For the past week many of you have had problems sending and receiving emails.You haven't been alone. It hasn't mattered how your domains have processed emails, which server, which ISP or which email client you've been using. The system has been quietly sputtering to a near stand-still.
Overview (skip this if you don't care):
Ultimately, the problem lies in the need to fight the huge volume of spam that crosses the world every minute of every day. To combat these annoying and sometimes malicious attacks, ISP's (Internet Service Providers) have tried a variety of ways to authenticate a legitimate sender vs. a potential spammer. Over the years protocols have been implemented then abandoned as each has failed to do more than put a bandaid on a gaping wound.
All email providers, hosting companies and ISPs have tried to keep up with the changes even as they vary from provider to provider. We've added various records, signatures and authentication schemes responding in fits and starts. The biggest complication is that no governing body or single protocol applies so we often end up chasing our own tail.
Latest Problem
Beginning about July 1, several different problems converged to become a perfect storm. The biggest email providers (Yahoo, Gmail & AOL) tightened up incoming authentication checks. Several of the biggest RBL's (real black holes - AKA real-time black-lists) were timing-out causing false positives. Smaller providers were also upgrading protocols. Suddenly everyone but the spammers were getting delivery failure notices!
By Friday afternoon I was getting phone calls from around the planet asking for help!
Solutions
Since there were multiple problems and a variety of providers - not all solutions applied to every domain. However, there are two items that should be applied to all domain emails
- Static IP addresses for outgoing emails. This means that each domain on a single server is responsible for it's own white list status. You can't be blamed for someone else's bad email habits.
- SPF and Domain Keys. Each domain should have these dns records telling the recipient that yes, you have the right to send using this email address.
Unfortunately it's not as straightforward as I'm making it sound. Creating good records is a finicky job and testing, testing, testing to make them work took days. What would work for gmail would get bounced from yahoo and so on.
What Can You Do?
You have to be proactive and protect the reputation of your domain's emails services.
- If you use an auto-signature on your emails keep it simple and make sure that you aren't triggering beysian filtering for spammy words. Your name, phone number and URL is really all you need in the signature.
- Don't send bulk email through your domain account. Use a service like Constant Contact and send ONLY to an opt-in list. Keep that opt-in list clean!
- Understand your ISP's outgoing email policy. If they block port 25 you can end up with failures sending. If they block incoming emails for any reason you can end up missing important emails. Use your trusted sender list to minimize problems.
- If you need my help with your outgoing / incoming email problems make sure to send me a forwarded copy of the offending email so I can use the underlying code to track down the problem.
Current Status
As of today, Monday July 11, most of the serious issues are being resolved for those of you who contacted me last week. There are still a few lingering problem providers out there but those will resolve as their dns cache clears.
Long Term Solution
It's very likely that this isn't the end of the bigger problem. 60 BILLION spam messages are being sent every day. The sheer volume is changing how we use electronic mail.
Many of you should consider moving your domain email from the free, or add-on service that comes with your hosting account to a email service provider such asGoogle Apps for Business. The cost of service/cost of doing business ratio works out for many small businesses to a ++ solution. This does not change your domain hosting it simply is a specialty service that works. The add-on benefits are tremendous. Let me know if you need more information about how, why or if it would help you.