SuretyMail IADB Data Response Codes
The ISIPP Accreditation Database is an in-addr prefix style DNS list.
When queried, the IADB will return one or more A records for any site which is listed in the IADB. These are as follows:
|127.0.0.1||Listed in IADB|
|127.0.0.2||Listed in IADB (Alternate to 127.0.0.1)|
|127.2.255.1||Publishes SPF record|
|127.2.255.2||Publishes Microsoft “Sender I.D.” record|
|127.2.255.3||Publishes Domain Keys or the newer DKIM record|
|127.2.255.101||Participates in Habeas program|
|127.2.255.102||Participates in Ironport’s Bonded Sender program|
|127.2.255.103||Is a GoodMail certified sender|
|127.3.100.0||Has absolutely no mailing controls in place|
|127.3.100.1||Scrapes addresses, pure opt-out only|
|127.3.100.2||Accepts unverified sign-ups such as through web page|
|127.3.100.3||Accepts unverified sign-ups, gives chance to opt out|
|127.3.100.4||Adds only customer and inquirer email addresses to mailing list without opt-in, gives chance to opt out|
|127.3.100.5||Has opt-in mechanism available, used less than 50% of the time|
|127.3.100.6||Has opt-in mechanism available, used more than 50% of the time|
|127.3.100.7||All mailing list mail is opt-in|
|127.3.100.8||All mailing list mail is at least opt-in, and has confirmed (double) opt-in mechanism available, used less than 50% of the time|
|127.3.100.9||All mailing list mail is at least opt-in, and has confirmed (double) opt-in mechanism available, used more than 50% of the time|
|127.3.100.10||All mailing list mail is confirmed (double) opt-in|
|127.3.100.100||The only email which comes from this IP address is mailing list email, and that mailing list email is entirely confirmed (double) opt-in|
|127.3.100.200||The only email which comes from this IP address is one-to-one or transactional email. No bulk email is sent from this IP address|
|127.3.100.211||Mail coming from this IP address has been sent through a social networking service|
|127.3.100.212||Mail coming from this IP address has been sent through a service which provides email open and read tracking services|
|127.3.100.213||The email sent from this IP address comes from an ecard, e-invitation, or similar e-correspondence service, and consists of ecards, e-invitations, or similar e-correspondence initiated by the service’s users.|
|127.3.100.214||The email sent from this IP address has been sent through an Email Service Provider (ESP)|
|127.3.200.100||Is a non-profit organization|
|127.3.200.110||Sends out email on behalf of non-profit organizations|
|127.3.200.255||Services the emergency alert or first-responder sector – email from this IP address consists of time-critical urgent or emergency communications|
|127.101.001.10||Complies with Michigan’s Child Protection Email Address Registry law|
|127.101.002.10||Complies with Utah’s Child Protection Email Address Registry law|
|127.101.101.10||Has checked mailing lists against the Michigan Child Protective Registry within last 30 days|
|127.101.102.10||Has checked mailing lists against the Utah Child Protective Registry within last 30 days|
|127.101.201.10||This IP address sends no material which falls under the Michigan Child Protective Registry law|
|127.101.202.10||This IP address sends no material which falls under the Utah Child Protective Registry law|
ISIPP accepts suggestionis for other data point responses which would be useful in addition to those listed above. If you would like to suggest a data point response which would be useful to email receivers, please email your suggestion to support at isipp.com. Note that a query to IADB can return more than one response for any given listing; each response reveals one particular unique data point. For example 127.0.0.1 means that the site is listed in IADB, and 127.0.1.255 means that the listing is a vouched* listing. Thus for a site which is listed in IADB and which is a vouched listing, a query will return “127.0.0.1; 127.0.1.255”, providing the querying site with the very specific information that the site is listed in IADB, and that the listing is a vouched listing. A return of “127.0.0.1; 127.2.255.1” would indicate that the site is listed in IADB, and the site publishes an SPF record.
ISIPP also offers receivers the option of receiving one “aggregated data point return” rather than the individual data point returns described here. This is particiularly useful to large ISPs looking to make email delivery handling decisions. For more information about the aggregate return, see the section below on “IADB2”.
The level of granularity provided by IADB allows querying sites to make decisions based on precise information regarding a listing in the IADB.
Query the IADB:
This will give you this:
Addresses: 127.0.255.1, 127.2.255.1, 127.0.0.1
In this example 127.0.0.1 means that there is a listing in IADB, 127.0.255.1 means that the listing is a vouched* listing, and 127.2.255.1 means that they publish an SPF record.
In addition, although not required, IADB listees may choose to include “X-IADB-IP:” and
“X-IADB-IP-REVERSE:” headers in the email they send (followed by the sending IP address, and sending IP address reversed, respectively). This provides a notice to receiving systems that a) the IP address in the X-IADB header should match the sending IP address, and b) the sending IP address and additional information about the sender can be found in IADB.
The IADB2 contains the same database data as IADB, however its responses are presented as an aggregate data point return ‘score’, rather than individual data point returns. Where IADB will tell the user that a given listed site is, for example, a vouched* listing, and will also tell the user that the site publishes an SPF record, the IADB2 will return one single response which means “is a vouched listing and publishes an SPF record”.
Query the IADB2:
This will return:
This means that there is a listing in IADB, it is a vouched* listing, and they publish an SPF or Microsoft “Sender I.D.” record, but instead of listing each element separately, it’s aggregated into one (10 ‘points’ for being listed in IADB, + 10 ‘points’ for being vouched, + 10 ‘points’ for publishing an SPF or MS “Sender I.D.” record = the “30” at the end of the record).
IADB2 allows large receivers to do a lookup, get a single-record return, and say, for example, “do X with email from any IP which returns a .30 or greater at the end of the record” (such as “accept”), and “do Y with email from any IP which returns anything smaller than .20” (such as, say, do a DNSBL check), or whatever they want to do, based on whatever “score” they decide is appropriate.
IADB provides the same information but with a greater degree of granularity and specificity about each bit of data, which is more useful to some sites and spam filter programs.
The IADB2 is available at iadb2.isipp.com.
The IDDB is a companion database to IADB, which allows queriers to do a query by domain name; if the domain name is listed, it will return a list of IP addresses from which the domain is properly allowed to mail, along with the listee’s IADB registration number for cross reference.
The resulting IP addresses can then be plugged into an IADB query to get the IADB data about the sender’s status, opt-in policies, etc..
This ability to do full forwards and backwards authentication is our proprietary “triple check”: a lookup in the IADB confirms that an IP address is accredited, a lookup to the IDDB confirms whether the sending domain a) is accredited, and b) is confirmed as being associated with the sending IP address.
The IDDB is available at iddb.isipp.com. A lookup to the IDDB would look like this:
So for example, to look up the domain janegoodall.org:
$ dig janegoodall.org.iddb.isipp.com
; <<>> DiG 9.8.3-P1 <<>> janegoodall.org.iddb.isipp.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61002 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;janegoodall.org.iddb.isipp.com. IN A ;; ANSWER SECTION: janegoodall.org.iddb.isipp.com. 3211 IN A 18.104.22.168 janegoodall.org.iddb.isipp.com. 3211 IN A 22.214.171.124 ;; Query time: 26 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) ;; WHEN: Fri Sep 26 11:36:39 2014 ;; MSG SIZE rcvd: 80 With this lookup you instantly know that: 1) janegoodall.org is accredited with ISIPP SuretyMail 2) the only IP addresses authorized to send email claiming to be from janegoodall.org are 126.96.36.199 and 188.8.131.52 By using the IDDB in conjunction with the IADB, email receivers have an iron-clad, unassailable way to authenticate email with respect to whether or not the sending domain is spoofed. If an email passes both the IADB and the IDDB lookup, an email receiver can know with a high degree of certainty that the email is actually coming from the sender it claims, and is not spoofed. On the other hand If an email does not pass both the IADB and IDDB lookup, then it should be, at minimum, subject to further scrutiny.
As with the IADB, lookups to the IDDB are always free for email receivers. Receivers wishing to transfer the IDDB should contact us through our contact page.
ISIPP also offers the WADB, the Withdrawn Accreditation Database. This is a list of sites which were once listed in the IADB, but have violated our listing criteria to the point of being removed, and listed in the WADB.
The WADB is available at wadb.isipp.com.
It is free to query all of the IADB, IADB2, and WADB.
*A vouched listing means that you are either personally known to ISIPP or a referring partner has vouched for your mailing practices, or that you have been listed with SuretyMail for at least six months without incident.