Your Achievements

0% to

Next /

to gain points, level up, and earn exciting badges like the new !

View All Badges

Open Alert Bar

Knowledgebase

Featured article

(Article Updated - August 2024) Overview A blocklist is a database of IP addresses or domains that have been associated with the sending of unsolicited commercial email or spam. Internet Service Providers (ISPs) and business email networks use information from blocklists to filter out unwanted email. As a result there can be a drop to inbox delivery rates if the IPs or domains involved with sending email are listed on a blocklist. Marketo’s Email Delivery and Compliance team monitors blocklist activity on our IPs and domains daily. When an impactful listing occurs, we reach out to the blocklist, attempt to identify the sender that triggered it, and work with the blocklist organization to get the listing resolved. There are thousands of blocklists, most will not have a significant impact on your delivery rates. Below, we have compiled a list of the blocklists that commonly appear across our sender ecosystem. Each blocklist has been grouped into a top tier (Tier I) by most impactful, to the bottom least impactful tier (Tier III). These may have little to no impact across our sender network. Tier I Blocklist Spamhaus (SBL) Impact: Spamhaus is the only blocklist that we categorize as a Tier I for a reason: it has by far the greatest impact on delivery. It is the most well-respected and widely used blocklist in the world. A listing at Spamhaus will have a negative effect on your ability to deliver emails to your customer’s inbox and can cause bounce rates of over 50%. Evidence suggests that most of the top North American ISPs use Spamhaus to inform blocking decisions. How it works: Unlike many blocklists, Spamhaus lists senders manually. This means they are proactively watching sender activity, collecting data, and base listings on a number of variables. Most commonly senders are listed for mailing to spam trap addresses that Spamhaus owns. Sometimes Spamhaus will list senders based on recipient feedback as well. Next Steps: Please note that every Spamhaus email can be quite different depending on the information provided and the nature of the listing . Because Spamhaus has multiple types of listings, the remediation steps are based on which type of blocklisting has occurred. We have listed the most common types to affect Marketo customers, from most to least impactful. Impact can range from a full block of top severity, to a partial block that is less severe (CSS Data, DBL). If remediation isn’t performed and the problem not addressed, these listings can increase in severity and turn into a full blocklisting. Spamhaus Blocklistings Types SBL (full blocklisting) Considered the most impactful. Remediation steps: Our team monitors closely for Spamhaus listings. Once alerted to the listing, we send an email notifying the customer, and reach out to the Spamhaus contact to start the remediation process. Only a Marketo delivery team member should be in direct correspondence with the Spamhaus contact, to speak on behalf of the customer, and to relay their questions and instructions, ensuring quick resolution and reduced impact. Senders that trigger this listing on a shared IP range will be moved to a more isolated, penalty range (IPB), so as not to impact the other shared senders. Those affected on a Dedicated IP, only impact their own sending and will not be moved. However, depending on the severity of the issue, our team may need to revoke a customer’s ability to send any emails until full resolution. The listing will last until Spamhaus is satisfied that the offending sender has taken the appropriate steps to mitigate the problem. SBL CSS Customers are alerted of the listing with an email containing all the information needed to immediately begin the remediation process. This is part of an automated trigger listing, that allows for a customer to delist directly on the Spamhaus website, after they’ve completed remediation. Remediation steps: Customers will go to the Spamhaus IP lookup website, at https://check.spamhaus.org, where they can check on the status of their IP and continue to monitor it in real time, until it is no longer listed there. Follow the remediation and delisting instructions provided, and check for specific details in the blocklist notification email. DBL (Domain blocklisting) Customers will receive an email notification alerting of the company domain being listed. The email will contain specific information to help narrow down and identify which email source likely triggered it within Marketo. It’s important to note that any email sent from outside of Marketo, that contained the company domain, is suspect. This means, if the sender uses multiple IPs and/multiple email platforms, then any of those could be the source. Remediation steps: Follow the detailed instructions in the email, which will also provide a link to the Spamhaus Domain reputation checker webpage, to check the real time listing status of the affected domain. Once the email source is identified and cause addressed, this customer will follow the online instructions to request to be delisted. Tier II Blocklist SpamCop Impact: SpamCop is not used by any of the major North American ISPs to inform blocking decisions, but it makes it to the Tier II list because it can have a significant impact on B2B email campaigns. SpamCop is considered a Tier I one blocklist for B2B marketers but a Tier II for B2C marketers. SpamCop is a dynamic IP blocklist, that can affect a single IP or a subset of IPs Typically, the block will automatically lift within one business day, but can take longer for relisted IPs. To have triggered a SpamCop listing likely means the sender has a list management problem that should be addressed. How it works: SpamCop lists IPs for one of two reasons: Either the email hit SpamCop spam trap addresses OR A SpamCop user has reported the email unwanted. Most of SpamCop’s spam traps are previously valid addresses that have not been active for 12 months or longer. Remediation steps: If you are seeing a significant number of bouncing emails caused by a SpamCop blocked IP but aren’t sure if your email activity triggered the listing, first identify whether you are sending on a shared sender network or not. If sending from a shared IP range when this occurs, you or any other customer sending from the same network may have contributed to the IP block. This IP block will automatically get dropped within a business day. For those on a Dedicated IP that trigger a listing, refer to the above remediation steps and resources, to address the list management issue. Tier III Blocklist (Low/ No impact ) These are considered the lowest tier and therefore cause the least impact across the Marketo sender ecosystem. Some of these blocklists were more impactful at one time, while others are only impactful based on the sender region (Manitu). Others still can suddenly flare up (Lashback). There are also many blocklists that are ignored (0spam), and are not taken seriously because they do not provide any means to delist once on the list (NoSolicitado) or that they charge money to have the listing removed ( UCEPROTECT ). The pay-to-delist model is not well respected in the email industry. When using blocklist tool checkers, such as MXToolBox, many blocklists will appear, but very few are relevant. Here is our selection of Blocklists you may come across that are least impactful: Project Honey Pot SpamAssassin URIBL/SURBL DrMX PSBL 0spam HostKarma Ascams ZapBL Barracuda Trendmicro Inc. Cloudmark Proofpoint Invaluement ISP Blocklists Some ISPs use internal blocklists to make blocking decisions. Examples include AOL, Yahoo, Gmail, Outlook and Hotmail. If your IP is being blocked by one of these networks, and those networks have a large presence in your lists, a block of this kind could have a noticeable negative impact on delivery. Marketo monitors for significant ISP blocks. Those experiencing deliverability issues with emails not making it to the Inbox and bulking in the spam folder may benefit from additional services with our Email Delivery Consultants. Remediation Steps: Email Delivery Compliance Team works to resolve any ISP blocks. ISP blocks are are usually resolved or lifted within less than 24 hours of a delisting request. Customers experiencing significant blocks for Microsoft domains (outlook.com, live.com, microsoft.com), can submit a request to the delivery team to seek mitigation on their behalf. Additional Resources: Blocklist Deep Dive Abuse Report Deep Dive What is a spamtrap, or spam trap, and why does it matter? Blocklist remediation Blocklist resolution flowchart Successful lead reconfirmation What is a blocklist?

Issue When I go to the Support area of Nation, I do not have full access to all the areas and tools. Solution Our system is specific about how you need to access the Support Portal before we can authorize you to use it. The proper steps to take for us to authorize, and for you to submit cases, are as follows: Log into your instance Click the Community tile (step 1 image) Click Support in the top banner (step 2 image) Click Submit a Case option (step 3 image) Choose from top options depending on what you need to do (step 4 image) Create a case, Manage authorized contacts, edit your Info Simply going straight to the nation.marketo.com will not have the desired result. You must access the Support Portal from your instance by using these steps so that our system recognizes you properly. If this is your first time following these steps, your view of Step 3 will be different- not to worry, as that will be updated for you manually. Step 1 Step 2 Step 3 Step 4 If you experience issues, please email marketocares@marketo.com

Abuse Report An abuse report is when an email recipient forwards a complaint directly to abuse@marketo.com. Marketo’s Privacy and Compliance Team processes all complaints to these addresses and will unsubscribe the complainer when possible. Feedback Loop Complaint A feedback loop complaint is when an ISP forwards the complaints that originate from their users. For example, when someone clicks the SPAM or JUNK button in their email client. ISPs that offer FBLs expect that subscribers like Marketo will mark the complainer as unsubscribed in the original database. Marketo does process FBL complaints and marks the email address as unsubscribed. Additional Information: Feedback Loops (FBL) Abuse Report Deep Dive Finding Leads that are Auto Unsubscribed for Email Spam Complaints / Feedback Loop (FBL)

Issue A lead has an Unsubscribe activity logged in their activity history, but they continue to receive emails after the Unsubscribe. Solution An Unsubscribe activity is logged when the lead clicks the system Unsubscribe link embedded in a Marketo email. However, if that link takes them to a Preference Center that allows them to select from multiple options, they may not choose the full unsubscribe option and may continue to receive selected emails. To confirm if this is the case, find the Unsubscribe activity in their activity log and double-click on the activity to open it. This will show you the choices they selected in the email preferences form. In the example below, the lead did not fully unsubscribe, they only chose to unsubscribe from specific content. Since they did not choose the global unsubscribe, they will continue to receive some emails.

Marketo Champions are customers who have demonstrated outstanding leadership in the Marketo Community, are experts in Marketo products, are avid contributors in the social world, and are loyal advocates of the Marketo brand. Benefits and perks our Champions receive include: Access: Meetings with our product and marketing teams to give exclusive feedback Previews: Given early previews to products, features, and releases when available Publicity: Exclusive speaking opportunities at our annual Marketo Summit and other events Networking: Special networking events with Marketo executives and fellow Champions and semi-annual conference calls Ownership: Ownership of content and exclusive activities at our annual Marketo Summit that showcase your expertise and thought leadership Credibility: Special Champion badge on Marketo Community profiles, and profiled on Marketo's corporate website Sweet Swag: Champion-exclusive swag To find out more information and apply, click here. To view a complete list of current Champions, click here. Join the Marketo Elite Today!

Syntax Recommendations Common Look Up mechanisms Common Modifiers Too Many Mechanisms Character String Too Long Null Records in the SPF Record Repetitive Records in the SPF Record - Void Lookups Validation Tools Syntax Recommendations Common Look Up mechanisms a: mx: include: ip4: ip6: exists: ptr: all Common Modifiers redirect= exp= An A Record must ALWAYS contain IP address (map host to IP) CNAME (Alias) must contain hostnames. No IPs here NS an MX records must contain host names. No IPs allowed. MX records (for mail servers) should contain hostnames NOT IPs. Too Many Mechanisms Section 10.1, "Processing Limits" of the SPF RFC 4408 specifies the following in regards to DNS lookups: SPF implementations MUST limit the number of mechanisms and modifiers that do DNS lookups to at most 10 per SPF check, including any lookups caused by the use of the "include" mechanism or the "redirect" modifier. If this number is exceeded during a check, a PermError MUST be returned. The "include", "a", "mx", "ptr", and "exists" mechanisms as well as the "redirect" modifier do count against this limit. The "all", "ip4", and "ip6" mechanisms do not require DNS lookups and therefore do not count against this limit. The "exp" modifier does not count against this limit because the DNS lookup to fetch the explanation string occurs after the SPF record has been evaluated. This limit is in place to prevent SPF lookups from being a useful avenue for Denial of Service attacks. Using an example SPF record as an example to illustrate, this record was breaking with 12 look-ups: example.com text = "v=spf1 include:_spf-a.example.com include:_spf-b.example.com include:_spf-c.example.com include:_spf-ssg-a.example.com include:spf-a.anotherexample.com ip4:131.107.115.215 ip4:131.107.115.214 ip4:205.248.106.64 ip4:205.248.106.30 ip4:205.248.106.32 ~all" [ 5 mechanisms] _spf-a.example.com text = "v=spf1 ip4:216.99.5.67 ip4:216.99.5.68 ip4:202.177.148.100 ip4:203.122.32.250 ip4:202.177.148.110 ip4:213.199.128.139 ip4:213.199.128.145 ip4:207.46.50.72 ip4:207.46.50.82 a:mh.example.m0.net ~all" [ +1 = 6 mechanisms] mh.example.m0.net a = 209.11.164.116 _spf-b.example.com text = "v=spf1 include:spf.messaging.example.com ip4:207.46.22.35 ip4:207.46.22.98 ip4:207.46.22.101 ip4:131.107.1.27 ip4:131.107.1.17 ip4:131.107.65.22 ip4:131.107.65.131 ip4:131.107.1.101 ip4:131.107.1.102 ip4:217.77.141.52 ip4:217.77.141.59 ~all" [+1 = 7 mechanisms] spf.messaging.example.com text = "v=spf1 include:spfa.anotherexample.com include:spfb.anotherexaple.com include:spfc.anotherexample.com -all" [+3 = 10 mechanisms] spfa.anotherexample.com text = "v=spf1 ip4:157.55.116.128/26 ip4:157.55.133.0/24 ip4:157.55.158.0/23 ip4:157.55.234.0/24 ip4:157.56.112.0/24 ip4:157.56.116.0/25 ip4:157.56.120.0/25 ip4:207.46.100.0/24 ip4:207.46.108.0/25 ip4:207.46.163.0/24 ip4:134.170.140.0/24 ip4:157.56.110.0/23 -all" [+0 = 10 mechanisms] spfb.anotherexample.com text = "v=spf1 ip4:207.46.51.64/26 ip4:213.199.154.0/24 ip4:213.199.180.128/26 ip4:216.32.180.0/23 ip4:64.4.22.64/26 ip4:65.55.83.128/27 ip4:65.55.169.0/24 ip4:65.55.88.0/24 ip4:94.245.120.64/26 ip4:131.107.0.0/16 ip4:157.56.73.0/24 ip4:134.170.132.0/24 -all" [+0 = 10 mechanisms] spfc.anotherexample.com text = "v=spf1 ip4:207.46.101.128/26 ip6:2a01:111:f400:7c00::/54 ip6:2a01:111:f400:fc00::/54 ip4:157.56.87.192/26 ip4:157.55.40.32/27 ip4:157.56.123.0/27 ip4:157.56.91.0/27 ip4:157.55.206.0/24 ip4:157.55.207.0/24 ip4:157.56.206.0/23 ip4:157.56.208.0/22 -all" [ +0 = 10 mechanisms] _spf-c.example.com text = "v=spf1 ip4:203.32.4.25 ip4:213.199.138.181 ip4:213.199.138.191 ip4:207.46.52.71 ip4:207.46.52.79 ip4:131.107.1.18 ip4:131.107.1.19 ip4:131.107.1.20 ip4:131.107.1.48 ip4:131.107.1.56 ip4:86.61.88.25 ip4:131.107.1.44 ip4:131.107.1.37 ~all" [+0 = 10 mechanisms] _spf-ssg-a.example.com text = "v=spf1 include:_spf-ssg-b.example.com include:_spf-ssg-c.example.com ~all" [+2 = 12 mechanisms] _spf-ssg-b.example.com text = "v=spf1 ip4:207.68.169.173/30 ip4:207.68.176.1/26 ip4:207.46.132.129/27 ip4:207.68.176.97/27 ip4:65.55.238.129/26 ip4:207.46.222.193/26 ip4:207.46.116.135/29 ip4:65.55.178.129/27 ip4:213.199.161.129/27 ip4:65.55.33.70/28 ~all" [+0 = 12 mechanisms] _spf-ssg-c.example.com text = "v=spf1 ip4:65.54.121.123/29 ip4:65.55.81.53/28 ip4:65.55.234.192/26 ip4:207.46.200.0/27 ip4:65.55.52.224/27 ip4:94.245.112.10/31 ip4:94.245.112.0/27 ip4:111.221.26.0/27 ip4:207.46.50.221/26 ip4:207.46.50.224 ~all" [+0 = 12 mechanisms] spf-a.secondexample.com text = "v=spf1 ip4:157.55.0.192/26 ip4:157.55.1.128/26 ip4:157.55.2.0/25 ip4:65.54.190.0/24 ip4:65.54.51.64/26 ip4:65.54.61.64/26 ip4:65.55.111.0/24 ip4:65.55.116.0/25 ip4:65.55.34.0/24 ip4:65.55.90.0/24 ip4:65.54.241.0/24 ip4:207.46.117.0/24 ~all" [+0 = 12 mechanisms] Character String Too Long 255 character limitation in a single string kb.isc.org/article/AA-00356/0/Can-I-have-a-TXT-or-SPF-record-longer-than-255-characters.html string-functions.com/length.aspx You may have more than 255 characters of data in a TXT or SPF record, but not more than 255 characters in a single string. If you attempt to create an SPF or TXT record with a long string (>255 characters) in it, BIND will give an error (e.g. "invalid rdata format: ran out of space".) Strings in SPF and TXT records should be no longer than 255 characters. However to get around this limitation, per RFC 4408 a TXT or SPF record is allowed to contain multiple strings, which should be concatenated together by the reading application. In the case of use for SPF (using either TXT or SPF RRs) the strings are concatenated together without spaces as described below. Reassembly by other applications of multiple strings stored in TXT records might work differently. 3.1.3. Multiple Strings in a Single DNS record As defined in [RFC1035] sections 3.3.14 and 3.3, a single text DNS record (either TXT or SPF RR types) can be composed of more than one string. If a published record contains multiple strings, then the record MUST be treated as if those strings are concatenated together without adding spaces. For example: IN TXT "v=spf1 .... first" "second string..." MUST be treated as equivalent to IN TXT "v=spf1 .... firstsecond string..." SPF or TXT records containing multiple strings are useful in constructing records that would exceed the 255-byte maximum length of a string within a single TXT or SPF RR record. EXAMPLE text = "v=spf1 ip4:199.15.212.0/22 ip4:72.3.185.0/24 ip4:72.32.154.0/24 ip4:72.32.217.0/24 ip4:72.32.243.0/24 ip4:94.236.119.0/26 ip4:37.188.97.188/32 ip4:185.28.196.0/22 ~all“ text = "v=spf1 ip4:199.15.212.0/22“ " ip4:72.3.185.0/24 ip4:72.32.154.0/24 ip4:72.32.217.0/24" " ip4:72.32.243.0/24 ip4:94.236.119.0/26" " ip4:37.188.97.188/32 ip4:185.28.196.0/22 ~all" Null Records in the SPF Record A record that is NULL or that does not exist will break an SPF record. Syntax within the record is very important, if there are extra spaces between mechanisms it will count as NULL. EXAMPLE text = "v=spf1 ip4:199.15.212.0/22“ <- accurate text = "v=spf1 ip4: 199.15.212.0/22“ <- NULL (NOTE the space between IP4: and the IP) Repetitive Records in the SPF Record - Void Lookups If there are too many repetitive mechanisms in the SPF record, including records that cascade (for example when using "include:") the record will break. There is a MAX of 2 void look ups in an SPF record. More than that and the record will break. This prevents SPF records from being used in Denial of Service style attacks. Validation Tools SPF checker, syntax validator and SPF tester http://www.kitterman.com/spf/validate.html SPF checker http://vamsoft.com/support/tools/spf-policy-tester SPF validator http://vamsoft.com/support/tools/spf-syntax-validator CIDR Calculator http://www.subnet-calculator.com/cidr.php Nslookup network-tools.com/nslook/ SPF creation wizard microsoft.com/mscorp/safety/content/technologies/senderid/wizard/ Common SPF errors openspf.org/FAQ/Common_mistakes SPF syntax definitions openspf.org/SPF_Record_Syntax

There are thousands of blocklists out there and all of them operate a little differently and all have varying levels of reputation. There are only a dozen blocklists that really can impact delivery. The blocklist that requires the most work from you when you request delisting is Spamhaus. Spamhaus is a trustworthy blocklist and if you are listed at Spamhaus you have made a mistake that will need to be directly addressed before the listing can be removed. SpamCop is considered a tier I blocklist for B2B marketers but a tier II for B2C marketers. Marketo responds to all SpamCop listings; researching to identify the source so we can work with the customer to educate on best practices and prevent future listings. Some blocklists require that you pay a fee to be delisted. These blocklists are not favored in the email community because they use this tactic. For the most part, Marketo advises our customers not to mind alerts of being listed on a pay-to-delist blocklist. These blocklists tend to have minimal impact to your deliverability. For the most part blocklists are dynamic and resolve themselves in around 24 hours if the issue resolves. If the problematic sending continues, the blocklist will continue to keep you listed until the offending sending pattern stops. If you are blocklisted, your main concern at that point should be making sure it doesn't happen again. For steps on how to identify the problematic data source and improve your list hygiene in an effort to avoid blocklist issues, see our article on blocklists that matter.The article highlight those that have the potential to be the most impactful, as well as those to be largely ignored . Because blocklists are dynamic and constantly evolving, their relevancy is also subject to change within the Marketo sender ecosystem. Some had notable impact at one time but no longer are. Therefore always make sure to check if the current blocklist(s) of concern is a reputable and relevant to the sender region and ecosystem, and become familiar with those that matter the most.

Note: Once you have migrated to Admin Console, you can manage your support cases through the feature provided in the Admin Console Platform. To learn more, visit: https://experienceleague.adobe.com/docs/customer-one/using/home.html. Once you have submitted a case to Marketo support, we provide a simple way of staying connected to your case and the cases submitted from your company through the Marketo Support Portal. You can access the support portal through your Marketo instance by selecting Community in the top right corner: This is a article attached imageThis is a article attached image You can also access the support portal directly at support.marketo.com and login with your Marketo credentials (login and password). This will not work for users with SSO. Once you are in the support portal you can Create a Case for Marketo Support or you can also review any cases that are open and being worked on by support or review your case history. Navigate to My Case management: This is a article attached imageThis is a article attached image From the My Cases navigation you can access the following case views: This is a article attached imageThis is a article attached image My Recent Cases* - Cases that you have opened in the past 30 days All Company Recent Cases* - Cases that any authorized support contact has opened in the past 30 days My Open Cases – Cases created by you that are being triaged by Support and pending Support’s response and are more than 30 days old My Closed Cases – Cases that were created by you and are now closed My Awaiting Fix Cases – Cases that were created by you where Marketo is developing a fix which will be implemented at a later date All Company Closed Cases – Cases that were created by you or your colleagues that are now closed All Company Open Cases - All open cases submitted for the account Company Awaiting Fix Cases – Cases that were created by you or your colleagues where Marketo is developing a fix which will be implemented at a later date Management Escalations - Escalations opened by you or your colleagues Survey Cases - Surveys that are available for you to fill out after a case is closed *Cases that have been opened for more than 30 days will move from Recent cases to Open cases To view specific case details, click a case number. This is a article attached imageThis is a article attached image From the Case Details, you can perform the following: Close your Case - Select the "My Case is Resolved" button to close your case Add Comments - Provide additional comments to support or respond to a Support question Add Attachment - Provide any screenshots or documents that will help illustrate the issue you are reporting If your case has been closed there are two options available to you. Reopen - You can reopen your case if you are not satisfied with the case resolution by adding a comment in the case. Case Survey - Once your case has closed, please consider offering feedback on the level of Support you received.

When using Marketo it is not a requirement to set up DNS text records for SPF and DKIM. However, Marketo recommends setting up SPF and DKIM because it improves the deliverability of your mailings. Configuring and implementing one or both of these records is a way to verify that the server sending your mail is authorized to do so. If a recipient domain is configured to check for SPF and/or DKIM and those DNS records are available and your mail passes the SPF/DKIM check, it further reinforces its good reputation. Not implementing SPF/DKIM records does not add to or subtract from its reputation, it’s just not there. Please note, not all domains check for SPF/DKIM and if this is the case, again, the presence of these records does not add or subtract from your mail’s deliverability. There is no negative effect to setting up these records, and it can improve your deliverability. It is for these reasons that Marketo recommends setting up these DNS records and configuring their use in your instance of Marketo. For more information on how to set up and configure SPF/DKIM, please read our KB article here.

Overview A blacklist is a database of IP addresses or domains that have been associated with the sending of unsolicited commercial email or spam. Internet Service Providers (ISPs) and business email networks use information from blacklists to filter out unwanted email. As a result there can be a drop in inbox delivery rates or overall delivery rates if the IPs or domains involved with sending email are listed on a blacklist. Marketo’s Email Delivery and Compliance team monitors blacklist activity on our IPs and domains daily. When we are alerted to a listing we reach out to the blacklist, attempt to identify the sender that triggered it, and work with the blacklist organization to get the listing resolved. There are thousands of blacklists out there most will not have a significant impact on your delivery rates. Below we have compiled a list of the blacklists that our customers most commonly encounter. Tier 1 Blacklist Spamhaus Impact: Spamhaus is the only blacklist that we categorize as a tier 1 for a reason: it has by far the greatest impact on delivery of all of the blacklists. It is the most well-respected and widely used blacklist in the world. A listing at Spamhaus will have a negative effect on your ability to deliver emails to your customer’s inbox and can cause bounce rates of over 50%. Evidence suggests that most of the top North American ISPs use Spamhaus to inform blocking decisions. How it works: Unlike many blacklists, Spamhaus lists senders manually. This means that they are proactively watching sender activity, collecting data, and basing their listings on a number of variables. Most commonly senders are listed for mailing to spam trap addresses that Spamhaus owns. Sometimes Spamhaus will list senders based on recipient feedback as well. Next steps: Our team monitors closely for Spamhaus listings. When we see a listing we immediately alert the customer and contact Spamhaus to start the remediation process. Listings last until Spamhaus is satisfied that the offending sender has taken the appropriate steps to mitigate the problem. Tier 2 Blacklists SpamCop Impact: SpamCop is not used by any of the major North American ISPs to inform blocking decisions but it makes it to the Tier 2 list because it can have a significant impact on B2B email campaigns. How it works: SpamCop lists IPs for one of two reasons: Either the email hit SpamCop spam trap addresses OR A SpamCop user has reported the email unwanted. Most of SpamCop’s spam traps are previously valid addresses that have not been active for 12 months or longer. Next steps: SpamCop is a dynamic blacklist, listings typically resolve themselves within one business day. There is no action you will need to take to action the delisting with SpamCop, the Privacy Team researches every SpamCop listing and will request delistings when an alert is received that an IP is listed. If your email activity triggered a SpamCop listing it likely means that you have a list management problem that should be addressed. Manitu Impact: Manitu is a German blacklist and has a wide footprint in Europe. Email senders with European audiences tend to encounter this blacklist most frequently. Manitu is not used by North American ISPs to inform blacklist decisions but if you’re sending to Europe a listing could be problematic. How it works: Listings are automatically activated when a sender mails to a Manitu owned spam trap address. Next steps: The Privacy Team researches and requests delisting when an alert is received that a Marketo IP is listed. By working with this blacklist the Privacy Team is usually able to identify the customer and let them know that email activity from their subscription triggered a listing. Because Manitu operates solely on the use of spam trap addresses, getting listed by Manitu is a clear indication that senders need to audit their mailing lists. Tier 3 Blacklists SORBS Impact: The impact of a listing at SORBS is very minimal. How it works: SORBS uses several methods to identify potential spammers. Most of their lists use spam traps to identify problematic senders. But SORBS will also list a sender based on their own user complaints, if SORBS administrators have received spam from the sender, or if they identify other high-level sending behavior patterns characteristic of spammers. Next steps: The Privacy Team monitors SORBS activity and makes delisting requests for Marketo IPs as necessary. Oftentimes, SORBS will refuse to delist within a certain timeframe based on the severity of the issue. Sometimes this can be up to several weeks. UCEPROTECT Impact: The impact of a listing at UCEPROTECT is very minimal, though the blacklist has a greater footprint in Europe. The organization does not have a good reputation in the industry because they charge senders to request delisting. How it works: UCEPROTECT lists IPs that send mail to their spam trap addresses. Next steps: We ignore these listings because the only way to have them removed is to pay. The pay-to-delist model is not well respected in the email industry so UCEPROTECT has a very limited reach. ISP Blacklists Some ISPs have their own blacklists that they use to inform blocking decisions. A few examples are Comcast and Verizon. If your IP is being blocked by one of these networks, and those networks have a large presence in your lists, a block of this kind could have a noticeable negative impact on delivery. Marketo monitors for this type of ISP specific blacklisting and the the Privacy Team works to resolve these as soon as possible. Usually blocks at Comcast and Verizon are resolved within less than 24 hours of a delisting request. Additional Resources: Blacklist Deep Dive Abuse Report Deep Dive What is a spamtrap, or spam trap, and why does it matter? Blacklist remediation Blacklist resolution flowchart Successful lead reconfirmation What is a blacklist?

Quick points: *Spamtraps are addresses owned by antispam organizations *Emailing a spamtrap (usually) gets your IP or domain blacklisted *Maintain current, direct opt-in with an active lead database to avoid this What is a spam trap or spamtrap? A spam trap, or spamtrap is an email address secretly owned by an antispam organization that is used to detect spam. Antispam organizations do not sign up for mailing lists, so they consider any email sent to these addresses to be spam. Once email is sent to the spamtrap, the antispam organization that owns this address will blacklist the IP that sent the email (or, less often, domains that are linked in the message). Email administrators purchase subscriptions to various blacklists, and use the lists to block all incoming email from listed IPs or containing listed domains. From the marketer’s perspective, this can mean a high number of bounced emails leading to low lead engagement, and ultimately to weak revenue performance. There are two types of spamtraps – pristine traps, and repurposed/recycled traps. A pristine trap is an email address that was never used by a person. A repurposed trap is an email address that once belonged to someone but is no longer a valid address; these addresses will bounce as bad addresses for at least six months before an antispam organization will turn them into live traps.< How can a spamtrap get into my Marketo lead database? Purchased data Purchased data is unreliable. The antispam world does not like the use of purchased data so antispam administrators have made a concerted effort to get spamtrap addresses into the databases of data vendors. While data vendors may say they provide opt-in data in reality consent should be direct to your company./p> Sending unsolicited email is prohibited by the Marketo Terms of Use because this practice has a high risk of causing blacklist issues that can destroy deliverability for multiple Marketo customers. To avoid spam traps get direct opt-in before sending email. If you have purchased data in the past we recommend setting any inactive purchased leads to marketing suspended or simply removing them from your database. Old data Repurposed traps are email addresses that were once valid but are now owned by an antispam organization. This can happen when a company goes out of business; expired domains are often purchased by antispam organizations. Sometimes a company that has a direct partnership with an antispam organization will allow email addresses of former employees or users to become spamtraps. Because antispam organizations will generally make sure future spam traps return a bounce as bad addresses for at least six months before they become spam traps you can prevent repurposed traps in your database by emailing remaining engaged with everyone in your database at least once every six months. Avoid “wake the dead” campaigns to addresses you have not contacted in more than six months. Unconfirmed form entries People can unintentionally enter spamtrap addresses into forms either by making a typo or by intentionally using a fake email address that happens to be a spamtrap. If you use single opt-in, you may add spamtraps to your mailing list. This is more likely to happen if you are a B2C company or if someone thinks they can get whitepapers or free trials simply by filling out a form with made-up information. How can I identify spamtrap addresses? Spamtrap addresses are considered trade secrets by the antispam organizations. They do not share these addresses because their goal is for senders to change their mailing practices rather than to simply remove spamtraps from their mailing lists. That said, one thing we do know about spamtraps is that they tend to be automated processes and do not engage. Spamtraps do not click links. You can use smart list filters to identify inactive leads in Marketo. How can I prevent spamtraps in my database? Maintain active, direct opt-in for all leads. Don’t purchase data. (To grow your list, sponsor events, use list rental services that send the first message for you, or use co-branded content that sends you only good leads) Email everyone you want to email at least once every six months Don’t add old data directly to your mailing list. (If you need to, add in small batches and send a welcome email with a slightly different subject to each batch.) Regularly clean your database of inactive leads Grant access to assets such as free trials and whitepapers as email links to discourage intentional use of fake email addresses on forms Use scripting on your forms to identify potential typos

If you sent an email from the Lead Database (as a Single Flow Action), as part of a campaign, or as a test email but didn't receive it, here are some tips. Check the "From:" address When sending a test message, make sure to check the "From:" address setting on your message. To do this, go to the Email Settings tab of the email editor. In the "From:" field, make sure that you either have a single valid email address, or a valid email address as the default, if you are using a token. Many people want to send their messages from the lead owner. When you use the send test feature, the email address you are sending to doesn't have a full lead record, and so it doesn't have a lead owner. Since Marketo cannot send an email with no "From:" address, test messages without a valid email address in the "From:" field will not send. Send as a Lead If you have verified that the email had a valid From: address and you still aren't getting it, make sure to create yourself as a lead and send using a flow action. See if the mail was sent If you sent the email as part of a campaign or Single Flow Action, check the campaign's Results tab or your lead detail page to see if that mail was already sent to you. If it hasn't been sent yet, try waiting a little while longer. Check your Junk Mail In your email client, check your Junk Mail or Spam folder to see if the mail landed there. If it did, you should change the content of your email. Check your corporate spam filter Your corporate mail server may have blocked emails from Marketo; you should contact your IT department to see if this is the case. Please see our instructions for whitelisting Marketo's email servers: Add Marketo to Your Corporate Email Whitelist Try sending to a different recipient If you sent the original mail to your corporate account, try sending to a personal account on Yahoo or Gmail. If you sent it to a personal account, try your corporate mail account. Use Marketo's Email Deliverability product The Email Deliverability PowerPack, with Design Informant and Inbox Informant, can warn you when your mail is being rejected because of its content and help you identify junk mail pitfalls. Also, using Domain Keys and SPF improve the chances of your email landing in your leads' inboxes. Contact Marketo If you still can't figure out what happened contact Marketo to see if we can help.

When someone emails abuse@marketo.com to tell Marketo that they received unsolicited email from one of our customers, the result is called an abuse report. Instead of just hitting the “Report Spam” button, someone actually took the time to write to our abuse@marketo.com address and explain to us that they never wanted email from the sender. Because of this direct complaint we take these types of spam reports very seriously. Only about 10% of our customers ever receive any abuse reports at all so it is cause for investigation if you receive one. If you receive notification that someone filed an abuse report against your account review your list management practices. Below are some things to consider: When people sign up to receive emails from you, is it made clear to them that they are giving you permission to email them? Have you recently added any new leads or lead sources? Have you recently added older leads to your database that you have not reached out to in the past 6 months or more? Was there anything about the campaign that was complained about that makes it different from previous campaigns? In most cases people file these kinds of reports because: They never requested to be on your email list. They did request to be on your email list at some point but have forgotten because they have not heard from you in so long. The importance of using explicit opt-in in your list building efforts cannot be stressed enough. You should also send to active leads consistently enough that they continue to expect emails from you. The best ways to avoid complaint driven reputation issues is to send to opted-in, engaged recipients. To help with this, a lot of senders clear out their inactive leads every 6 months or so. An inactive lead is a contact that has taken no action in the given time period— they haven't opened an email, clicked a link, visited your webpage, attended a Webinar, and so forth. Inactive leads are a dangerous group to continue mailing to because their behavior proves that they do not want to interact with your mail and will likely complain to Marketo or to their ISPs about it. We have a great resource on how to create a Smart List to remove inactive leads here. If you still need some help, please feel free to reach out to our Support team (support@marketo.com). Additional resources: Abuse Report Deep Dive Blacklist Deep Dive

No, if you have received the blacklist notification, you are not blocked from sending mail. You can continue to mail while you work through the remediation steps. The only time we will ever block you from sending mail is if you trigger a listing at Spamhaus, the world’s most respected and widely used blacklist. If this happens, you will receive a call or email to let you know what’s going on and we will work with you to resolve the issue. This is a rare occurrence. Additional Resources: Can you give me the spam trap address that triggered the listing? What is a spamtrap, or spam trap, and why does it matter? What is a blacklist? How does Marketo respond to blacklisting and spam notifications? Top blacklists - What you need to know Blacklist Remediation Successful Reconfirmation

We manage our network to provide our customers with the highest server availability and best deliverability possible. Marketo has a strong anti-spam policy and a team that handles blacklist notifications in our IP space and spam complaints. We also cooperate with most major anti-spam providers and ISPs. In addition, we maintain feedback loops for many of the most popular email providers. For more information on feedback loops and ISPs with whom we have this arrangement, click here. Blacklistings are usually caused by sending mail to a spam trap email address. For an explanation on what causes blacklisting, click here. When we receive notification of a blacklisting, we react in two ways. First, we go through the procedures to remove the listing from that blacklist as soon as possible. Second, we determine (if possible) which of our customers caused the blacklisting and work with them to improve their mailing lists to prevent a reoccurrence in the future. This is usually a cooperative process, most frequently, a review of mailing policies and strategic pruning of a customer’s lead database will return them to best practices.

Issue Emails with valid email address get soft bounced with this error: Local address contains control or whitespace. Solution This error means that the email has a space somewhere in the the From email address or there was a comma or extra character in the From line. If you do not see a space inside the email address, check the end of the address to see if a space somehow got added at the end. The email send did not occur due to the error with the address. The emails will need to be resent once after the associated address is corrected with white spaces or extra characters. Also, there is the possibility that email address "text" contains Paragraph marks or hidden formatting symbols (https://www.computerhope.com/jargon/f/formmark.htm) and instance users will required to have it reviewed and changed.

Issue General recommendations for managing and improving deliverability to China. Solution If you are looking for general recommendations around delivering to China, here are some resources both from our Community and external sources. Navigating email delivery into China Golden Shield Project overview Sampi China Email Marketing and Chinese Anti-Spam Laws Summary English language version of the Measures for Administration of Email Service on Internet Lehman, Lee & Xu English language version of the Measures for the Administration of Internet E-mail Services 2006

Issue You want to set up a DKIM key on one of your domains or subdomains, but another service has a DKIM key already set up on the selector/domain combo. Solution Beginning October 2023, Marketo has upgraded it's DKIM feature to allow for a Custom Selector for DKIM Keys. Most Users will be able to utilize the prior default selector, m1, as their DKIM Key. However, if another integration is already utilizing the m1 selector, a custom value can be used. Common ones seen are "m2", "a1", "mkto", etc. It can be longer, but shorter is generally better Afterwards, you'll be able to validate DKIM as detailed in documentation: docs.marketo.com/display/public/DOCS/Set+up+a+Custom+DKIM+Signature

From the Marketo Email Use Policy: "...You may not send any Unsolicited Email by use or means of the Marketo Service. "Unsolicited Email" is defined as email sent to persons other than: persons with whom you have an existing business relationship, OR (ii) persons who have consented to the receipt of such email, including publishing or providing their email address in a manner from which consent to receive email of the type transmitted may be reasonably implied." The full text of the policy is here: documents.marketo.com/legal/use-policy/ An abuse report is a report that an individual sends to abuse@marketo.com alleging that a Marketo customer sent unsolicited email. There are a number of reasons why someone might report abuse. Here are a few common reasons people report abuse to us: The person forgot they opted-in to the mailing The person received genuinely unsolicited email The person opted in, but the branding in the email was different than the branding on the opt in form so it was not clear the email they received was connected to their opt-in experience Someone signed up for your list with the wrong address, and the person who actually received your email felt it was abusive For additional reference - Abuse Report Deep Dive

The Charter of Fundamental Rights of the European Union recognizes in Article 8 the right to the protection of personal data. This fundamental right is developed by the European legal framework on the protection of personal data consisting mainly of the Data Protection Directive and the ePrivacy Directive. They lay down several substantive provisions imposing obligations on the data controller and recognizing rights to the data subject, prescribing sanctions and appropriate remedies in cases of breach, and establishing enforcement mechanisms to make them effective. Although strictly speaking it is data controllers who bear legal responsibility for complying with data protection rules, also those who design technical specifications and those who actually build or implement applications or operating systems bear some responsibility for the data protection aspects from a societal and ethical point of view. The law applies to all Member States of the European Union. However, even websites outside the EU are required to comply with the law if they are targeting Member States. For example, a site based in the USA that sells products to consumers in the UK, or that has a French-language version of its site aimed at users in France, will still have to comply. Anonymous cookies, those that do not contain information that would enable you to identify a user, do not infringe the law anonymity and therefore are not a problem. The directive’s core requirement is to define how consumer’s "opt-in" or "opt-out" to cookies, and what level of information the consumer must be provided when cookies are used so they are sufficiently informed. Support Browser Do Not Track Settings docs.marketo.com/pages/viewpage.action?pageId=2951124 Visits to web pages do not reflect actual activity https://nation.marketo.com/docs/DOC-1300

Summary You have set up a campaign or campaigns in the Email Deliverability Tool (250ok), but there is no engagement metric showing Total opens and Unique opens, which should be available in the ‘Engagement Overview’ in the Email Deliverability tool. You would need to ensure that you have configured the necessary setup for the tracking to work in the Email Deliverability tool. Issue Campaigns created in the Email Deliverability tool (250ok) doesn’t show any engagement overview metric such as total opens and unique opens. Environment Email Deliverability tool (Production/Sandbox) Solution You would need to implement the necessary setup for the metric to show in the Engagement Overview in the Email Deliverability tool (250ok) Follow the steps below to ensure you have configured the setup for campaign tracking. 1. Ensure your DNS CNAME is configured. (All that is required is creating a CNAME DNS entry on this domain that points to 250analytics.com) For more information, you can refer to this external documentation: https://www.validity.com/knowledge-base/what-are-custom-domains-in-250ok-analytics/ 2. Insert the correct tracking pixel code retrieved from the Email Deliverability tool. 3. Always utilizing the ‘c=‘ tag in your tracking code for your campaigns to ensure the tracking is measured correctly in the Email Deliverability tool. (Obviously, the CNAME above is essential to have it set up correctly). You can follow a guide on how to implement the ‘c=‘ tag and retrieve the tracking pixel is here: help.returnpath.com/hc/en-us/articles/360046308092-How-Do-I-Add-My-250ok-Tracking-Pixel- Once you have all these configuration settings, you can start tracking your campaigns which are sent via Marketo in the Email Deliverability > Engagement Overview. Root Cause Mis-configuration or no configuration made causing the campaign tracking does not work.

Knowledgebase

Maintaining a Directory of Leads Bouncing Emails

Top Blocklists - What You Need to Know

Support Portal Access Issues

What Is the Difference between an Abuse Report and a Feedback Loop Complaint?

Lead Continues to Receive Emails After Unsubscribe Activity is Logged

Marketo Champion Program

Common SPF Errors and Fixes

How do blocklist issues get resolved?

Managing your Support Cases

What Are the Possible Effects of Not Setting Up SPF/DKIM Records?

Top Blacklists – What You Need to Know

What Is a Spamtrap and Why Do They Matter?

I Didn't Receive a Sample Email that I Sent

Abuse Reports: What They Are and How to Avoid Them

Can I Still Send My Emails, or Are You Blocking Me from Sending?

How Does Marketo Respond to Blacklisting and Spam Notifications?

Soft Bounce: Local Address Contains Control or Whitespace

Deliverability to China - Resources

Custom DKIM Selector

Why do people report abuse?

Marketing Automation and the European Privacy Laws

Email Deliverability Tool - Campaigns Not Being Tracked