Hotmail marking mail from Invision as "suspicious"

[markopolo2002]

Just a word of warning to the Invision team ... emails that I received previously from you guys always came through without any issues whatsoever, although in the past day or so any mail coming from your board and landing in my hotmail account is now showing the warning:

This message looks suspicious to our SmartScreen filters.

Screenshot below - just thought I'd mention it in case you guys are messing with the email templates or anything and have made changes which could have caused this :)

[Rhett]

Hotmail has been tightening up their spam policies, if fact so tight, they are blocking legit, clean server ip's In some cases and wont clear them even after jumping through many hoops that they request.

I would recommend not using hotmail personally.

[markopolo2002]

Sound about right Rhett, had similar problems a few years ago with Hotmail although fortunately I did manage to clear our IP - just wanted to make sure you knew about the issue :)

[Rhett]

We will see if there is anything we can do, however its a double sided battle and we can thank all the spammers for it i guess. Thanks for the info though.

[Alfa1]

Spam marking has little to do with IPs. How do you manage bounced email? Do you comply with the US law according to the Anti-spam act, Can-Spam act, related laws, EU anti spam directives , international law and the demands of large email providers? Do you follow the DMARC protocol and use SPF and DKIM ?
If not, then you are illegally sending out bulk mail. i.e. spam. Naturally your domain will be blacklisted as a spammer, by email providers.

[bfarber]

We comply with all necessary laws of course.

And the email in question was a new post notification - it wasn't bulk mail. We don't send bulk mail from our server, we use a newsletter provider when we wish to send a bulk notification (and those are sent to the people who sign up on our website to receive such news letters).

[Rimi]

Hotmail is blocking emails from themselves. People add me on MSN via Hotmail and these get emailed to me as invites. Where do these invites go? The spam folder.

[Alfa1]

We comply with all necessary laws of course.

I have just reviewed the header and footer of email sent by IPS, and it does not comply with the aforementioned laws.

And the email in question was a new post notification - it wasn't bulk mail.

You could indeed say that forum notifications are different from mass mailings. But on close inspection there is not so much difference. The amount of notification emails that are sent out is massive and email providers suffer from this, if there is no bounce management in place and if the various laws are not respected.
For example: my site sends out about 50.000 such notification emails per month. I send out mass mailings every two months, which is less than 100.000 email addresses. So the number of forum notifications is higher than newsletter emails.

Due to notification emails, forum software in general is responsible for a lot of spam. I say spam because most forum software does not handle bounced email nor sends email according to the legal requirements. I'm not sure how IPS handles email.

Could you please explain how IPS software handles bounced email?
Does IPS software stop sending out emails, if an email provides sends a notification of a hard bounce? Or does IPS software keep sending email to invalid email accounts?

[bfarber]

1) Our software does not need to exactly comply with CAN-SPAM, as the emails are not commercial or unsolicited emails. We do not use deceptive subject lines or false headers. If an administrator uses the software in such a manner as to fall under this law, it is their responsibility to comply with it.

The law covers email that's primary purpose is to advertise or promote a product, service, or website. Personal emails and email updates and advertisements that have been consented to are not covered under this law. Also not covered are "transactional or relationship messages," which are emails that pertain to agreed-upon transactions or emails that update a customers in an existing business relationship. That is because these types of emails are not technically spam - they are a result of previous consent or a business relationship.

(For anyone else reading this, please note that I am not a lawyer, I'm not offering legal advice for your site, etc. etc.)

2) The Anti-Spam Act on the site you linked to is listed as unenacted, meaning it is not law.

3) Managing bounced emails is not a "law". I only stated that we comply with all laws. :) Bounced email management is a requested feature of the software (I believe someone has even written a mod to handle it IIRC), but it is not a built in feature of the software at this time.

[Alfa1]

Please read the rest of the laws. Most laws are similar and are enacted. You will find that in many countries it is indeed against the law to send out emails that do not comply with the requirements. But thats not a major issue, as long as no forum administrator has encountered legal consequences.

What is important though is that most email providers do require webmasters to follow these laws and requirements. Else they will blacklist sites. In 99% of the cases the webmaster will never notice that his site is blacklisted as a spammer, because the effect is that members do not receive email and mostly do not complain. The problem stays under the radar in most cases. But it does mean that part of the new members never activate accounts and a % of existing members does not receive notifications. That results in reduced activity. i.e. less success for sites, than they would otherwise have.
This is why its so important to have a good system to process bounced mail and to send out email according to the requirements.

As a side note: I do believe that even though webmasters are indeed responsible for how they send out email, theoretically there is a liability for IPS. I don't think that will be an issue though. But its worth mentioning to your lawyer. Just to be sure.

I've written an article on the matter that you might find interesting: How to keep your board from getting blacklisted as a spammer.
I will not hotlink it here, as its on the site of a competitor. But you can Google it. I hope thats helpful.

[Lindy]

There are no such laws that would be applicable to IPS as software vendor. With that said, I do like the idea of bounced e-mail management. Naturally, this would require setup on the user-end, so we need to factor in support overhead for such a feature, but it's definitely something to consider.

[Alfa1]

99% of bounce management can be done on the software side. All that the customer needs to do is to add a bounce email address, a IMAP inbox, SPF and DKIM. The software can still use the php x-mailer. I have worked with my dev to have such software written for vb.

With the recent release of DMARC, there is a great opportunity for software developers to benefit from this. It will make email sending much more effective.

[-MM-]

This is probably happening because all IPB communitis are using same email template. Try changing your template and you should be fine. However if you are alredy flaged as suspicous email sender/spammer then its harder to do anything to fix it.

[bfarber]

99% of bounce management can be done on the software side. All that the customer needs to do is to add a bounce email address, a IMAP inbox, SPF and DKIM. The software can still use the php x-mailer. I have worked with my dev to have such software written for vb.

With the recent release of

DMARC

, there is a great opportunity for software developers to benefit from this. It will make email sending much more effective.

"All" that the customer needs to do is:

• Add a bounce email address
• Add an IMAP inbox
• Add SPF
• Add DKIM
  

(or alternatively pipe incoming emails to that address to a PHP script)

I think you over-estimate some users' technical abilities. :D

[Alfa1]

I think most people can open up a gmail account for it. Else they can ask their host. This would be the imap inbox and the bounce email address.
They can ask their host to fix the SPF and DKIM for them.