One of our customers recently contacted us regarding an Exchange Server e-mail reputation issue. E-mail reputation problems are rarely directly related to an Exchange Server environment, but since they were using Exchange Server along with our spam filter for Exchange, they thought we might be able to help them. We do know a lot about spam — but usually it’s advice as to how to avoid it!
Let’s start with a definition of what e-mail reputation — or sender reputation as it is often referred to as — actually is. E-mail reputation is directly related to the possibility of getting an e-mail into the receivers Inbox. Basically, it’s an indicator of trustworthiness — proving that you the sender are not spamming. Several factors are involved, such as complaint rates, e-mail volume, blacklisting, spam traps and the like.
What can be done to help e-mail reputation for an Exchange Server?
We’ve gathered a few tips that can be done to help e-mail reputation for Exchange Server.
1) Nurture your e-mail lists
If you do mass-mailings, it is always a good idea to nurture your e-mail lists and keep an eye on open and click rates of your promotional mass-mailings. If these metrics are very low, there is a risk that your e-mails create complaints and hurt your e-mail reputation.
2) Set up Sender Policy Framework records
Setting up Sender Policy Framework (SPF) records will reduce the chance that spammers are using your domain for sending spam. The SPF is a small change to your DNS records which specifies which servers are allowed to send e-mails from your domain. This small change cannot be emphasized enough.
3) Check whether your Exchange Server is on any spam lists
If you suspect you have an e-mail reputation problem, this should be your starting point. There are several places you can check this, Spamhaus is probably among the most used. If you think the issues are solved you can request to be de-listed.
4) Scan all outgoing emails being sent from Exchange Server
In SPAMfighter Exchange Module we introduced the option of scanning outgoing mails for spam. That helps restricting employees sending mass-mailings, and helps enforcing policies for e-mail usages. If an employee accidentally sends a mail holding an infected file it can easily be stopped.
5) Configure your firewall
If your company uses a firewall, it should be configured to only letting select computers (normally the Exchange e-mail server) send e-mails. By doing so, the risk of virus-infected computers sending mails is reduced, as well as the chance of ending up on blacklists.
A special case of ending up on blacklists is the case of NDR (Non-Delivery-Reports). Some Exchange Servers are configured for returning mails that have not been delivered due to a non-existing mailbox. There are also cases where a spammer puts a spoofed return e-mail address in an e-mail and therefore makes it look as if the company is spamming. In the latest version of SPAMfighter Exchange Module we have introduced a honeypot functionality for handling this specific situation. Read more here.