SuretyMail Email Reputation Certification

 

List of Codes

  •  
  •  
  •  

SuretyMail IADB Data Return Codes

The ISIPP Accreditation Database is an in-addr prefix style DNS list.

When queried, the IADB will return one or more A records for any site which is listed in the IADB. These are as follows:

127.0.0.1 Listed in IADB
127.0.0.2 Listed in IADB (Alternate to 127.0.0.1)
127.0.1.255 Vouched listing*
127.2.255.1 Publishes SPF record
127.2.255.2 Publishes Microsoft “Sender I.D.” record
127.2.255.3 Publishes Domain Keys or the newer DKIM record
127.2.255.4 Publishes rDNS
127.2.255.101 Participates in Habeas program
127.2.255.102 Participates in Ironport’s Bonded Sender program
127.2.255.103 Is a GoodMail certified sender
127.3.100.0 Has absolutely no mailing controls in place
127.3.100.1 Scrapes addresses, pure opt-out only
127.3.100.2 Accepts unverified sign-ups such as through web page
127.3.100.3 Accepts unverified sign-ups, gives chance to opt out
127.3.100.4 Adds only customer and inquirer email addresses to mailing list without opt-in, gives chance to opt out
127.3.100.5 Has opt-in mechanism available, used less than 50% of the time
127.3.100.6 Has opt-in mechanism available, used more than 50% of the time
127.3.100.7 All mailing list mail is opt-in
127.3.100.8 All mailing list mail is at least opt-in, and has confirmed (double) opt-in mechanism available, used less than 50% of the time
127.3.100.9 All mailing list mail is at least opt-in, and has confirmed (double) opt-in mechanism available, used more than 50% of the time
127.3.100.10 All mailing list mail is confirmed (double) opt-in
127.3.100.100 The only email which comes from this IP address is mailing list email, and that mailing list email is entirely confirmed (double) opt-in
127.3.100.200 The only email which comes from this IP address is one-to-one or transactional email. No bulk email is sent from this IP address
127.3.100.211 Mail coming from this IP address has been sent through a social networking service
127.3.100.212 Mail coming from this IP address has been sent through a service which provides email open and read tracking services
127.3.100.213 The email sent from this IP address comes from an ecard, e-invitation, or similar e-correspondence service, and consists of ecards, e-invitations, or similar e-correspondence initiated by the service’s users.
127.3.200.100 Is a non-profit organization
127.3.200.110 Sends out email on behalf of non-profit organizations
127.3.200.255 Services the emergency alert or first-responder sector – email from this IP address consists of time-critical urgent or emergency communications
127.101.001.10 Complies with Michigan’s Child Protection Email Address Registry law
127.101.002.10 Complies with Utah’s Child Protection Email Address Registry law
127.101.101.10 Has checked mailing lists against the Michigan Child Protective Registry within last 30 days
127.101.102.10 Has checked mailing lists against the Utah Child Protective Registry within last 30 days
127.101.201.10 This IP address sends no material which falls under the Michigan Child Protective Registry law
127.101.202.10 This IP address sends no material which falls under the Utah Child Protective Registry law

[ISIPP accepts recommendations for other data point returns which would be useful in addition to those listed above. If you would like to suggest a data point return which would be useful to email receivers, please email your suggestion to iadb at isipp.com] Note that a query to IADB can return more than one response for any given listing; each response reveals one particular unique data point. For example 127.0.0.1 means that the site is listed in IADB, and 127.0.1.255 means that the listing is a vouched* listing. Thus for a site which is listed in IADB and which is a vouched listing, a query will return “127.0.0.1; 127.0.1.255”, providing the querying site with the very specific information that the site is listed in IADB, and that the listing is a vouched listing. A return of “127.0.0.1; 127.2.255.1” would indicate that the site is listed in IADB, and the site publishes an SPF record.

ISIPP also offers receivers the option of receiving one “aggregated data point return” rather than the individual data point returns described here. This is particiularly useful to large ISPs looking to make email delivery handling decisions. For more information about the aggregate return, see the section below on “IADB2”.

The level of granularity provided by IADB allows querying sites to make decisions based on precise information regarding a listing in the IADB.

Example:

Query the IADB:

nslookup 2.0.0.127.iadb.isipp.com

This will give you this:

Name: 2.0.0.127.iadb.isipp.com
Addresses: 127.0.255.1, 127.2.255.1, 127.0.0.1

In this example 127.0.0.1 means that there is a listing in IADB, 127.0.255.1 means that the listing is a vouched* listing, and 127.2.255.1 means that they publish an SPF record.

In addition, although not required, IADB listees may choose to include “X-IADB-IP:” and
“X-IADB-IP-REVERSE:” headers in the email they send (followed by the sending IP address, and sending IP address reversed, respectively). This provides a notice to receiving systems that a) the IP address in the X-IADB header should match the sending IP address, and b) the sending IP address and additional information about the sender can be found in IADB.

IADB2

The IADB2 contains the same database data as IADB, however its responses are presented as an aggregate data point return ‘score’, rather than individual data point returns. Where IADB will tell the user that a given listed site is, for example, a vouched* listing, and will also tell the user that the site publishes an SPF record, the IADB2 will return one single response which means “is a vouched listing and publishes an SPF record”.

Example:

Query the IADB2:

nslookup 2.0.0.127.iadb2.isipp.com

This will return:

Name: 2.0.0.127.iadb2.isipp.com
Address: 127.0.0.30

This means that there is a listing in IADB, it is a vouched* listing, and they publish an SPF or Microsoft “Sender I.D.” record, but instead of listing each element separately, it’s aggregated into one (10 ‘points’ for being listed in IADB, + 10 ‘points’ for being vouched, + 10 ‘points’ for publishing an SPF or MS “Sender I.D.” record = the “30” at the end of the record).

IADB2 allows large receivers to do a lookup, get a single-record return, and say, for example, “do X with email from any IP which returns a .30 or greater at the end of the record” (such as “accept”), and “do Y with email from any IP which returns anything smaller than .20” (such as, say, do a DNSBL check), or whatever they want to do, based on whatever “score” they decide is appropriate.

IADB provides the same information but with a greater degree of granularity and specificity about each bit of data, which is more useful to some sites and spam filter programs.

The IADB2 is available at iadb2.isipp.com.

IDDB

The IDDB is a companion database to IADB, which allows queriers to do a query by domain name; if the domain name is listed, it will return a list of IP addresses from which the domain is properly allowed to mail, along with the listee’s IADB registration number for cross reference.

The resulting IP addresses can then be plugged into an IADB query to get the IADB data about the sender’s status, opt-in policies, etc..

This ability to do full forwards and backwards authentication is our proprietary “triple check”: a lookup in the IADB confirms that an IP address is accredited, a lookup to the IDDB confirms whether the sending domain a) is accredited, and b) is confirmed as being associated with the sending IP address.

The IDDB is available at iddb.isipp.com. A lookup to the IDDB would look like this:

dig example.com.iddb.isipp.com

So for example, to look up the domain janegoodall.org:

$ dig janegoodall.org.iddb.isipp.com

; <<>> DiG 9.8.3-P1 <<>> janegoodall.org.iddb.isipp.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61002 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;janegoodall.org.iddb.isipp.com. IN A ;; ANSWER SECTION: janegoodall.org.iddb.isipp.com. 3211 IN A 65.244.115.200 janegoodall.org.iddb.isipp.com. 3211 IN A 74.221.236.65 ;; Query time: 26 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) ;; WHEN: Fri Sep 26 11:36:39 2014 ;; MSG SIZE rcvd: 80 With this lookup you instantly know that: 1) janegoodall.org is accredited with ISIPP SuretyMail 2) the only IP addresses authorized to send email claiming to be from janegoodall.org are 65.244.115.200 and 74.221.236.65 By using the IDDB in conjunction with the IADB, email receivers have an iron-clad, unassailable way to authenticate email with respect to whether or not the sending domain is spoofed. If an email passes both the IADB and the IDDB lookup, an email receiver can know with a high degree of certainty that the email is actually coming from the sender it claims, and is not spoofed. On the other hand If an email does not pass both the IADB and IDDB lookup, then it should be, at minimum, subject to further scrutiny.

As with the IADB, lookups to the IDDB are always free for email receivers. Receivers wishing to transfer the IDDB should contact us through our contact page.

WADB

ISIPP also offers the WADB, the Withdrawn Accreditation Database. This is a list of sites which were once listed in the IADB, but have violated our listing criteria to the point of being removed, and listed in the WADB.

The WADB is available at wadb.isipp.com.

It is free to query all of the IADB, IADB2, and WADB.

*A vouched listing means that you are either personally known to ISIPP or a referring partner has vouched for your mailing practices, or that you have been listed with SuretyMail for at least six months without incident.


  •  
  •  
  •