Monday, 14 August 2017

Email domains that violate RFC standards during email verification processes

All domains are created equal but some are more equal than others.


We stake our reputation for excellent email validation on the standard of responses we return to our customers. Our results create a Hippo Trust score, which is relied on by our customers to make decisions that improve profits and effectiveness.



Not all email providers play the game. Some responses are not in accordance with international Simple Mail Transport Protocol (SMTP) standards and that makes it necessary for us to return results that give the most secure response for our customers. Sometimes the best thing we can say is; 'unverifiable'.

This article explains in very simple terms about email protocols and gives topline, non technical information about the two domains we recognise as acting outside standards.

What's the SMTP Standard?

Way back in 1982 Jonathan Postel at the University of Southern California published a protocol for transferring (e)mail  reliably and efficiently. He called it Simple Mail Transfer Protocol. It's the standard that helps services validate whether an email can reach a recipient.

It also describes the content of email headers and footers and the order and content of standard replies and requests from sender and recipient.

The protocol demands a series of step-by-step processes that result in a shared understanding of the status of an individual email address. Basically the client (sender software) says 'hi' and the receiver (server software) says 'well hello there'. The sender says; 'I'd like to send you something' and the receiver says 'OK', or 'no-can-do and here's why'.

It's the 'here's why' bit that's key, as that gives the status of the email address in question.
All those years ago it worked and it still does. It's good to have rules.

So it's a pain when email service providers and infrastructure don't conform to these standards. It's not that hard to do...

So let's call them out.

Office 365 domains can't always count

Some Office 365 hosted domains can't count. They get all fingers and thumbs and end up sending a 250 code for 'OK' when what they mean is; 550 'sorry, I have no idea who that email is addressed to'.

We felt a bit sorry for them at first back in mid 2016 but now it's just annoying.  Office 365, you've been doing this for long enough to know better and you should be able to add up. More than that, you should be able to follow the SMTP Standard.  #playthegame

This is how Yahoo! domain SMTP interpretation probably looks


Yahoo! does an email validation dance

Oh Yahoo! you make us sigh. You see when you mean to signal a 550 Failure message , you get all bothered and do this funny little dance move where you throw your arms in the air and give us some really weird semaphore. I mean guys, what are you doing out there? With your mighty moves you signal an unpredictable, blended approach that goes along the line of;


  • Who are you?
  • Here's some numbers - they bear no relation to SMTP but we like them anyway
  • Slow down - we don't know what you mean
  • Who are you again?
  • Ask us again we're pretending not to hear you
  • Do we know you?
  • OK we'll put you on the naughty step or on the goody step depending on how we feel

You'll get the idea that the world of Yahoo! is a bit kooky.

Why does SMTP matter to you if you are having email addresses validated?


What impact do dance moves and a failure to count have on you when you send your email campaign or sell your data?

Jason was a good guy and what he was doing was building a protocol that would scale up. As long as people stuck to the rules and didn't go all dance moves on him.

So what it means for you is that when you get your emails validated, you might just get the; 'whoops, got that back to front' Office 365 response. Or you may go through the looking glass into the Yahoo! world where not much makes sense.

This means that emails you were told are good might bounce. Hard. And hard bounces are bad for business, whether you're sending mailing campaigns or trying to keep data clean and valuable.

We have spotted email validation companies (who shall remain nameless because they may not be doing it anymore) giving results in rhythm too. 'Good,Bad,Don't Know,Good, Bad, Don't Know...repeat until fade.

Now we provide a minimum 99% SLA and we take great care to give our customers confidence in our results. That's why we've called out Office 365 and Yahoo! These guys aren't reliable enough to stake our name and your sender reputation on. So we'll tell you we don't know for sure what they mean when they give us results. That way you can judge how you take good care of your reputation.

If you'd like more information about SMTP codes without the dance moves read here. It's a table of all codes and the interpretation of each one.
For information about our responses see our API documentation.



No comments:

Post a Comment

All posts are moderated to filter out link spam.