SOAR

The following updates became available on July 7th, 2008.

We know that the majority of our customers rely on email as a timely method of communication to their unit members, including the SOAR EBlast feature. We continue to improve the SOAR email features to ensure that you can rely on email delivery.

Now that we own and control our own Email Servers we have been able to add a number of Email enhancements to ensure your emails are delivered to your unit members (avoiding spam filters and junk email folders) and to decrease SPAM going through our Email Servers.

A lot of the detailed information below is technically oriented for those that like to understand all the details. If you don’t want to read all the details, simply understand that we continue to fight unsolicited email.

Email Delivery Speed

You may have noticed by now that there is very little lag time between the time you send an email and the time it is delivered to Email List recipients. The vast majority of emails are now delivered within seconds of receipt by our Email Serves.

The switch to our new service provider has enabled this improvement.

The only emails we see that are now delayed for long periods of time are those with valid deliver issues – i.e a recipient’s email server is down or the email address itself is bad.

Whitelist – America Online

A number of the major Internet Service Providers provide programs for companies to get on a preferred email server list. Email from these preferred servers then avoids a number of the provider’s SPAM filters and has a much greater success rate at avoiding your unit member’s junk email folder. This is called a Whitelist.

Along with the Whitelist program , SOAR will receive a report every time one of the provider’s customers marks an email from our servers as SPAM. The report will not contain the email address that made the report. It will contain the email message in question so we can track down the SOAR customer that it is associated with. To take advantage of Whitelist status on an ongoing basis SOAR has to maintain a low percentage of SPAM reports to email messages delivered.

We have applied for an received Whitelist status with America Online which covers all @aol.com and @aim.com/.net email addresses.

It is important that your unit members with AOL email addresses do not mark unit email as SPAM. This affects ALL SOAR customers. When we receive these reports we will forward them to you and ask you to communicate with your members with AOL email addresses on the subject.

Whitelist – Yahoo

Yahoo provides the same Whitelist program. SOAR has completed the application for this program and are currently under review.

SPF – Sender Policy Framework

This is a technology that helps Email Servers verify that the source of an email is authorized to send the email. This is based on the domain name of the sending email address. This technology prevents your email addresses from being used as the source of unsolicited email and also increases the probability that unit email will reach member’s junk email folder.

It is probably easier to explain this technology with an example. You send an email to announce@troop123.com

• We receive the email and send an individual message to each unit member
  • Lets pick one of these as an example – scout@yahoo.com
• We send the email to Yahoo’s email servers for delivery to scout@yahoo.com
• Yahoo’s email servers do a DNS lookup on troop123.com for an SPF record
• Yahoo gets a response that SOAR email servers, and ONLY SOAR email servers, are allowed to send email
• Yahoo sees that this email passes the SPF test and bumps up its “authenticity” rating.

We have added SPF records to all customer domains to enable this technology. This includes .mypack.us, .mytroop.us, .mygirlscout.us, and customer purchased domains.

A small number of customers may be affected by implementation of this technology – those that use Email Alias addresses to send email from. Again a couple of examples will help explain this.

Lets say you are a Comcast customer and like to send emails from webmaster@pack123.com – an email alias that points back to your home email address of myname@comcast.net.

• If you send an email to an Email List, all is fine because you are coming through our Email Severs which are authorized to send email.
• If you send an email directly to an individual at your council (exec@council.org) this is what would happen
  • Your email goes form your home computer to the Comcast email servers
  • Comcast sends the email to the Council email servers
  • The Council email servers do a DNS SPF lookup on the domain pack123.com
  • They see that only SOAR Email Servers are authorized to send email
  • Your email is coming from Comcast email servers
  • The “authenticity” rating of your email is decreased

To insure delivery of your emails, you should avoid setting up your email client to send email from Email Aliases.

Domain Keys & DKIM

These technologies are similar to Sender Policy Framework in that they help a receiving email server verify the source of individual emails. The difference is that with DK/DKIM each individual email message sent form our servers is digitally signed with a private key and the receiving email server can verify the signature through the use of public keys.

The result is that each email’s “authenticity” rating is increased. The implementation of multiple of these technology further increases the score.

The same issue exists as SPF for customers sending email from an Email Alias to non SOAR email servers.

To implement this change, we had to modify some of the headers of each individual email to reflect that the sender of the email message was our Email Servers. Users of Microsoft Outlook will see the sender of email messages to Email Lists in the format below. All other email clients are not affected.

     <listname>-bounces@<domainname> on behalf of <original sender’s email address>

Email List responses

If an email going to a customer Email List does not come from an email address that is authorized for that it list, the email is now discarded. No response message is sent to the original sender as previously configured. Authorized has varied meanings depending on your List setup and Global Sender List.

We have found that these response messages were being exploited for unsolicited email. Emails were being sent to customer Email Lists with the expectation that they would bounce and be returned to the sender. The sender was in fact the real recipient of the original SPAM message. Thus unsolicited email was being routed through our Email Servers. None of this unsolicited email was reaching your unit members, but it still affects the reputation of our Email Servers.

If you have unit members report that an email to one of your Email Lists “disappears”, it is most likely because they are not on the Authorized Senders list for that Email List.

Email Block Lists

As SOAR continues to grow, our servers and our customer Email Aliases are increasingly targeted with unsolicited email messages. We have implemented an email blocking technology called DNSBL (Domain Name Server Block List) which verifies the IP Address of the sending Email Server before even accepting email messages. This technology is fairly reliable and catches a good amount of unsolicited email before it even gets in the door.

We are currently using 3 block lists for this purpose.

1. A custom made block list consisting of IP Addresses from Asia, South America, Mexico, Africa, and Eastern Europe. These locations are often the source of SPAM messages. A side effect is that all email from these countries is blocked. Given we cater to US scouting organizations we do not see this as a problem. Canada, Western Europe , and Australia/New Zealand have not been blocked.
2. A commercial block list from www.spamhaus.org that is actually 3 lists in one. It includes a list of verified SPAM sources, a list of know bot networks, and a list of dynamic IP address ranges. This last once covers most home computers – legitimate email goes through an ISP’s email server and does not come directly from a home PC.
3. A commercial block list from www.spamcop.net. This is a backup in case the www.spamhaus.org servers are down for any period of time.

We have been using this technology on our corporate servers since the server migration. The results have been amazing as our internal email addresses only get a handful of SPAM messages a day now.