structure Overview

i-mscp OpenDKIM plugin

Deliverability Terms

Authentication GUIDE. Frequently Asked QUES T ION S T OGETHER STRONGER

Step 2 - Deploy Advanced Security for Exchange Server

Defining Which Hosts Are Allowed to Connect Using the Host Access Table

DKIM Implementation How

Instructions Microsoft Outlook 2013 Page 1

Pardot Setup Implementation Guide

Defining Which Hosts Are Allowed to Connect Using the Host Access Table

Comendo mail- & spamfence

========================================================================= Symantec Messaging Gateway (formerly Symantec Brightmail Gateway) version

Top 10 Deliverability Best Practices. #ActOnSW

Digital Messaging Center Feature List

Advanced Marketing Certification Training

Mail Reporting. User Guide - Table of Contents. Overview. Use Case(s) Accessing the Tool. Mail Reporting Tools. Sent s.

DNS Management with Blue Cat Networks at PSU

Deliverability Webinar: Factors that Impact Deliverability Hosted by the emarketing Learning ebizitpa

Fireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.

Using Trustwave SEG Cloud with Cloud-Based Solutions

Office 365 Inbound and Outbound SMX configuration. 4 th January 2018

DKIM Implementation. Messaging Anti-Abuse Working Group. Segment 3 of 4 on DomainKeys Identified Mail. MAAWG Training Series

WeCloud Security. Administrator's Guide

vbulletin and VerticalResponse

Guide To Navigating POPI

WHITEPAPER Rewrite Services. Power365 Integration Pro

Instructions Eudora OSE Page 1

Mail Assure. User Guide - Admin, Domain and Level

Certification. Standards and Requirements. December Return Path, Inc.

Data API v1.2. SPRING Contact & Campaign SPLIO - SPRING Contact and Campaign DATA API EN v1.3.

Marketing Best Practices that Maximize Deliverability

TrendMicro Hosted Security. Best Practice Guide

Overview... 3 Provisioning Sites for Security Awareness Training... 3 Understanding Phishing Simulations... 6 Understanding Types...

Fortinet.Certdumps.FCESP.v by.Zocki.81q. Exam Code: FCESP. Exam Name: Fortinet Certified Security Professional

Version SurfControl RiskFilter - Administrator's Guide

McAfee Gateway Appliance Patch 7.5.3

Automatic Delivery Setup Guide

Building a Scalable, Service-Centric Sender Policy Framework (SPF) System

CompSci 356: Computer Network Architectures. Lecture 23: Application Layer Protocols Chapter 9.1. Xiaowei Yang

Setting Up in Daycare Works Help. Version: 06/25/2013

Ciphermail Webmail Messenger Administration Guide

SMTP Settings for Magento 2

Empowering Marketing and Sales using CRM and ClickDimensions

Domain Name Service. Product Description. Issue 03 Date HUAWEI TECHNOLOGIES CO., LTD.

To create a few test accounts during the evaluation period, use the Manually Add Users steps.

Configuring Gmail (G Suite) with Cisco Cloud Security

Single Sign-On. Introduction

G-Lock EasyMail7. Startup Guide. Client-Server Marketing Solution for Windows. To learn more about G-Lock EasyMail7, visit

Data API v1.9. Splio Customer Platform SPLIO Customer Platform - DATA API EN v1.docx

Category: Standards Track January 1999

MDaemon Vs. Kerio Connect

Franzes Francisco Manila IBM Domino Server Crash and Messaging

EVRY Security. Administrator's Guide

Delivery to the Big Four: AOL, Google, Microsoft, and Yahoo

Configuration Section

MDaemon Vs. IceWarp Unified Communications Server

DMARC ADOPTION AMONG e-retailers

to Stay Out of the Spam Folder

Understanding the Pipeline

April 24, 1998 Expires in six months. SMTP Service Extension for Secure SMTP over TLS. Status of this memo

Chapter 62 Simple Mail Transfer Protocol

MDaemon Vs. MailEnable Enterprise Premium

Contents. Limitations. Prerequisites. Configuration

Transcription:

Forward set up Technical team 09/04/2015

Summary Introduction... 3 Forward service description... 3 Presentation of our service... 3 Service set-up... 5 Infrastructure... 5 Set-up... 5 Customer sending IP address... 5 Tracking... 6 Details on returned information... 6 Datas feeds... 6 Customer data feeds... 6 Send set-up... 7 Message header... 7 MX records set-up... 8 SPF/DKIM set-up... 8 Usage... 8 Identification and authentication... 8 Qualification... 8 Integrity... 9 Used standard policies... 9 SPF (Sender Policy Framework)... 9 Sender ID... 10 DKIM (DomainKeys Identified Mail)... 10 DNS set-up... 11 2

Introduction Forward service description This document intends to provide technical information on Splio Forward service, in order to facilitate the set up and launch. Some functional aspects are mentioned for a better understanding of the flow. smtp RELAY++ Presentation of our service Services covered The Splio Forward service is basically a SMTP relay dedicated to outsource the email delivery optimisation, and returning the hard-bounces in synchronous mode, and also, as optional features, tracking and reporting in asynchronous mode. 3

The Splio Forward service cannot remove the sender responsibilities regarding the privacy policies and local laws. Forward can manage delegated functionalities such as: SMTP transaction procedures Spam complaints management Hard-bounces management Unsubscriptions through feed-back loops (FBL type list-unsubscribe) Immediate blacklist preventing recipient to receive a Newsletter after unsubscription Campaign events (Hard-bounces, Unsub, clicks,..) can be delivered» Through an asynchronous mode (flat file through FTP or FTP TLS)» Through a synchronous mode (SMTP or HTTP requests) (optional) Authentications» Messages can be signed with DomainKey/DKIM» SPF/Sender ID management» Sub-domain delegation (optional) Additional services :» IP reputation Monitoring ReturnPath SenderScore Certification (optional) Easy and intuitive monitoring and reporting tools Advanced reporting facilities (optional) The set-up is designed to be quick. 4

Service set-up Infrastructure Set-up Customer sending IP address The Splio customer is identified by a set of IP addresses. A testing environment can be set on demand. Once the credentials are communicated to the customer, the service is open only between customer and Splio, but the first messages are not relayed until further checks done by Splio. The first messages are blocked until checks are ok. Then Splio notifies the customer of the real availability of the service. 5

Tracking Details on returned information Returned information can be set from basic to advanced, depending on customer requirements:» No tracking In such case, the MIME content is not modified by Splio's scripts» Opening rate A web bug is added to the HTML message to monitor the opening rate. The basic set up doesn't capture personal details on openers.» Openers Through optional set up, Openers details can be captured and reported. (Email address / IDuser).» Clickers rate Through optional set up, Clickers rate can be monitored (aggregated to the contact, with no link details)» Advanced tracking and reporting Trough optional set up, advanced monitoring on behavior can be captured and reported (with personal details and links used)» DualTrack As additional feature, our DualTrack can replay through an asynchronous mode the campaign activity captured in real time by Splio. DualTrack requires advanced tracking. This functionality requires a prior technical analysis and validation by Splio consultants. The tracking URL can be in https or http depending on the type or tracking. Datas feeds Customer data feeds As mentioned previously, the data captured by Splio tools can be delivered through various options:» Flat files (through FTP) 6

A file can be periodically delivered (by default, on a daily basis) this frequency can be increased or decreased. The file is available on FTP (secured FTP TLS is also available). The flat file structure must be agreed between customer and Splio. Usual informations are: Soft bounces Hard bounces Unsubscribes (through List-Unsubscribe) Spam complaints Usual identifiers are: CampaignID or Campaign caption RecipientID or email address Action (hard/soft/spam/open/click/unsub) Data (/ IP address/used link/..) Default format is as below (separator is tab): Recipientid campaignid ext chanel from status dest1@mail.com campaign1 1001 normal newsletter@company.com done dest2@mail.com campaign1 1002 normal newsletter@company.com hard dest3@mail.com campaign1 1003 normal newsletter@company.com soft dest4@mail.com campaign1 1004 vip newsletter-vip@company.com done Send set-up Message header The Splio relay behavior and reports can be adjusted through some additional tags within the messages header. The naming convention for the tags to be monitored by Splio tools is to begin with: x- splio- 3 tags to allow post-campaign reports split: x-splio-ref : campaign identifier x-splio-extid : recipient id x-splio-canal : channel 7

x-splio-filteroff: Y/N : Optional disabling of the Splio blacklist. This option is dedicated to transactional messages such as ecommerce order confirmation, logistic information, etc.. It is not supposed to be used with a marketing campaign. Using this option implies a strong integration of Unsubscriptions and spam complaint management at the customer side. *Requires activation on Splio s side. Based on the presence of these tags and agreed values, the behavior of our SMTP relay can be adjusted (priority/rate/dedicated IP/header recording/tracking/billing ref/reporting aggregates/mime changes/email sender) or be retrieved while producing the data feed to the customer. MX records set-up The MX record can be updated to set mail exchanger= mail.splio.fr, depending on customer case. SPF/DKIM set-up Usage Depending of ISP internal policies, the SPF, SenderID and DKIM can be optional or mandatory to ensure the deliverability of emails. Splio strongly recommends to implement the DKIM and SPF/SenderID so that the email deliverability will be secured. Identification and authentication Identification is the sender value such as «user@domaine.com». The authentication stage checks that the sender name used is corresponding to the declared information accessible from a reverse lookup. Qualification Qualification assessment intends to verify the sender is accredited to send a mail. This stage comes after authentication. 8

Integrity This last stage occurs to check the message has been routed directly with alteration. Used standard policies SPF (Sender Policy Framework) SPF is the standard policy to which Splio complies. The SPF record information allows to declare regular IP addresses to be accepted to send emails and recognized at the "MAIL FROM:" assessment (during the transaction SMTP hand check). Trying 77.238.177.9... Connected to mx1.mail.eu.yahoo.com. Escape character is '^]'. 220 mta1043.mail.ird.yahoo.com ESMTP YSmtp service ready EHLO mail.splio.fr 250-mta1043.mail.ird.yahoo.com 250-8BITMIME 250-SIZE 41943040 250 PIPELINING MAIL FROM: <exemple@splio.fr> 250 sender <exemple@splio.fr> ok Table 1 - Transaction SMTP initial hand check mydomain.com 3600 IN TXT "v=spf1 ip4:91.190.168.0/21 ~all" mydomain.com 3600 IN SPF "v=spf1 ip4:91.190.168.0/21 ~all" Table 2 - SPF/TXT record splio.fr for a dedicated setting Table 2 returns the following credentials: Any server with an IP belonging to the range 91.190.168.0/21 is allowed to use the domain splio.fr in the MAIL FROM: section Any other server is strictly not allowed to use the domain splio.fr in the MAIL FROM: section Further information on SPF options is available on the public domain. 9

The ISPs use SPF records to define if a message should be rejected; not setting SPF would be considered as a bad behavior. A SPF record properly set will foster the successful message delivery. Advantages SPF check-in allows to reject from the very first step of the process Inconveniences Some ISP may accept emails even if the sender IP address is not compliant. Sender ID Sender ID is a Microsoft specific policy, it derivates from SPF. As the behavior is quite different, Splio recommends to comply with Microsoft policy. mydomain.com 600 IN TXT "spf2.0/pra include:spf2.splio.com ~all" Table 3 - Sender ID set up for mydomain.com Sender ID checks occur at "MAIL FROM:" assessment, similarly to SPF, but also evaluated later on the process on other fields like From:, the Sender:, etc. based on Purported Responsible Address (PRA) algorithm. Sender ID is required for Hotmail recipients. Exchange mail servers may also require the Sender ID. Advantages It allows the email router to use Sender as an alternate trusted identifier. Inconveniences If the MAIL FROM: check in allows the ISP to notify the rejection from the very first step of the SMTP transaction, the deny based on SENDER ID is notified later in the process. DKIM (DomainKeys Identified Mail) DKIM allows a technical signature within the messages, independent from the Sender, From, Return-Path domain values. The Sender delivers the message with a private encrypted key, The ISP receiver server controls with the public key, published at the DNS record and certifies the authentication of the sender. 10

splio._domainkey.mydomain.com 43200 IN TXT "k=rsa; p= MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFG63OUQU+COcURv/5/rD5MLkAh 3mS8c2JqskStBgMJiPTfQaxIc+qqtZAVkiud4jO5SQ5plnvRYtMnfSe+VoyGiz1j/3x5i4PUjiFKL KiGnTpvW7LcrpWwVgeRnUAqeIvACnlTc9uXv30moMvPNq4qPe1bD05oDvpxJHa12lqlwIDA QAB" Table 4 - Display of public key for DKIM signature on mydomain.com DKIM is used to establish trust between recognized sender and receiver and can shunt further filtering procedures doing so, the workload is lighter and the delivery of messages is simplified The DKIM signature is strongly recommended by Yahoo! to allow the FeedBack Loop to work. Gmail is requesting this signature. Hotmail usage of DKIM is less important. Advantages It allows to consolidate the sender reputation on one domain whatever the sender (From) uses. Inconveniences Encrypted key analysis requires more calculation resources. DNS set-up In order to ensure the authentication phases success, SPF, Sender ID and DKIM require from customer domain administrator actions on TXT records within the impacted DNS. Action can be either an insert or a change, depending if the records already exist. Warning: a new MX record might be also added, beside the SPF/SENDER ID/DKIM actions described below, depending if the subdomain dedicated to the emails routed by Splio Forward is already existing or not, and well configured for abuse@ address. Case 1: Customer ensures the domains management SPF» Add «include:spf.splio.com» to the existing records or create them if missing. Note: TTL value is to be set by yourself, depending on your requirements (3600 in the example below) 11

Example: mydomain.com 3600 IN TXT "v=spf1 include:spf.splio.com mx a ~all" mydomain.com 3600 IN SPF "v=spf1 include:spf.splio.com mx a ~all" The example above means Splio is the dedicated router. So, for combination of several routers, please insert the include into the existing string mydomain.com TXT "v=spf1 ip4:xxx.xx.xxx.x/xx ip4:xxx.x.xxx.x/xx include:spf.splio.com include:spf.myotherrouter.com a mx ~all" Sender ID => Add «include:spf2.splio.com» to the existing records or create them if missing. Note: TTL value is to be set by yourself, depending on your requirements (3600 in the example below) Example: mydomain.com 3600 IN TXT "spf2.0/pra include:spf2.splio.com ~all" mydomain.com 3600 IN SPF "spf2.0/pra include:spf2.splio.com ~all" The example above means Splio is the dedicated router. So, for combination of several routers, please insert the include into the existing string mydomain.com TXT "spf2.0/pra include:spf2.splio.com include:sp2.myotherrouter.com a mx ~all" DKIM» option 1: Send us your private key» option 2: Add to your public keys, associated to your domain, a zone «splio._domainkey» with the following values: "k=rsa; p=migfma0gcsqgsib3dqebaquaa4gnadcbiqkbgqdfg63ouqu+cocurv/5/rd5m LkAh3mS8c2JqskStBgMJiPTfQaxIc+qqtZAVkiud4jO5SQ5plnvRYtMnfSe+VoyGiz1j/3x5i4 PUjiFKLKiGnTpvW7LcrpWwVgeRnUAqeIvACnlTc9uXv30moMvPNq4qPe1bD05oDvpxJH a12lqlwidaqab" Note: TTL value is to be set by yourself, depending on your requirements (1200 in the example below) Example: 12

splio._domainkey.mydomain.com. 1200 IN TXT "k=rsa; p=migfma0gcsqgsib3dqebaquaa4gnadcbiqkbgqdfg63ouqu+cocurv/5/rd5mlk Ah3mS8c2JqskStBgMJiPTfQaxIc+qqtZAVkiud4jO5SQ5plnvRYtMnfSe+VoyGiz1j/3x5i4PUjiF KLKiGnTpvW7LcrpWwVgeRnUAqeIvACnlTc9uXv30moMvPNq4qPe1bD05oDvpxJHa12lqlwI DAQAB" Notes: the underscore character used by Splio may be an issue depending on your domain service provider. Mind the space at... k=rsa; p=mig... Depending on thr tool, the "k=rsa; can be displayed as "k=ksa\;» Then notify us with the subject «Activation DKIM» with details. Case 2: Customer delegates sub-domain management to splio This option is billable, check this with your Splio sales contact. The DNS admin of your domains needs to set these additional values: IN NS ns1.splio.fr. IN NS ns2.splio.fr. IN NS ns3.splio.fr. Splio can then do the additional set up on its side. Case 3: Splio manages your DNS This option is billable, check this with your Splio sales contact. 13

Splio, French independent group created in 2001, is software provider of Customer Experience Management in Saas mode and specialized in the retail industry. Splio, whose R&D is located in France, has a presence in three continents with offices in Paris, Barcelona, Warsaw, Beijing, Shanghai and Sao Paulo. Splio offers solutions that can easily be integrated and have the ability to meet the creative needs of marketers. 103 boulevard Haussmann - 75008 Paris Tel. : +33 (0)1 84 73 11 11 www.splio.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback