Suped

How can I monitor Microsoft reputation on a shared IP and what are third-party DKIM signatures?

9 Marketer opinions6 Expert opinions4 Technical articles4 Resources

Summary

Monitoring Microsoft reputation on shared IPs involves using a combination of tools and strategies due to the limitations of Microsoft's SNDS. Experts recommend tools like GPT (with the caveat of assuming its measurements are similar to Microsoft), Sender Score, Talos Intelligence, and Google Postmaster Tools, while emphasizing inbox and seed list monitoring. Regular checks of blocklist status using multi-RBL lookup tools and monitoring tools are crucial. Focusing on domain reputation is also advised. Regarding third-party DKIM signatures, defined as signatures from a domain other than the sender's (often an ESP), experts stress understanding their implications for brand reputation and authentication. It's essential to maintain good sending practices, clean lists, avoid spam traps, and ensure DKIM alignment, especially with ESPs, as improperly configured third-party DKIM can harm deliverability.

Key findings

  • Limited SNDS: Microsoft's SNDS has limitations in providing domain-level insights and specific shared IP monitoring capabilities.
  • Tool Combination: Effective monitoring requires a combination of tools and techniques, including GPT, Sender Score, Google Postmaster Tools, and blocklist checks.
  • Domain vs. IP: Focusing on domain reputation is increasingly important, though IP reputation monitoring remains relevant, especially for shared IPs.
  • DKIM Importance: Proper DKIM configuration, particularly when using third-party DKIM through an ESP, is crucial for authentication and deliverability.

Key considerations

  • Monitoring Strategy: Develop a comprehensive monitoring strategy that incorporates multiple tools and techniques to capture both IP and domain reputation metrics.
  • Alert System: Implement an alert system to promptly identify and address blocklist listings or significant reputation changes.
  • ESP Assessment: Assess your ESP's DKIM practices and ensure they align with best practices to prevent deliverability issues.
  • Good Practices: Adhere to good sending practices, including list hygiene, avoiding spam traps, and maintaining consistent sending volumes, to safeguard your sending reputation.
  • SNDS Limitations: Be aware that SNDS is limited to IP-level data and does not provide domain-level insights or specific shared IP monitoring capabilities so other tools are also needed.

What email marketers say
9Marketer opinions

To monitor Microsoft reputation on a shared IP, email marketers suggest using various tools such as Sender Score, multi-RBL lookup tools, and seed list testing. It's advised to focus on domain reputation through Google Postmaster Tools and monitor sender reputation using tools like Talos Intelligence. Key practices include maintaining good sending habits, regularly checking blocklist status, and setting up alerts for listings. For third-party DKIM signatures, which occur when ESPs sign emails on behalf of clients, it's crucial to understand their implications for brand reputation and ensure proper configuration to avoid deliverability issues. Monitoring sending volumes, practicing list hygiene, avoiding spam traps, and adhering to best authentication practices are essential for maintaining a positive reputation.

Key opinions

  • Monitoring Tools: Various tools can be employed to monitor IP and domain reputation, including Sender Score, multi-RBL lookup tools, Google Postmaster Tools, and Talos Intelligence.
  • Shared IP Challenges: Monitoring reputation on shared IPs requires vigilance, as the actions of other senders can impact your deliverability.
  • Third-Party DKIM: Third-party DKIM signatures are often used by ESPs but necessitate careful configuration to ensure they don't negatively affect deliverability.
  • Proactive Practices: Good sending practices, such as maintaining clean lists and avoiding spam traps, are crucial for upholding a positive sending reputation.

Key considerations

  • Tool Selection: Choose the right tools for monitoring both IP and domain reputation based on your specific needs and resources.
  • Alerting System: Set up alerts for blocklist listings or significant changes in reputation to enable prompt responses to potential issues.
  • Configuration: Properly configure DKIM and other authentication methods, especially when using a third-party DKIM signature through an ESP.
  • Continuous Monitoring: Regularly monitor your sending reputation and adjust practices as needed to maintain optimal deliverability.
  • List Hygiene: Regularly clean your email lists to remove inactive or invalid addresses, reducing the risk of spam complaints and improving sender reputation.
Marketer view

Email marketer from Reddit suggests regularly checking blocklist status using multi-RBL lookup tools to monitor the shared IP's reputation. He also suggests setting up alerts for any listing.

September 2023 - Reddit
Marketer view

Email marketer from Email Deliverability Forum explains that ESPs often use their own DKIM domains when sending on behalf of clients. This can help the ESP manage feedback loops and authentication more effectively but can also lead to deliverability issues if not properly configured.

August 2021 - Email Deliverability Forum
Marketer view

Email marketer from GlockApps recommends using seed list testing to monitor inbox placement at Microsoft and other ISPs. He also suggests looking at engagement metrics.

February 2022 - GlockApps
Marketer view

Email marketer from Mailgun suggests closely monitoring your sending reputation through their platform's analytics. He also stresses the importance of maintaining a clean sending list, avoiding spam traps, and adhering to best practices for authentication.

June 2021 - Mailgun
Marketer view

Email marketer from Mailjet suggests using tools like Sender Score and reputation monitoring services to track your shared IP's reputation. They also advise maintaining good sending practices to avoid blacklisting.

June 2024 - Mailjet
Marketer view

Email marketer from SparkPost suggests monitoring IP reputation using tools that provide insights into blocklist status and sender scores. He also mentions setting up alerts to get notified of any significant reputation changes.

September 2023 - SparkPost
Marketer view

Email marketer from Snov.io recommends checking your sender reputation using tools like Talos Intelligence. They emphasize monitoring your sending volume and list hygiene to maintain a positive reputation.

September 2023 - Snov.io
Marketer view

Email marketer from StackOverflow explains that a third-party DKIM signature occurs when an email service provider (ESP) signs emails on behalf of their clients using the ESP's domain, especially if the client hasn't set up their own DKIM.

August 2021 - StackOverflow
Marketer view

Email marketer from Litmus advises focusing on domain reputation over IP reputation and checking domain health using Google Postmaster Tools to get insights into spam rates, feedback loop, and authentication status.

September 2022 - Litmus

What the experts say
6Expert opinions

Monitoring Microsoft reputation on a shared IP involves using tools like GPT (with assumptions about MSFT similarity) and focusing on inbox monitoring, especially through seed list testing. Experts emphasize the importance of minimizing third-party DKIM signatures on emails sent to Microsoft and Google. A third-party DKIM signature is defined as a signature with a domain other than the sender's, often used by ESPs. To maintain IP reputation on shared IPs, regular monitoring of blocklist listings is advised. Understanding the implications of third-party DKIM signatures for brand reputation and authentication is crucial.

Key opinions

  • GPT Reliance: Relying on GPT (Google Postmaster Tools) is a common strategy, but assumptions must be made for its accuracy with Microsoft.
  • Third-Party DKIM Risks: Third-party DKIM signatures pose potential risks to brand reputation and authentication, requiring careful management.
  • Blocklist Monitoring: Checking blocklist listings is essential for maintaining IP reputation, particularly on shared IPs.
  • Seed List Testing: Inbox placement testing via seed lists is an effective method for monitoring deliverability.

Key considerations

  • DKIM Alignment: Ensure your DKIM signature always aligns with your domain to maintain brand consistency and trust.
  • Microsoft Specifics: Be aware that SNDS (Smart Network Data Services) may not be upgraded for domain-level reputation management, requiring alternative monitoring methods.
  • Proactive Monitoring: Regularly check blocklists and use monitoring tools to quickly identify and address any reputation issues.
  • ESP Practices: If using an ESP, understand how they handle DKIM signatures and ensure it aligns with best practices for deliverability.
Expert view

Expert from Spamresource recommends closely monitoring blocklist listings as an indicator of IP reputation for shared IPs. Regularly check major blocklists and use monitoring tools to stay informed about potential issues affecting deliverability.

November 2021 - Spamresource
Expert view

Expert from Word to the Wise explains that third-party DKIM signatures are often used by ESPs when sending mail on behalf of their clients, particularly if the client hasn't set up their own DKIM. She advises senders to be aware of the potential implications for brand reputation and authentication.

October 2024 - Word to the Wise
Expert view

Expert from Email Geeks gives examples of third-party DKIM signatures and emphasizes that if you're '[yourdomain.com]', you always want a DKIM signature signing as '[yourdomain.com]'.

March 2024 - Email Geeks
Expert view

Expert from Email Geeks clarifies that by inbox placement testing, he means seed list testing and mentions that he works for Kickbox, which has its own seed list-based inbox placement seedlist.

August 2024 - Email Geeks
Expert view

Expert from Email Geeks shares his trick to rely on GPT as much as possible and assume/hope measurements are similar on MSFT, along with inbox monitoring. He also advises keeping third-party DKIM signatures away from mail to Microsoft (and Google) domains and mentions that he doesn't see SNDS being upgraded to deal with domains.

May 2024 - Email Geeks
Expert view

Expert from Email Geeks defines a third-party DKIM signature as a DKIM signature with a domain other than your own.

March 2022 - Email Geeks

What the documentation says
4Technical articles

Microsoft's SNDS provides data on IP-related metrics like complaints and spam traps but doesn't cover domain reputation or shared IP specifics. DKIM, as explained by Google and RFC documentation, is an email authentication method that allows organizations to take responsibility for their messages. A third-party DKIM involves an ESP signing on behalf of a client. Google Postmaster Tools provides data on email performance, including spam rates and IP reputation, aiding in identifying and fixing deliverability issues.

Key findings

  • SNDS Limitations: Microsoft SNDS is limited to IP-level data and does not provide domain-level insights or specific shared IP monitoring capabilities.
  • DKIM Purpose: DKIM is an email authentication method used to verify sender identity and prevent spoofing.
  • 3rd Party DKIM: Third-party DKIM signatures involve an ESP signing emails on behalf of their clients.
  • Postmaster Tools Utility: Google Postmaster Tools helps identify and fix deliverability issues by providing data on email performance metrics.

Key considerations

  • Alternative Monitoring: Because SNDS does not address domain-level reputation, it's essential to employ alternative monitoring tools and techniques.
  • DKIM Implementation: Proper DKIM implementation is crucial for sender authentication and preventing email spoofing.
  • ESP Practices: Understand how your ESP handles DKIM signatures and ensure it aligns with best practices.
  • Data Analysis: Regularly analyze data from tools like Google Postmaster Tools to identify and address any deliverability issues proactively.
Technical article

Documentation from Google Workspace Admin Help explains that DKIM (DomainKeys Identified Mail) is an email authentication method designed to detect email spoofing. It allows an organization to take responsibility for a message in transit.

February 2024 - Google Workspace Admin Help
Technical article

Documentation from RFC Editor details how DKIM signatures work, including the use of cryptographic keys to verify the sender's identity. A third-party DKIM signature would involve a domain other than the sender's, often from an ESP.

January 2024 - RFC Editor
Technical article

Documentation from Google Postmaster Tools explains that this free tool provides senders with data about their email performance, including spam rates, IP reputation, and feedback loop information, which can help identify and fix deliverability issues.

September 2023 - Google Postmaster Tools
Technical article

Documentation from Microsoft SNDS Documentation explains that SNDS (Smart Network Data Services) provides data about your sending IPs, including complaint rates and spam trap hits, but does not directly offer domain reputation insights or specifically address shared IP monitoring.

October 2024 - Microsoft SNDS Documentation

Related resources
4Resources

Try EasyDMARC DKIM Checker | Free DKIM Lookup Tool
Try EasyDMARC DKIM Checker | Free DKIM Lookup Tool

EasyDMARC’s DKIM test tool is the easiest way to check incoming and outgoing emails for tampering-during-transit and intact digital signatures

EasyDMARC
Email deliverability issues with Microsoft and Barracuda Networks ...
Email deliverability issues with Microsoft and Barracuda Networks ...

This week a number of users in the organization have begun reporting email deliverability issues with various domains. Initially it was a report of emails failing to arrive in their inbox but it has now expanded to also include emails that we are sending. The undeliverable report is stating: Your message to user@domain.com couldn’t be delivered. domain.com suspects your message is spam and rejected it. Error Details: 550 5.7.350 Remote server returned message detected as spam → 550 permanen...

Spiceworks Community
Office 365 helps secure Microsoft from modern phishing campaigns ...
Office 365 helps secure Microsoft from modern phishing campaigns ...

Cybersecurity is a critical issue at Microsoft and other companies. We invest in sophisticated anti-phishing technologies that help protect our customers and our employees from evolving, sophisticated, and targeted phishing campaigns. The layers of protection in Exchange Online Protection and Advanced Threat Protection in Office 365 offer threat intelligence and cross-platform integration, protect against phishing threats, and safeguard data and intellectual property.

Inside Track Blog
DMARC and third-party senders: How to navigate them - Valimail
DMARC and third-party senders: How to navigate them - Valimail

Learn the two main scenarios that could complicate your DMARC process when working with third-party senders and what to do about it.

Valimail -

Related questions