Knowledgebase

Featured article

Included in this article Overview Data you’ll get from Email Bounces Bounce Categories Hard Bounces Soft Bounces Bounce Details Building the Directory 1. Create 6 custom fields 2. Create a Program to house everything 3. Create a Static List 4. Create two Smart Campaigns Smart Campaign One - Logging Email Bounces with Bounce Details Smart Campaign Two - Remove Leads From the List After Successful Deliveries 5. Create Custom List View Showing Bounce Details Overview Bounce activities carry details for why the email was bounced, but it’s housed within the activity log entry, not in a field on the lead record, so it’s difficult to export that data. This article will show you how to extract that information to create a directory of leads bouncing emails and how to make the list automatically update. This will also create counters for bounces and successful re-deliveries after bounces happen. Data you’ll get from Email Bounces Bounce Categories Email bounces come in different types depending on why the email was bounced; Hard Bounces or Soft Bounces. Hard Bounces Hard Bounces come in two types, Category 1 and Category 2. Category 1 bounces are emails that have been marked as spam by the recipient mail server. Many email servers monitor blacklists or spam traps, so after de-listing with them, leads that have had a Category 1 bounce previously may be able to receive emails again. Category 2 bounces occur due to an email address that is invalid or doesn’t exist. Soft Bounces Soft Bounces come in three different types, Categories 3, 4 or 9. Category 3 bounces are usually temporary, caused by full mailboxes, timeouts, or throttling. Any email with this designation has been retried for up to 24 hours (36 for AOL). Category 4 bounces are caused by technical problems, Transient Failures, Admin Failures, DNS Failures. Any email with this designation has been retried for up to 24 hours (36 for AOL). Category 9 bounces are unknown, undetermined or gibberish details. Any email with this designation has been retried for up to 24 hours (36 for AOL). Bounce Details When an email is bounced, the recipient mail server includes details of why it was bounced. These are created by the admin of the recipient mail server and vary greatly, but most will give some explanation that can give valuable information. Email Bounce Codes Building the Directory 1. Create 6 custom fields You’ll need 6 custom fields, two DateTime fields, two Score fields, and two String fields Name the DateTime fields “Bounce Date” and “Email Delivered After Bounce”. Name the Score fields “Email Bounces” and “Deliveries After Bounces” Name the String fields “Email Bounce Details” and “Email Bounce Category” Directions for creating Custom Fields can be found here: Create a Custom Field in Marketo 2. Create a Program to house everything Use a default program type and name it "Directory of Leads Bouncing Emails". Info on creating programs can be found here: Create a Program 3. Create a Static List This static list will be your actual directory that contains all of the leads that are currently bouncing emails. Name it "Active Bounce List". Info on creating a static list can be found here: Create a Static List 4. Create two Smart Campaigns These two Smart Campaigns are what will be used to add and remove leads from your active bounce list. Info on creating Smart Campaigns can be found here: Create a New Smart Campaign Smart Campaign One - Logging Email Bounces with Bounce Details Your first Smart Campaign will be used to listen for any email bounces that occur. The campaign will populate the “Bounce Date”, “Email Bounce Category” and “Email Bounce Details” fields. It will then add one point to the “Email Bounces” score field which can be used to count how many bounces have occurred per lead. Lastly, the campaign will add the lead to the static list which will be an active directory of leads who are bouncing emails. Campaign Smart List Use the two triggers of “Email Bounces” and “Email Bounces Soft” in the Smart List. Set both triggers to “is any” so that they will fire whenever any email bounces for any reason. Campaign Flow The Flow of the campaign will have 5 flow steps. The flow will use a System Token and some Trigger Tokens, which can be used to pull details out of the action that activated the trigger. In this case, the Trigger Tokens will be pulling out the details on why the emails were bounced. That info is in the bounce message and is logged in the lead's activity log. Normally you'd have to comb through the activity log one at a time to find these details for each individual lead. This method, however, will pull the details out automatically for all leads. Flow Step 1: Change Data Value Attribute: “Bounce Date” New Value: {{system.dateTime}} Flow Step 2: Change Data Value. Attribute: “Email Bounce Category” New Value: {{trigger.category}} Flow Step 3: Change Data Value Attribute: “Email Bounce Details” New Value: {{trigger.details}} Flow Step 4: Change Score Score Name: “Email Bounces” Change: +1 Flow Step 5: Add to List List Name: “Active Bounce List” Smart Campaign Two - Remove Leads From the List After Successful Deliveries Campaign Smart List The Smart List of the campaign will need a trigger for “Email is Delivered” set to “is any” and also a filter of “Member of List” looking just for leads that belong to your Static List. This way, the campaign will only apply to leads who have had an email bounce but have then had an email successfully delivered afterwards. Campaign Flow The Flow of the campaign will have 3 flow steps to do the following; log when the email was delivered, add a point to the "Deliveries After Bounce" Score Field, and remove the lead from the "Active Bounce List". Flow Step 1: Change Data Value Attribute: “Email Delivered After Bounce” New Value: {{system.dateTime}} Flow Step 2: Change Score Score Name: “Deliveries After Bounces” Change: +1 Flow Step 3: Remove from List List Name: Operational.Active Bounce List 5. Create Custom List View Showing Bounce Details The custom fields you’ve created for email bounce information won’t show automatically in the view of your list. You can create a new view of the list to show just this information so that when it is exported it will give you only the email bounce information you need. Once the list has the necessary details, it can be exported with those columns included so that you can work with it. You can identify emerging trends and issues with your deliverability by looking for common themes among the bounce details. Directions for creating Custom Views can be found here

Setting an email to "operational" does the following No unsubscribe link automatically added Email will be sent to leads set to Unsubscribed Email will be sent to leads set to Marketing Suspended Note - when sending an operational message, Unsubscribed and Marketing Suspended leads will still be included in the "blocked from email" count on the schedule tab of the campaign. When is it OK to use the operational setting? Sending marketing email to unsubscribed addresses is illegal. For this reason, you should be extremely careful to only use this setting in extremely limited circumstances. Using this setting incorrectly violates Marketo's Terms of Service, and most antispam laws. There may be legal consequences for using this setting incorrectly. Good uses of the operational setting fall into two categories: Transactional messages Relationship messages What's a transactional message? A transactional message is part of a transaction that a lead has initiated and you are responding to. Here's some examples of transactional messages: Receipts for purchases Registration confirmations Download links in response to form fill-outs Requested assets (whitepapers, spec sheets, etc.) What's a relationship message? A relationship message describes something that affects your business relationship with the lead. Here's some examples of relationship messages: Downtime notifications Changes to terms of service Recall notices End of service notifications Operational messages should not contain any marketing content at all. In other words, do not use the operational setting to send a message that contains a receipt and a promotion, only a receipt.

Double opt-in is the gold standard of email permission. Also known as confirmed opt-in or COI, this practice is where a person fills out an opt-in form and is then sent an email and must click a confirmation message before they are added to the mailing list. Here are some great reasons to use double opt-in: Protects against typos and bots Protects against spamtraps Reduces bounce rates, improves deliverability Required in some regions Increases engagement rates If you'd like to set up double opt-in with Marketo you can do this with the use of the Marketing Suspended function. Marketing Suspended is a status that is functionally equivalent to Unsubscribe - Marketo will not send these leads marketing emails, but will send them operational emails. You'll need an opt-in form and a pair of trigger campaigns. First, set up a trigger campaign such that, when the form is filled out, the flow has a Change Data Value to mark the lead as Marketing Suspended, and then a Send Email step to send an operational email that you will use to confirm their request to join your mailing list. Your confirmation email should be short and to the point, and make sure to set it as an operational email. We recommend that it is clearly branded, use a simple subject line such as "Confirm Your Request to Join Our Mailing List" or similar, and include a link within to a simple confirmation landing page. Set a second trigger campaign such that whenever someone clicks the confirmation link to the confirmation landing page, the flow will change data value Marketing Suspended new value is false. A follow up flow should be set up that if the recipient doesn't activate the link in the confirmation email the address is either deleted or set to Blacklist within the database after a reasonable timeframe, usually 2 weeks. The Blacklist status will ensure that no email is set to that lead until they have completed the subscription process. This prevents future operational emails from being sent to this email address unintentionally. That's it! Now, when someone fills out your opt-in form, they will be set to Marketing Suspended until they click the confirmation link in your operational confirmation email. You'll be well on your way to increasing the quality of leads on your mailing list by implementing this simple process.

Overview A blocklist is a database of IP addresses or domains that have been associated with the sending of unsolicited commercial email or spam. Internet Service Providers (ISPs) and business email networks use information from blocklists to filter out unwanted email. As a result there can be a drop in inbox delivery rates or overall delivery rates if the IPs or domains involved with sending email are listed on a blocklist. Marketo’s Email Delivery and Compliance team monitors blocklist activity on our IPs and domains daily. When we are alerted to a listing we reach out to the blocklist, attempt to identify the sender that triggered it, and work with the blocklist organization to get the listing resolved. There are thousands of blocklists out there most will not have a significant impact on your delivery rates. Below we have compiled a list of the blpcklists that our customers most commonly encounter. Tier 1 Blocklist Spamhaus Impact: Spamhaus is the only blocklist that we categorize as a tier 1 for a reason: it has by far the greatest impact on delivery of all of the blocklists. It is the most well-respected and widely used blocklist in the world. A listing at Spamhaus will have a negative effect on your ability to deliver emails to your customer’s inbox and can cause bounce rates of over 50%. Evidence suggests that most of the top North American ISPs use Spamhaus to inform blocking decisions. How it works: Unlike many blocklists, Spamhaus lists senders manually. This means that they are proactively watching sender activity, collecting data, and basing the listings on a number of variables. Most commonly senders are listed for mailing to spam trap addresses that Spamhaus owns. Sometimes Spamhaus will list senders based on recipient feedback as well. Next steps: Our team monitors closely for Spamhaus listings. When we see a listing we immediately alert the customer and contact Spamhaus to start the remediation process. Listings last until Spamhaus is satisfied that the offending sender has taken the appropriate steps to mitigate the problem. Tier 2 Blocklists SpamCop Impact: SpamCop is not used by any of the major North American ISPs to inform blocking decisions but it makes it to the Tier 2 list because it can have a significant impact on B2B email campaigns. How it works: SpamCop lists IPs for one of two reasons: Either the email hit SpamCop spam trap addresses OR A SpamCop user has reported the email unwanted. Most of SpamCop’s spam traps are previously valid addresses that have not been active for 12 months or longer. Next steps: SpamCop is a dynamic blocklist, listings typically resolve themselves within one business day. There is no action you will need to take to action the delisting with SpamCop, the Privacy Team researches every SpamCop listing and will request delistings when an alert is received that an IP is listed. If your email activity triggered a SpamCop listing it likely means that you have a list management problem that should be addressed. Manitu Impact: Manitu is a German blocklist and has a wide footprint in Europe. Email senders with European audiences tend to encounter this blocklist most frequently. Manitu is not used by North American ISPs to inform blocklist decisions but if you’re sending to Europe a listing could be problematic. How it works: Listings are automatically activated when a sender mails to a Manitu owned spam trap address. Next steps: The Privacy Team researches and requests delisting when an alert is received that a Marketo IP is listed. By working with this blocklist the Privacy Team is usually able to identify the customer and let them know that email activity from their subscription triggered a listing. Because Manitu operates solely on the use of spam trap addresses, getting listed by Manitu is a clear indication that senders need to audit their mailing lists. Tier 3 Blocklists SORBS Impact: The impact of a listing at SORBS is very minimal. How it works: SORBS uses several methods to identify potential spammers. Most of their lists use spam traps to identify problematic senders. But SORBS will also list a sender based on their own user complaints, if SORBS administrators have received spam from the sender, or if they identify other high-level sending behavior patterns characteristic of spammers. Next steps: The Privacy Team monitors SORBS activity and makes delisting requests for Marketo IPs as necessary. Oftentimes, SORBS will refuse to delist within a certain timeframe based on the severity of the issue. Sometimes this can be up to several weeks. UCEPROTECT Impact: The impact of a listing at UCEPROTECT is very minimal, though the blocklist has a greater footprint in Europe. The organization does not have a good reputation in the industry because they charge senders to request delisting. How it works: UCEPROTECT lists IPs that send mail to their spam trap addresses. Next steps: We ignore these listings because the only way to have them removed is to pay. The pay-to-delist model is not well respected in the email industry so UCEPROTECT has a very limited reach. ISP Blocklists Some ISPs have their own blocklists that they use to inform blocking decisions. A few examples are Comcast and Verizon. If your IP is being blocked by one of these networks, and those networks have a large presence in your lists, a block of this kind could have a noticeable negative impact on delivery. Marketo monitors for this type of ISP specific blocklisting and the the Privacy Team works to resolve these as soon as possible. Usually blocks at Comcast and Verizon are resolved within less than 24 hours of a delisting request. Additional Resources: Blocklist Deep Dive Abuse Report Deep Dive What is a spamtrap, or spam trap, and why does it matter? Blocklist remediation Blocklist resolution flowchart Successful lead reconfirmation What is a blocklist?

Leads can be auto unsubscribed due to default Feedback Loop setup with the ISPs listed on this page. You can use the following filters to find leads that have clicked the SPAM button in your emails: Filter 1: Data Value Changed Attribute: Unsubscribe New Value: True Reason: Contains, Customer Complaint Received from ISP. (Optional to Specify what Email Domain) Filter 2: Email Address Email Address: Contains, @domain.

Quick points: *Spamtraps are addresses owned by antispam organizations *Emailing a spamtrap (usually) gets your IP or domain blocklisted *Maintain current, direct opt-in with an active lead database to avoid this What is a spam trap or spamtrap? A spam trap, or spamtrap is an email address secretly owned by an antispam organization that is used to detect spam. Antispam organizations do not sign up for mailing lists, so they consider any email sent to these addresses to be spam. Once email is sent to the spamtrap, the antispam organization that owns this address will blocklist the IP that sent the email (or, less often, domains that are linked in the message). Email administrators purchase subscriptions to various blacklists, and use the lists to block all incoming email from listed IPs or containing listed domains. From the marketer’s perspective, this can mean a high number of bounced emails leading to low lead engagement, and ultimately to weak revenue performance. There are two types of spamtraps – pristine traps, and repurposed/recycled traps. A pristine trap is an email address that was never used by a person. A repurposed trap is an email address that once belonged to someone but is no longer a valid address; these addresses will bounce as bad addresses for at least six months before an antispam organization will turn them into live traps. How can a spamtrap get into my Marketo lead database? Purchased data Purchased data is unreliable. The antispam world does not like the use of purchased data so antispam administrators have made a concerted effort to get spamtrap addresses into the databases of data vendors. While data vendors may say they provide opt-in data in reality consent should be direct to your company. Sending unsolicited email is prohibited by the Marketo Terms of Use because this practice has a high risk of causing blocklist issues that can destroy deliverability for multiple Marketo customers. To avoid spam traps get direct opt-in before sending email. If you have purchased data in the past we recommend setting any inactive purchased leads to marketing suspended or simply removing them from your database. Old data Repurposed traps are email addresses that were once valid but are now owned by an antispam organization. This can happen when a company goes out of business; expired domains are often purchased by antispam organizations. Sometimes a company that has a direct partnership with an antispam organization will allow email addresses of former employees or users to become spamtraps. Because antispam organizations will generally make sure future spam traps return a bounce as bad addresses for at least six months before they become spam traps you can prevent repurposed traps in your database by emailing remaining engaged with everyone in your database at least once every six months. Avoid “wake the dead” campaigns to addresses you have not contacted in more than six months. Unconfirmed form entries People can unintentionally enter spamtrap addresses into forms either by making a typo or by intentionally using a fake email address that happens to be a spamtrap. If you use single opt-in, you may add spamtraps to your mailing list. This is more likely to happen if you are a B2C company or if someone thinks they can get whitepapers or free trials simply by filling out a form with made-up information. How can I identify spamtrap addresses? Spamtrap addresses are considered trade secrets by the antispam organizations. They do not share these addresses because their goal is for senders to change their mailing practices rather than to simply remove spamtraps from their mailing lists. That said, one thing we do know about spamtraps is that they tend to be automated processes and do not engage. Spamtraps do not click links. You can use smart list filters to identify inactive leads in Marketo. How can I prevent spamtraps in my database? Maintain active, direct opt-in for all leads. Don’t purchase data (to grow your list, sponsor events, use list rental services that send the first message for you, or use co-branded content that sends you only good leads) Email everyone you want to email at least once every six months Don’t add old data directly to your mailing list (if you need to, add in small batches and send a welcome email with a slightly different subject to each batch) Regularly clean your database of inactive leads Grant access to assets such as free trials and whitepapers as email links to discourage intentional use of fake email addresses on forms Use scripting on your forms to identify potential typos Is this article helpful ? YesNo

If you sent an email from the Lead Database (as a Single Flow Action), as part of a campaign, or as a test email but didn't receive it, here are some tips. Check the "From:" address When sending a test message, make sure to check the "From:" address setting on your message. To do this, go to the Email Settings tab of the email editor. In the "From:" field, make sure that you either have a single valid email address, or a valid email address as the default. Many people want to send their messages from the lead owner. When you use the send test feature, the email address you are sending to doesn't have a full lead record, and so it doesn't have a lead owner. Since Marketo cannot send an email with no "From:" address, test messages without a valid email address in the "From:" field will not send. Send as a Lead If you have verified that the email had a valid From: address and you still aren't getting it, make sure to create yourself as a lead and send using a flow action. See if the mail was sent If you sent the email as part of a campaign or Single Flow Action, check the campaign's Results tab or your lead detail page to see if that mail was already sent to you. If it hasn't been sent yet, try waiting a little while longer. Check your Junk Mail In your email client, check your Junk Mail or Spam folder to see if the mail landed there. If it did, you should change the content of your email. Check your corporate spam filter Your corporate mail server may have blocked emails from Marketo; you should contact your IT department to see if this is the case. Please see our instructions for whitelisting Marketo's email servers: Add Marketo to Your Corporate Email Whitelist Try sending to a different recipient If you sent the original mail to your corporate account, try sending to a personal account on Yahoo or Gmail. If you sent it to a personal account, try your corporate mail account. Use Marketo's Email Deliverability product The Email Deliverability PowerPack, with Design Informant and Inbox Informant, can warn you when your mail is being rejected because of its content and help you identify junk mail pitfalls. Also, using Domain Keys and SPF improve the chances of your email landing in your leads' inboxes. Contact Marketo If you still can't figure out what happened contact Marketo to see if we can help.

Issue If your IT department or a client asks for your Marketo dedicated sending IP address in order to whitelist your marketing emails, here is how you can find it. Solution Your Marketo instance's dedicated IP address can be found by sending yourself a live version of one of your Marketo emails, then checking the message headers for the IP address that it was sent from. It should also be included in the original documentation that Marketo's deliverability team would have provided you when the dedicated IP was set up. If you are unable to locate the IP address in the emails, or are unable to find your original documentation, please reach out to Marketo Support and we can look it up for you. Who This Solution Applies To Customers with a dedicated sending IP

Issue You receive a DMARC report from an ISP saying that your email failed to pass the SPF alignment check, but when you check your SPF listing in Admin > Email > SPF/DKIM, SPF is verified. Solution The SPF record in Admin > Email > SPF/DKIM is tied to your FROM domain. DMARC alignment (using SPF) aligns the domain in the FROM address with the domain in the “return-path” address. This “return-path” address, usually using a '*.mktomail.com' domain, is generally unseen by recipients and directs email bounces and errors back to Marketo for processing. Failed DMARC alignment, between these two domains, is what is triggering the failure your DMARC reporting. DMARC compliance requires EITHER DKIM or SPF compliance, not both in most cases. This article reviews the two methods available for DMARC alignment - https://nation.marketo.com/docs/DOC-1202-technical-tip-set-up-dmarc-verified-domains-in-a-few-easy-steps Having DKIM DMARC alignment may be enough and you may not need to rely on full SPF DMARC alignment. In order to set up SPF DMARC alignment, Branded Return-Path will allow you to align the “return-path” domain with your sending FROM address domain. If you have a dedicated IP on the current pricing plan or are on the Trusted IP range, Marketo can brand your return path at no additional charge. If you have a legacy Silver Dedicated IP package, or are on the Shared IP range, you can purchase the Branded Return Path as an add-on. More technical info can be found here: What is DMARC? - https://nation.marketo.com/docs/DOC-1097 https://nation.marketo.com/docs/DOC-5910-branded-envelopefrom-on-shared-or-trusted-ips https://nation.marketo.com/docs/DOC-5951-branded-envelopefrom-on-dedicated-ips

Syntax Recommendations Common Look Up mechanisms a: mx: include: ip4: ip6: exists: ptr: all Common Modifiers redirect= exp= An A Record must ALWAYS contain IP address (map host to IP) CNAME (Alias) must contain hostnames. No IPs here NS an MX records must contain host names. No IPs allowed. MX records (for mail servers) should contain hostnames NOT IPs. Too Many Mechanisms Section 10.1, "Processing Limits" of the SPF RFC 4408 specifies the following in regards to DNS lookups: SPF implementations MUST limit the number of mechanisms and modifiers that do DNS lookups to at most 10 per SPF check, including any lookups caused by the use of the "include" mechanism or the "redirect" modifier. If this number is exceeded during a check, a PermError MUST be returned. The "include", "a", "mx", "ptr", and "exists" mechanisms as well as the "redirect" modifier do count against this limit. The "all", "ip4", and "ip6" mechanisms do not require DNS lookups and therefore do not count against this limit. The "exp" modifier does not count against this limit because the DNS lookup to fetch the explanation string occurs after the SPF record has been evaluated. This limit is in place to prevent SPF lookups from being a useful avenue for Denial of Service attacks. Using an example SPF record as an example to illustrate, this record was breaking with 12 look-ups: example.com text = "v=spf1 include:_spf-a.example.com include:_spf-b.example.com include:_spf-c.example.com include:_spf-ssg-a.example.com include:spf-a.anotherexample.com ip4:131.107.115.215 ip4:131.107.115.214 ip4:205.248.106.64 ip4:205.248.106.30 ip4:205.248.106.32 ~all" [ 5 mechanisms] _spf-a.example.com text = "v=spf1 ip4:216.99.5.67 ip4:216.99.5.68 ip4:202.177.148.100 ip4:203.122.32.250 ip4:202.177.148.110 ip4:213.199.128.139 ip4:213.199.128.145 ip4:207.46.50.72 ip4:207.46.50.82 a:mh.example.m0.net ~all" [ +1 = 6 mechanisms] mh.example.m0.net a = 209.11.164.116 _spf-b.example.com text = "v=spf1 include:spf.messaging.example.com ip4:207.46.22.35 ip4:207.46.22.98 ip4:207.46.22.101 ip4:131.107.1.27 ip4:131.107.1.17 ip4:131.107.65.22 ip4:131.107.65.131 ip4:131.107.1.101 ip4:131.107.1.102 ip4:217.77.141.52 ip4:217.77.141.59 ~all" [+1 = 7 mechanisms] spf.messaging.example.com text = "v=spf1 include:spfa.anotherexample.com include:spfb.anotherexaple.com include:spfc.anotherexample.com -all" [+3 = 10 mechanisms] spfa.anotherexample.com text = "v=spf1 ip4:157.55.116.128/26 ip4:157.55.133.0/24 ip4:157.55.158.0/23 ip4:157.55.234.0/24 ip4:157.56.112.0/24 ip4:157.56.116.0/25 ip4:157.56.120.0/25 ip4:207.46.100.0/24 ip4:207.46.108.0/25 ip4:207.46.163.0/24 ip4:134.170.140.0/24 ip4:157.56.110.0/23 -all" [+0 = 10 mechanisms] spfb.anotherexample.com text = "v=spf1 ip4:207.46.51.64/26 ip4:213.199.154.0/24 ip4:213.199.180.128/26 ip4:216.32.180.0/23 ip4:64.4.22.64/26 ip4:65.55.83.128/27 ip4:65.55.169.0/24 ip4:65.55.88.0/24 ip4:94.245.120.64/26 ip4:131.107.0.0/16 ip4:157.56.73.0/24 ip4:134.170.132.0/24 -all" [+0 = 10 mechanisms] spfc.anotherexample.com text = "v=spf1 ip4:207.46.101.128/26 ip6:2a01:111:f400:7c00::/54 ip6:2a01:111:f400:fc00::/54 ip4:157.56.87.192/26 ip4:157.55.40.32/27 ip4:157.56.123.0/27 ip4:157.56.91.0/27 ip4:157.55.206.0/24 ip4:157.55.207.0/24 ip4:157.56.206.0/23 ip4:157.56.208.0/22 -all" [ +0 = 10 mechanisms] _spf-c.example.com text = "v=spf1 ip4:203.32.4.25 ip4:213.199.138.181 ip4:213.199.138.191 ip4:207.46.52.71 ip4:207.46.52.79 ip4:131.107.1.18 ip4:131.107.1.19 ip4:131.107.1.20 ip4:131.107.1.48 ip4:131.107.1.56 ip4:86.61.88.25 ip4:131.107.1.44 ip4:131.107.1.37 ~all" [+0 = 10 mechanisms] _spf-ssg-a.example.com text = "v=spf1 include:_spf-ssg-b.example.com include:_spf-ssg-c.example.com ~all" [+2 = 12 mechanisms] _spf-ssg-b.example.com text = "v=spf1 ip4:207.68.169.173/30 ip4:207.68.176.1/26 ip4:207.46.132.129/27 ip4:207.68.176.97/27 ip4:65.55.238.129/26 ip4:207.46.222.193/26 ip4:207.46.116.135/29 ip4:65.55.178.129/27 ip4:213.199.161.129/27 ip4:65.55.33.70/28 ~all" [+0 = 12 mechanisms] _spf-ssg-c.example.com text = "v=spf1 ip4:65.54.121.123/29 ip4:65.55.81.53/28 ip4:65.55.234.192/26 ip4:207.46.200.0/27 ip4:65.55.52.224/27 ip4:94.245.112.10/31 ip4:94.245.112.0/27 ip4:111.221.26.0/27 ip4:207.46.50.221/26 ip4:207.46.50.224 ~all" [+0 = 12 mechanisms] spf-a.secondexample.com text = "v=spf1 ip4:157.55.0.192/26 ip4:157.55.1.128/26 ip4:157.55.2.0/25 ip4:65.54.190.0/24 ip4:65.54.51.64/26 ip4:65.54.61.64/26 ip4:65.55.111.0/24 ip4:65.55.116.0/25 ip4:65.55.34.0/24 ip4:65.55.90.0/24 ip4:65.54.241.0/24 ip4:207.46.117.0/24 ~all" [+0 = 12 mechanisms] Character String Too Long 255 character limitation in a single string https://kb.isc.org/article/AA-00356/0/Can-I-have-a-TXT-or-SPF-record-longer-than-255-characters.html http://www.string-functions.com/length.aspx You may have more than 255 characters of data in a TXT or SPF record, but not more than 255 characters in a single string. If you attempt to create an SPF or TXT record with a long string (>255 characters) in it, BIND will give an error (e.g. "invalid rdata format: ran out of space".) Strings in SPF and TXT records should be no longer than 255 characters. However to get around this limitation, per RFC 4408 a TXT or SPF record is allowed to contain multiple strings, which should be concatenated together by the reading application. In the case of use for SPF (using either TXT or SPF RRs) the strings are concatenated together without spaces as described below. Reassembly by other applications of multiple strings stored in TXT records might work differently. 3.1.3. Multiple Strings in a Single DNS record As defined in [RFC1035] sections 3.3.14 and 3.3, a single text DNS record (either TXT or SPF RR types) can be composed of more than one string. If a published record contains multiple strings, then the record MUST be treated as if those strings are concatenated together without adding spaces. For example: IN TXT "v=spf1 .... first" "second string..." MUST be treated as equivalent to IN TXT "v=spf1 .... firstsecond string..." SPF or TXT records containing multiple strings are useful in constructing records that would exceed the 255-byte maximum length of a string within a single TXT or SPF RR record. EXAMPLE text = "v=spf1 ip4:199.15.212.0/22 ip4:72.3.185.0/24 ip4:72.32.154.0/24 ip4:72.32.217.0/24 ip4:72.32.243.0/24 ip4:94.236.119.0/26 ip4:37.188.97.188/32 ip4:185.28.196.0/22 ~all“ text = "v=spf1 ip4:199.15.212.0/22“ " ip4:72.3.185.0/24 ip4:72.32.154.0/24 ip4:72.32.217.0/24" " ip4:72.32.243.0/24 ip4:94.236.119.0/26" " ip4:37.188.97.188/32 ip4:185.28.196.0/22 ~all" Null Records in the SPF Record A record that is NULL or that does not exist will break an SPF record. Syntax within the record is very important, if there are extra spaces between mechanisms it will count as NULL. EXAMPLE text = "v=spf1 ip4:199.15.212.0/22“ <- accurate text = "v=spf1 ip4: 199.15.212.0/22“ <- NULL (NOTE the space between IP4: and the IP) Repetitive Records in the SPF Record - Void Lookups If there are too many repetitive mechanisms in the SPF record, including records that cascade (for example when using "include:") the record will break. There is a MAX of 2 void look ups in an SPF record. More than that and the record will break. This prevents SPF records from being used in Denial of Service style attacks. Validation Tools SPF checker, syntax validator and SPF tester http://www.kitterman.com/spf/validate.html SPF checker http://vamsoft.com/support/tools/spf-policy-tester SPF validator http://vamsoft.com/support/tools/spf-syntax-validator CIDR Calculator http://www.subnet-calculator.com/cidr.php Nslookup http://network-tools.com/nslook/ SPF creation wizard http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/ Common SPF errors http://www.openspf.org/FAQ/Common_mistakes SPF syntax definitions http://www.openspf.org/SPF_Record_Syntax

This originally appeared on the Brand Driven Digital blog, 9/19/2013. Written by Marketo's Digital Marketing Evangelist, DJ Waldow. Used with permission. Unemotionally Subscribed – People on your list who have not opened or clicked an email message from you in an extended (several months) period of time. They have not unsubscribed. They have not marked your message as spam. They either ignore it or take the time to actually delete it every time it lands in their inbox. Now, it depends on who you ask, but the percentage of your list that is considered “unemotionally subscribed” can be as high as 30%. Yup. Nearly one out of every three folks on your email list are not interacting with your emails … not at all. As I mentioned in this What Counts guest post, once you figure out who fits this “inactive” criteria, you have a few options: Immediately unsubscribe or delete them. I call this the “DO NOT PASS GO, DO NOT COLLECT $200″ approach. Move to a new list and mail to less frequently. I call this the “I think I need to see you a bit less often” approach. Send a last ditch “We missed you” type email. If they don’t respond, then do #1. I call this the “I’m going to give you one more chance” approach. Set up a re-engagement email series. I call this the “I really don’t want to break up, but if you are not responding at all, well, it’s over” approach. No one method is necessarily better than the other. I’ve seen all 4 executed before. As I often say, the best practice here is the one that’s best for your subscribers (and your business). I recently came across a great – creative, human, funny – example of #3, the last ditch “we missed you” email. Thanks to Suzanne Oehler who forwarded me this email. Check out this email from NTEN: The Nonprofit Technology Network The subject line – We miss you! - was certainly one that would stand out in many inboxes. The intro paragraph was short and to the point, but nothing crazy. But then it got fun … and creative. The first call to action read: “If you’d like to continue receiving NTEN emails, click here by Friday, August 2nd. Yay! This makes us very happy.” Again, they get right to the point. They even add a bit of “human” (Yay! This makes us very happy.) But it gets better. The “click here” link leads to hilarious Happy Dog video. IF you are a dog owner, you’ll love this. The second call to action read: “If you’d rather not receive NTEN emails, we’re sad to see you go. Simply delete this email and in a short time your account with NTEN will be removed from our systems.” Nothing crazy. Direct. Clear. Simple. However, the “sad” link again goes to a video – this one goes to a Sad Cat Diary video. Warning: some language in this video is NSFW. Then again, if you’ve ever owned a cat, you’ll appreciate the humor. The third, and final, call to action read: “Of course, if you change your mind, you can always sign up again” with the “sign up” link taking clickers to their email subscription landing page, of course. Now, fun and creative is one thing. If campaigns like these do not meet their intended goals (getting folks re-engaged), then, well, they are just “fun and creative.” So … Did It WORK? I contacted the team at NTEN to see how effective this campaign was. Below is what they shared with me. They sent this email to a list of 24,000 subscribers who had not opened in email from them in the past year. For this particular campaign, they reported the following metrics: Open rate – 38.89% vs. 26.73% “average” over the previous few emails Click-to-Open Rate* – 47.37% vs. 12.3% “average” over the previous few emails *in other words, of the 38.89% who opened the email, nearly 50% clicked at least one link Of those who clicked a link, the Top 4 most-clicked links were: 41.14%: Click Here (Happy Dog … to stay subscribed) 4.91%: Unsubscribe 2.21%: Sign up 2.14%: Sad (Sad Cat … to opt-out) By all accounts, I’d say this “We Miss You” campaign was a HUGE success? What do you think? Have you tried a “reenagement campaign in the past? If so, how effective was it for you? Drop a note in the comments below! P.S. The email marketing team at NTEN shared their “lessons learned” from this campaign in this blog post. I love their transparency. Is this article helpful ? YesNo

Marketo Champions are customers who have demonstrated outstanding leadership in the Marketo Community, are experts in Marketo products, are avid contributors in the social world, and are loyal advocates of the Marketo brand. Benefits and perks our Champions receive include: Access: Meetings with our product and marketing teams to give exclusive feedback Previews: Given early previews to products, features, and releases when available Publicity: Exclusive speaking opportunities at our annual Marketo Summit and other events Networking: Special networking events with Marketo executives and fellow Champions and semi-annual conference calls Ownership: Ownership of content and exclusive activities at our annual Marketo Summit that showcase your expertise and thought leadership Credibility: Special Champion badge on Marketo Community profiles, and profiled on Marketo's corporate website Sweet Swag: Champion-exclusive swag To find out more information and apply, click here. To view a complete list of current Champions, click here. Join the Marketo Elite Today!

Issue You would like to understand the difference between "Send email" and "Delivered email" activity. Solution Send email activity confirms that the email which you have sent has been dispatched from Marketo to be delivered. Delivered email activity is recorded when the recipient email server responds that the email has been accepted for delivery. Delivered email activity doesn't actually mean that email has been delivered to lead's email inbox. For more information on what happens to the email once it reaches the recipient email server, check out this blog post: https://nation.marketo.com/community/support_solutions/blog/2016/02/26/between-the-delivery-and-the-inbox-what-happens.

This is a article attached image Upon signing a contract with Marketo you are provisioned a Marketo instance and a Support Service. There are four different types of Support Services which are available to meet different customer support needs: Online (Legacy) Business or PREMIER SUPPORT BUSINESS (Legacy) Premier or PREMIER SUPPORT ENTERPRISE (Legacy) Elite or PREMIER SUPPORT ELITE Each Support Service has a different Service Level Target (SLT). An SLT is the amount of time Marketo Support targets to make first contact with you after a support case has been submitted. SLTs differ for each Support Service and priority level. Priority levels range from Priority P1 to Priority P4. Here are the SLTs and priority levels for each Support Service: Priority Online (Legacy) Business PREMIER SUPPORT BUSINESS (Legacy) Premier PREMIER SUPPORT ENTERPRISE (Legacy) Elite PREMIER SUPPORT ELITE P1 1 hour 1 hour 1 hour 30 minutes 30 minutes 30 minutes 15 minutes P2 4 hours 3 hours 2 hours 2 hours 1 hour 2 hours 30 minutes P3 6 hours 5 hours 4 hours 4 hours 2 hours 2 hours 1 hour P4 3 days 1 day 1 day 1 day 1 day 1 day 1 day Here are the descriptions for each priority level: Priority Description P1 Mission Critical: Core business function down or potential loss of mission critical data P2 Urgent: Major feature or workflow is not functioning. Mission critical workflow and majority of user community is not blocked P3 Important: Normal usability or task completion is impacted but functional, or workaround is available P4 Minor: Minor issue requiring a correction. Normal workflow is not impacted Find more information About Support here!

As part of your efforts to maintain a healthy inbox delivery rate, you should be monitoring your email bounce rates. If your hard bounce rate climbs above 5%, you should take a closer look at what’s going on. If your hard bounce rate hits 10% or more, you should be concerned about your data quality. If you have a high hard bounce rate, it is likely that you have a high number of invalid addresses. An invalid address is an address that has never existed or no longer exists, so mail will never be delivered to these addresses. Marketo automatically stops sending to these addresses, so you do not need to worry about suspending or removing them. But having a high invalid address rate could cause you major delivery problems and reputation issues, and could indicate problematic data sources or list segmentation practices that should be reevaluated. A high invalid address rate can lead to outright blocking of your mail at major ISPs. Many ISPs monitor the number of invalid addresses being sent to at their domains by specific senders. Once a certain threshold is hit, those ISPs will block mail coming from the offending sender. ISPs behave this way because they view a high rate of invalid addresses as an indication of problematic data practices of the sender. At best, a high invalid address rate means you are not sending to an engaged, active audience. At worst, it means that you are sending to purchased or rented lists, which is a violation of Marketo’s Email Use and Anti-Spam Policy. Chances are, if you have a high invalid address rate, there are other issues with your data that could also contribute to. If you receive a notification that we have noticed a high invalid address rate associated with your mailings, you should ask yourself some questions about your list management practices. Below are some things to consider: - Have you recently added any new leads or lead sources? Purchased lists are often full of invalid addresses. We often find that purchased lists contain numerous addresses from domains that don’t even exist any more. While you can use purchased lists to bulk up the data you have for existing leads, you cannot use them to bulk up your lead database. -Have you recently targeted old or inactive leads? We strongly recommend that you never send to an address that you haven’t mailed to for over a one year. You should be mailing to your contacts at least every six months. This will help prevent high invalid address rates, and will also help keep you and your content fresh in your contacts’ minds. If you do have to send to older leads, you should break up your lists and send to your most recent and active contacts first. - Who are you targeting? Some senders have more problems with high invalid address rates because of their target audiences. For example, targeting .edu domains often causes high invalid address rates because these are school addresses that have a higher turnover rate. B2B campaigns may sometimes have higher invalid address rates because of similar turnover rates at businesses. The best way to avoid high invalid address rates is to send to opted-in, engaged recipients. To help with this, a lot of senders clear out their inactive leads every six months or so. An inactive lead is a contact that has taken no action in the given time period— they haven't opened an email, clicked a link, visited your webpage, attended a webinar, and so forth. This can help with both your high invalid address rates and spam complaints. Inactive leads are a dangerous group to continue mailing to because their behavior proves that they do not want to interact with your mail, and will therefore likely complain to us or to their ISPs about it. We have a great resource on how to create a Smart List to remove inactive leads here. If you still need some help, please feel free to reach out to our Support team (support@marketo.com). Additional resources: Dos and Don'ts of Effective Lead Generation Best Practices for Purchased Data

From the Marketo Email Use Policy: "...You may not send any Unsolicited Email by use or means of the Marketo Service. "Unsolicited Email" is defined as email sent to persons other than: persons with whom you have an existing business relationship, OR (ii) persons who have consented to the receipt of such email, including publishing or providing their email address in a manner from which consent to receive email of the type transmitted may be reasonably implied." The full text of the policy is here: https://documents.marketo.com/legal/use-policy/ An abuse report is a report that an individual sends to abuse@marketo.com alleging that a Marketo customer sent unsolicited email. There are a number of reasons why someone might report abuse. Here are a few common reasons people report abuse to us: The person forgot they opted-in to the mailing The person received genuinely unsolicited email The person opted in, but the branding in the email was different than the branding on the opt in form so it was not clear the email they received was connected to their opt-in experience Someone signed up for your list with the wrong address, and the person who actually received your email felt it was abusive For additional reference - Abuse Report Deep Dive

The Google Apps antispam system uses a unique means of allowlisting. Customers on shared IPs should allowlist Marketo's entire sending ranges, because we sometimes need to move customers between IPs for technical reasons. The way to allowlist a range in Google Apps is to configure a manual IP block with a pass through. G Suite enables you to specify an IP address or range of addresses within a domain, and allow messages from those addresses only. This feature is sometimes referred to as IP lock. In G Suite, you set up this feature in the Content compliance setting. IP lock is a method that readily enables an administrator to simultaneously whitelist all incoming traffic from a particular domain while equally preventing spoofing by manually defining the allowed IP ranges. The following instructions are particularly useful with domains that do not have an SPF record and/or use third party applications to legitimately spoof their address. Setting up IP lock with the Content compliance setting includes three separate procedures: Adding the domain, defining the allowed IP range, and setting the correct disposition and NDR. See this page of Google documentation for more information: Enforce 'IP lock' in G Suite - G Suite Administrator Help Instead of using a CIDR range, this interface asks for the first and last IPs in the given range. Here are ours: 199.15.212.0 - 199.15.212.255 199.15.213.0 - 199.15.213.255 199.15.214.0 - 199.15.214.255 199.15.215.0 - 199.15.215.255 192.28.146.0 - 192.28.146.255 192.28.147.0 - 192.28.147.255 94.236.119.0 - 94.236.119.63 185.28.196.0 - 185.28.196.255 103.237.104.0 - 103.237.104.255 103.237.105.0 - 103.237.105.255 130.248.172.0 - 130.248.172.255 130.248.173.0 - 130.248.173.255 Is this article helpful ? YesNo

Issue Emails cannot be delivered from the Marketo instance and the following Soft Bounce code was recorded in the record's activity log. 554 5.4.7 [internal] (last transfail: 435 5.7.8 Authentication credentials invalid) Environment Dedicated IP Address SMTP Relay credential invalid Soft Bounce Code: 554 5.4.7 [internal] (last transfail: 435 5.7.8 Authentication credentials invalid) Cannot send email Email Delivered not recorded in activity log Solution Provide Marketo Support with the updated credentials so Support can create an internal request to get the update the credentials on Marketo's end. The process can take up to three (3) business days to complete. Note: Avoid using special characters in the password such as quotation mark (") as it can alter the configuration. Root Cause The credentials for the SMTP Relay has been changed and no longer match what is stored in Marketo. In most cases it is the password as it need to be change on an annual basis.

What is a Blocklist? Can I Still Send My Emails, or Are You Blocking Me from Sending? What Is a Spamtrap and Why Do They Matter? Can You Give Me the Spam Trap Address That Triggered the Blocklist So I Can Remove It from My Database? Can You Give Me More Information regarding the Blocklist Issue? What Is the Quarantined IP Range? I Sent This Email Campaign a While Ago. Why Am I Only Getting Notification of the Blocklist Issue Now, and Am I Still Blocklisted? The Blocklist Notification Went to the Wrong Email Address. Why Was It Sent to That Address? Which blocklists should I be concerned about? - Top Blocklists – What You Need to Know How do blocklist issues get resolved? What steps do I need to take to resolve the blocklist issue? - Blocklist Remediation

Summary You have set up a campaign or campaigns in the Email Deliverability Tool (250ok), but there is no engagement metric showing Total opens and Unique opens, which should be available in the ‘Engagement Overview’ in the Email Deliverability tool. You would need to ensure that you have configured the necessary setup for the tracking to work in the Email Deliverability tool. Issue Campaigns created in the Email Deliverability tool (250ok) doesn’t show any engagement overview metric such as total opens and unique opens. Environment Email Deliverability tool (Production/Sandbox) Solution You would need to implement the necessary setup for the metric to show in the Engagement Overview in the Email Deliverability tool (250ok) Follow the steps below to ensure you have configured the setup for campaign tracking. 1. Ensure your DNS CNAME is configured. (All that is required is creating a CNAME DNS entry on this domain that points to 250analytics.com) For more information, you can refer to this external documentation: https://www.validity.com/knowledge-base/what-are-custom-domains-in-250ok-analytics/ 2. Insert the correct tracking pixel code retrieved from the Email Deliverability tool. 3. Always utilizing the ‘c=‘ tag in your tracking code for your campaigns to ensure the tracking is measured correctly in the Email Deliverability tool. (Obviously, the CNAME above is essential to have it set up correctly). You can follow a guide on how to implement the ‘c=‘ tag and retrieve the tracking pixel is here: https://help.returnpath.com/hc/en-us/articles/360046308092-How-Do-I-Add-My-250ok-Tracking-Pixel- Once you have all these configuration settings, you can start tracking your campaigns which are sent via Marketo in the Email Deliverability > Engagement Overview. Root Cause Mis-configuration or no configuration made causing the campaign tracking does not work.

Knowledgebase

Maintaining a Directory of Leads Bouncing Emails

Operational Emails - Important Information

How to Set Up Double Opt-In (COI)

Top Blocklists - What you need to know

Finding Leads that are Auto Unsubscribed for Email Spam Complaints / Feedback Loop (FBL)

What is a spamtrap and why do they matter?

I Didn't Receive an Email that I Sent

Where Can I Find My Dedicated IP Address?

DMARC Report Says an Email Fails SPF but the SPF Record Shows as Verified.

Common SPF Errors & Fixes

A Creative Re-Engagement Email Campaign

Marketo Champion Program

Customer User Guide - Marketo Customer Support Links

The Difference between “Send Email” and “Delivered Email”

Service Level Targets (SLT)

High Invalid Address Rates: The what, how, and why you should care

Why do people report abuse?

Allowlisting with Google Apps

Soft Bounce Details: 435 5.7.8 Authentication credentials invalid.

Blocklists: Frequently Asked Questions

Email Deliverability Tool - Campaigns Not Being Tracked