Skip navigation
All Places > Support > Blog
1 2 3 4 Previous Next


50 posts

Cracking the Inbox Code: Google


It can be challenging to consistently achieve inbox delivery at Gmail and Google Apps.  One reason is that Gmail has very complicated filtering strategy, which learns from and classifies hundreds of items within a message to detect and prevent spam.  They’re machine learning-based and measure hundreds of things about incoming mail. The filters are continually adapting to spam threats and updating how they treat specific mail.


The impact of this approach is that filtering is far from static.  What passes to the inbox now, may fail in short order.


We’ve put together a bit of intel about Gmail filters to support senders in ensuring their programs are in tip-top shape to achieve inbox placement at Gmail/GoogleApps.


Google’s spam filters

  • Google’s leverages a content scan to determine if message is bulk/mass marketing.
  • The filters also recognize when an email is attempting to collect sensitive recipient information.  This will trigger “potential phishing message” notification and will also flag the mail as spam.
  • Gmail spam filtering is very user feedback-driven.  Subscribers train the filter when they click on “This is Spam” or “This is Not Spam.”
    • Low complaints and high “this is not spam” rates = positive engagement
  • Adapts to spam threats through machine learning and constantly updates filtering protocol.
  • GoogleApps Spam Filter:  In 2007, Google acquired Postini a security company focused on email.  In 2012 they started shifting customers away from the Postini anti-spam filter and towards GoogleApps.
  • Further, GoogleApps hosted email solution for businesses has rapidly earned marketshare, so most B2B senders are significantly impacted by delivery failures to this domain.
  • On the bright side, Google rarely rejects mail outright (though throttling is common during IP warming).  Most often, Google will deliver questionable mail to the spam folder.  The challenge is that it’s fairly difficult to navigate to the spam folder and with priority inbox, there are even more mechanisms to sort through mail, which may negate the subscribers willingness to search for mail in their spam folders.


  • Follow best practices for opt-in (confirmed opt-in is always best).
  • Set clear expectations regarding the type and frequency of the email you will send and honor the commitment.


  • Authenticate using SPF and DKIM (strongly encouraged) and publish your practices with DMARC.
  • Gmail considers transactional mail to be the most important mail they deliver.  Therefore, you should us separate IPs, subdomains, and sending addresses than are used for other email streams.  Don’t combine with promotional mail.
  • Set up a branded envelope from. (Available through Marketo, contact your CAM.)
  • Employ the list unsubscribe header.  Think of it as a poor man’s feedback loop at Gmail.  If you have a strong reputation at Gmail, this functions as a mechanism to return an unsubscribe request to you when your subscribers mark your message as spam. (Marketo uses the List Unsubscribe Header)


  • Ensure Your Links Aren't on a Blacklist or Inactive If your message is marked as suspected phishing mail, check to see if any of your URIs are on URL/domain based blacklists like URIBL, SURBL and SpamHaus DBL.  Ensure all URLs within your content are active and resolve as expected.
  • The presence of blacklisted and/or inactive URLs in your content will negatively affect your reputation with GoogleApps and your inbox placement. This includes third-party URLs like etc.
  • Manage engagement – monitor recipient activity and re-engage or remove inactives.  Contacts who never open your messages could become a liability for you if they start to file abuse complaints , which would ultimately impact your active recipients too. As a general rule, contacts with no activity for more than six months should be removed from your list or moved into a special “reactivation” messaging track designed to try to re-engage them one last time before dropping them from your list.
  • Encourage engagement.
    • Ask your recipients to mark your messages as “not spam.” This will alert Gmail that your recipients want to receive your messages, help your overall engagement with Gmail and improve delivery to the inbox.
  • Invite contacts to add your sending “From” address to their Gmail address book.
    • Ask your recipients to click Gmail’s yellow priority inbox icon and have them “mark as important.” This will ensure your mailings take the highest priority in your recipient’s inbox and are always listed as “important.”


  • Relevance!  Send only targeted, relevant email to keep subscribers engaged.
  • Implement behavioral marketing best practices to increase message relevance and boost opens and clicks.  Sending emails triggered by a person’s behaviors, preferences or demographics is one of the best ways to ensure a positive customer experience and increase recipient interaction with your messages.
  • Subject Lines:  Keywords and symbols in your subject line can trigger the GoogleApps filter. Avoid the use of the prefix “ADV:” (for advertisement), dollar signs or multiple exclamation points.
  • Avoid Certain Number Patterns:  GoogleApps has a filtering function that matches number patterns and/or sequences that look like credit card or Social Security numbers. They consider this an indication that the mail is a potential phishing message and it will result in a block of your messages. The following are examples of the patterns that will trigger the filter:
    • 16 digit number patterns (credit card):
      • n nnnn nnnn nnnn nnnn
      • nnn-nnnn-nnnn-nnnn
      • nnnn nnnn-nnnn nnnn
      • nnnnnnnnnnnnnnnn
    • 9 digit number sequences (Social Security) – these digits can be separated by spaces dashed or periods:
      • nnn-nn-nnnn
      • nnn nn nnnn
      • nnn.nn.nnnn
      • nnn-nn nnnn
  • Remind recipients to click on the “Always display images from this address” button. This enables your recipients to see your HMTL emails as they were intended and also goes toward positive recipient engagement – especially important given how critical your images are to your message.
  • Create Gmail-specific campaigns with subject lines and a targeted call to action for Gmail users.
  • Avoid URL shorteners.  As noted earlier, URL reputations have a significant weight on Google’s filtering, and URL shorteners have been abused by spammers to deliver malicious email, such that many of the URL shortener domains are permanently blacklisted or blocked.

Additional Resources

Gmail’s Bulk Sender Guidelines

Troubleshooting for Bulk Email Senders

The Learning Behind Gmail's Priority Inbox

Full Metal Email – Confessions of an ‘Anti-Spam Zealot’

Why am I seeing "via" in the From line?

Google Product Forum - Mail server blocked by gmail as a bulk sender

6 Things To Watch For Better Gmail Deliverability


Special thank you to Carmi Lopez-Jones for helping draft this blog post!

Is this article helpful ?


Is this article helpful ?


I get lots of questions about how to manage changes to the links used within email.  This can happen with a business name changes, a business acquisition or just a rebranding process.

When customers change out the branding on a tracking link or a landing page this means setting up a new subdomain and pointing their domain to the Marketo CNAME. 

I recommend is setting up the CNAME on the new domain and leaving the same CNAME in place for the old domain for at least 3-6 months.  This ensures that any older links that may be activated will continue to work as your recipients may dig up an old email to review content.


Happy Sending!


Additional Resources about Landing Pages (Personalization) - Marketo Docs - Product Docs

image2015-1-6 13_52_6.png

Recently my team was managing a customer escalation about an unexpected and suspicious spike in click activity in email.  The customer observed all the links within an email activated immediately after delivery.  This is a known issue with filters like Barracuda. The email is accepted and if the message is deemed suspicious, it is subjected to higher scrutiny and the links are validation ‘tested’ to ensure they are not malicious. We have seen a slight increase in this activity since the beginning of the year but in most cases we can mitigate the behavior by focusing on improving the reputation of the sender.


At issue is a part of the Barracuda email filter call the intent filter. There are 3 different modules to this filter.

Intent analysis – Markers of intent, such as URLs, are extracted and compared against a database maintained by Barracuda Central.

Real-Time Intent Analysis – For new domain names that may come into use, Real-Time Intent Analysis involves performing DNS lookups against known URL blocklists.

Multilevel intent analysis – Use of free websites to redirect to known spammer websites is a growing practice used by spammers to hide or obfuscate their identity from mail scanning techniques such as Intent Analysis. Multilevel Intent Analysis involves inspecting the results of Web queries to URLs of well-known free websites for redirections to known spammer sites.  According to Barracuda support it is the multilevel intent analysis module responsible for clicks on links.


Often in these cases the bounces returned from other undelivered email show evidence of content filtering by other networks also, which may indicate there's something going on with the content that's making it look suspicious. In addition we always coach customers to avoid the usage of any URL shorteners also. If there are any in your content, that may prove problematic.


How to Manage This Behavior?

One of the ways we suggest mitigating this behavior if it is problematic is to consider set up a “stealth” link, that human readers won’t see or click on but that parsing software might. Clicks on that link, that is unseen by human eyes, are a sign that the click was not done by the intended recipient. It would allow you to create program rules around the behavior so as to mitigate skew in the click rates.


I also suggest reviewing your own email sending reputation to understand if your own reputation is triggering this activity.  Are you managing your in-active addresses and removing those from your email program over time?  Do you have a process to remove recurring Soft Bounces after successive unsuccessful delivery attempts?  These two processes are often the first place my team starts when working with customers to improve their sending reputation.  Taking these two actions will improve your reputation over time and you will be less likely to trigger enhanced content filtering if you maintain a pristine sending reputation. 


Here is a great series of Community Resources to help you understand and manage your email sending reputation:


Also, here's a link to an article by a well known deliverability expert on this topic from a couple of years ago but is still relevant:

Is this article helpful ?


The Email Deliverability and Privacy Team always stresses the importance of a strong sending reputation. By keeping an eye on your engagement (opens, clicks, etc.) and reputation (spam complaints, spam traps, unknown users, etc.) metrics you’ll get a good picture of how your emails are being received by subscribers.

But if you’re looking for another measure of your reputation you can take advantage of a handful of resources that will let you know where you stand.  Here are 4 sites that will help you check sending reputation:

Like a credit score, a Sender Score is a measure of your reputation. Scores are calculated from 0 to 100. The higher your score, the better your reputation and the higher your email deliverability rate. Numbers are calculated on a rolling 30-day average and illustrate where your IP address ranks against other IP addresses. This service is provided by Return Path.

Senderbase is a product of Cisco and provides you with the tools to check your reputation by ranking you as Good, Neutral, or Poor. Good means there is little or no threat activity. Neutral means your IP address or domain is within acceptable parameters, but may still be filtered or blocked. Poor means there is a problematic level of threat activity and you are likely to be filtered or blocked.



WatchGuard’s ReputationAuthority helps protect business and government organizations from unwanted email and web traffic that contain spam, malware, spyware, malicious code, and phishing attacks. You can look up your IP address or domain, receive a reputation score from 0-100, and get the percentage of emails that were good versus bad.



TrustedSource is a site very similar to, but run by McAfee. It provides information on both your domain’s email and web reputations as well as affiliations, domain name system (DNS), and mail server information. It also provides details on the history, activation, and associations of your domain

Is this article helpful ?


Flows can have choices. Those choices are numbered. But what if you want to know what choice a lead was affected by??

You can open the activity log for a lead and find the activity in question. It shows the choice number. Great, right!?!?!



Nope. The choice number does not reflect the actual choice number that the lead was affected by. As you can see in the image above, it shows Choice 0.

Where is choice 0??

FlowStepChoiceSnap.JPGI had a case that was exactly that and I banged my head repeatedly trying to figure out why a lead was removed from the flow when the choice number the activity log was showing should not have disqualified the lead.


So, I created a Smart Campaign with a “Remove from Flow” flow step and 2 choices plus the default. What I found when my test lead went through the campaign was that the 1st choice, labeled Choice #1 in the flow step, actually was referenced as Choice 0 in the activity log. See the image above.

Weird right?

For sure, until I thought back to some of my basic programming classes in college. This was looking the same way an Array works. In an Array, the first entry is listed as 0, so when you want to pull information from an array and want the 1st record, it is referenced as 0, instead of 1. This is called the index number and always starts with 0.

For more information on arrays, visit W3Schools JavaScript Arrays page which gives an overview of arrays in JavaScript.


So, if you are wanting to know which choice a lead was affected by, keep in mind that the choice number listed when you pull the details of an activity log entry is -1 of the choice number in the flow step.

Is this article helpful ?


Set Up Google's Postmaster Tools

If you send a large volume of emails to Gmail users, you can use Postmaster Tools to see:

  • If users are marking your emails as spam
  • Whether you’re following Gmail's best practices
  • Why your emails might not be delivered
  • If your emails are being sent securely


Customers are able to leverage Google's postmaster tools by setting up a TXT record for their From Address domain.

Does not require a dedicated IP and does not require Marketo to set up DNS for the customer.

Is this article helpful ?


Recently, I've had a number of cases caused by customers getting themselves tangled up in Smart List filter logic, so I thought I would do a blog post on how AND/OR logic works in Marketo.


It's not surprising that people would be confused, because "and" and "or" are used differently in English than they are in filter logic.  For instance, if I say "Don't go to the liquor store or the casino," I mean that I don't want you to go to the liquor and I don't want you to go to the casino.  I want you to stay away from both of them or you will be in trouble.  However, if I say that to Marketo, the OR logic works like this


IF Not Went to Liquor Store = True (whether or not you went to the casino), THEN Not in trouble

- OR -

IF Not Went to Casino = True (whether or not you went to the liquor store), THEN Not in trouble


AND logic works differently in English as well.  If I say "People who do yoga and people who lift weights are physically fit," I mean that people who do either activity are physically fit.  However, Smart List logic interprets AND this way


IF Does Yoga = True AND Lifts Weights = True, THEN Physically Fit.


With the AND logic, only people who do both yoga and weight-lifting are physically fit.


So, counter-intuitive as it may sound, in Smart List logic, we use AND to exclude people, and we use OR to include people.  To illustrate this, let's pretend I want to start a club.  The traits I want in my club members are


  • Red hair
  • Green eyes
  • Female


If I use AND logic (also known as ALL logic), then the only people who can join my club are people who are women AND have red hair AND green eyes.


Since there aren't that many red-haired, green-eyed women, my club is pretty exclusive.


But let's say that I want more people in my club, so I change my logic from AND/ALL to OR/ANY.  Now my membership includes


  • All women regardless of hair or eye color
  • All green-eyed men, regardless of hair color
  • All red-haired men, regardless of eye color


With ANY/OR logic, my club has a lot more people in it. 




Maybe that's too many people.  AND/ALL logic gave me too few people, OR/ANY logic gave me too many.  Advanced logic gives me the ability come down somewhere in between.  In this case, let's make the club ladies only.  Since I want to exclude the guys (sorry guys!) I am going to use AND logic with the gender requirement, but since I want flexibility on hair and eye color, I will use OR logic there.


My filters would be


#1 - Gender is Female

#2 - Hair Color is Red

#3 - Eye Color is Green


and my advanced logic would be: 1 AND (2 OR 3).  My resulting club members are all women who have either red hair or green eyes, or both.


I use OR to include women based on hair and eye color, but I use AND logic to exclude people whose gender is not female.


So if you are working on a Smart List and it seems to be pulling in too many leads, check the OR logic you are using.  If you don't have enough leads, check the AND logic, and adjust accordingly.

Is this article helpful ?


If you are experiencing email delivery issues to AOL, chances are you need to improve your sending reputation. The best way to ensure you have a good reputation is to send timely and relevant email to an active and engaged audience. The following are some suggested best practices for sending mail to AOL. While each of these best practices should help improve your sender reputation, they do not guarantee whitelisting or email delivery.


  • Ensure that you are only sending mail to users who specifically requested it. It is not advisable to purchase mailing lists or subscribe users by having an opt-in checkbox automatically checked on your website.
  • It is preferable to have a double/confirmed opt-in process. When users subscribe to your mailing list, send them an email asking them to click to confirm their opt-in. This will reduce the number of people who sign up from fake email addresses.
  • When users subscribe for your mailing list, tell them what mail to expect, how often to expect it, and what it will look like. Set recipient expectations clearly.

Authenticate with Domain Keys Identified Mail (DKIM). This will provide you with a consistent reputation across your domain, regardless of what IPs you send mail from.  Work with Marketo Support to set this Authentication up.

Address Book

Send your email from a consistent email address and advise your users to add that address to their address books. Mail sent to users with your address in their address book will be delivered to the inbox with images and links enabled.

Database Management

AOL is sensitive to engagement by your recipients.  Are you reviewing and removing address in your database that have not engaged with your email in 6 months to year? If not you may want to leverage the following Smart List example to review and then remove your inactive recipients.


Identifying Chronic Non-Responders/Unengaged

Identify chronic non-responders or those unengaged with your email marketing to:

  • Target for a re-engagement program
  • Changes status to Marketing Suspended to remove them from active campaigns



Easy Unsubscribe
  • Provide an obvious and visible unsubscribe process in your mail.  Add this to the top of your email as well as in the footer.
  • Make it easy for users to unsubscribe from your mailing list.
  • Ensure the unsubscribe process is easy to use, such as a one-click unsubscribe web page.
  • Users should not have to log into a website in order to unsubscribe.
  • Process unsubscribes immediately.
Invalid Recipients

A high number of invalid recipients will harm your reputation. You can reduce the number of invalid recipients on your list by using double/confirmed opt-in. You will always have some invalids due to people changing email addresses, but the lower the number, the better your reputation. Marketo removes invalid recipients from your list immediately after the first bounce.


Brand your mail so that recipients can quickly identify it and won't mistake it as spam. Make sure the from address of your mail clearly identifies who it is from. Also, include your brand in the subject line. Even if users want your mail, they may not recognize it right away. Subject lines like "Your daily newsletter from 'Company'" or "Your monthly 'product' update" help the user identify mail they want. Even if you have a confirmed opt-in list, users may not recognize mail as being from you with a subject line like "Buy two, get the 3rd one FREE!!!" and may report it as spam.

For more sender best practices, read the Messaging Anti-Abuse Working Group's Senders Best Communications Practices Version 3.0 (Adobe Acrobat/PDF).

Is this article helpful ?


Wikipedia defines SPF as follows:


Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain's administrators.[1] The list of authorized sending hosts for a domain is published in the Domain Name System (DNS) records for that domain in the form of a specially formatted TXT record. Email spam and phishing often use forged "from" addresses, so publishing and checking SPF records can be considered anti-spam techniques.


Again, this is a very nice technical explanation but what does it mean?  I think of it as being something like the security that many companies maintain at their front desk, so the scenario would go something like this.


A delivery person dressed in a Marketo uniform walks up to the front desk of your lead's company (email server), and says to the person at the desk (who in our analogy would be the email security software), "Hi, I'm here to deliver email from to"


The front desk/email security person looks up and notices the uniform says Marketo, not Yourcompany.  Depending on their security settings, they might just assume this is okay and buzz Marketo in to make the delivery.  However, if they are security-conscious, they are going to want proof that Marketo isn't trying to trick them with a phony delivery (spoofing an email).  SPF gives them the ability to call back to the DNS at Yourcompany and ask, "Hey, I've got someone here from Marketo who claims to be making a delivery for you.  Is this an authorized delivery?"


If Marketo is correctly included in the SPF record, then effectively, this allows the DNS to tell them, "Yes, Marketo is authorized to make deliveries from us."


So how does this differ from DKIM?  According to Wikipedia:


DKIM allows the receiver to check that an email claimed to come from a specific domain was indeed authorized by the owner of that domain which is done using cryptographic authentication.


Verification is carried out using the signer's public key published in the DNS. A valid signature guarantees that some parts of the email (possibly including attachments) have not been modified since the signature was affixed.


So if we go back to our analogy of the delivery at the front desk, it works a bit like this.  When the front desk calls the DNS to make sure the delivery is authorized, Marketo has to produce an ID badge with an authorization code on it.  The front desk/email security person reads that authorization code to the DNS which validates it against the code it has on record.  If the code matches, then the delivery is authorized.


Some email security programs require SPF, some require DKIM, and some don't require anything at all.  To be sure Marketo can always make your deliveries, you should always have both set up for each domain you use in the From: line of your emails.


Instructions for setting up SPF and DKIM can be found here.


Is this article helpful ?


There seems to be a lot of confusion about what these are and what they do, so I thought I would do a little post on it to try and clear it up.  Let's look at CNAMEs first.


CNAME is short for "canonical name" and if you look it up on Wikipedia, they define it like this:


A Canonical Name record (abbreviated as CNAME record) is a type of resource record in the Domain Name System (DNS) used to specify that a domain name is an alias for another domain, the "canonical" domain.


OK, great, but what does that mean?  Here's how I picture it in my imagination.


Imagine that the internet is some sort of vast, mind-boggling library, and the DNS is a kind of reference desk for a given section defined by a domain, such as your company's domain.  So a browser walks up to the reference desk/DNS at and says, "Could you help me?  I'm looking for this resource - it says it's located in '' but I don't see a 'pages' shelf in this section." 


The DNS/reference librarian looks up '' in their directory, sees the CNAME record, and points across the way to a reference desk over in the Marketo section.  "Ah, yes," says the librarian, "go ask over in the Marketo section and they should be able to help you find the resource you are looking for."


This is true of both the landing page CNAME and the email tracking link CNAME.  The main difference between the two is that when you go over to the Marketo desk for the email tracking link, it makes a note in its log that you clicked a link in an email before it takes you to the page.


So how does setting up CNAMEs contribute to deliverability?  It has to do with unifying the information you are presenting to your customer.  If your email says "" in the From line, but all the links inside the email point to "", and those links take them to webpages on "", that doesn't look quite right.  An email security program that is on guard against spoofing might decide that email looks too sketchy to send to the inbox.  Also, the person receiving the email might have a similar reaction - "Why does the From line have a different domain than the links in the email?  Is this legit?" - and they could junk it or even report it just to be sure.  But with CNAMEs, your email has "" in the From line, the email links all say "" and the landing pages are all on "", so your company's identity is retained throughout the communication.


A common mistake I see is that people try to set up SPF and DKIM for their CNAMEs - don't do this.  SPF and DKIM should not be set up for your CNAME domains, they should be set up for any domain you intend to use after the '@' in your From and Reply-To addresses.  I'll go over SPF and DKIM and what they do in my next post.

Is this article helpful ?


It's not an uncommon case here in support - Marketo says the email was delivered, but the lead says they never got it.  What happened?


Because I love analogy here's how I think of it:


Delivering email to a server is rather like delivering regular mail to a company.  The post office doesn't come into the office and deliver the email to every individual desk, they deliver it to the mailroom and the clerks in the mailroom are responsible for getting the email to the desk or inbox of the appropriate person.  Just as the post office considers the mail delivered when it is dropped off at the mailroom and doesn't know how the mailroom handles it from there, Marketo considers an email to be delivered when it's accepted by the server and loses visibility to what happens to it from there.


So in our virtual mailroom, the clerks have instructions to sort out spam and possibly malicious email.  Depending on the instructions they have been given, they may throw some of the email away, or they may send it to the recipient but put it in the Junk/Spam folder.  Why they do so is not something the post office/Marketo can see or speak to, but we can help the the recipient's IT department start to figure it out.


What Marketo can do is provide the recipient's IT department with the timestamp, return-path, sending IP, and receiving IP from our logs. This would be like the post office providing the mailroom supervisor with the time the mail was delivered, the mail carrier who made the delivery, and the mailroom clerk who received the delivery.  Then they can go to the right mailroom clerk and ask, "What did you do with the email for so-and-so that we received on this date?", and since email servers log everything (which mailroom clerks usually do not) they can get the answer to this question.  After the IT department determines why the emails are not being delivered, we can help them make the necessary adjustments to allow the email through, usually by altering or updating their whitelist.


There's one more behavior you can sometimes get from a very security-consious email server/mailroom.  Sometimes you will look at an activity log and see that some or all of the links in the email were clicked immediately on delivery.  Obviously, people need some time to receive, open, read, and click on emails, so this insta-click looks weird, but what is causing it?  Well, some email security software packages have what is called link testing.  The email security software itself clicks on the links in the email to check for malicious sites before delivering it into the inbox.  This would be kind of like having a mailroom clerk open and check all the mail before delivering it.  In the Marketo system, clicks are clicks, whether they come from a person or from an email security bot, so this can sometimes throw off your engagement statistics.  Link testing in email security is not super-common, though, so it shouldn't be to much of an issue.  It's just good to know  what is causing this otherwise baffling behavior.

Is this article helpful ?


Frequently people ask me for clarification on the different sorts of IPs Marketo offers, and the pros and cons of each, so I thought I would write a post on it, and since I love analogies, that's what I am going to do here. 


There are three kinds of IP that Marketo offers, shared, trusted, and dedicated.


Being on a shared IP is kind of like living in an apartment building.  The upside is that it costs less than living in a house, but the downside is that you can be affected by the neighbors who share a roof and walls with you.  If one neighbor throws a wild party, all the neighbors get to hear it.  If someone starts a fire in their living room, the fire department evacuates everyone from the building, no matter who started it.  Similarly, on a shared IP, if one of your neighbors hits a spam trap, then the entire IP and everyone on it suffers the consequences until the IP is delisted.  If you get sick of having to deal with your neighbors in the Shared IP Apartments, what are your options?


One option would be to move to the Trusted IP instead.  It's a shared IP range reserved for low-volumes instances with good marketing practices.  It costs the same as the shared IP, but there's a  application process to qualify and not everyone can get in.  So it's kind of like living in an apartment that does a credit and reference check before letting you in and has a very strict on-site manager who evicts people who misbehave.  The upside is, it's a nice, quiet place to live at no extra price, but on the downside, if you slip up, you may find yourself headed back to the Shared IP Apartments.


If you send more than 100,000 emails per month and you are done with "apartment living", you might want to spend the money to get your own house - a dedicated IP.  With your dedicated IP house, you don't have to worry about whether or not the person on the other side of a wall has a loud party or leaves candles unattended, because you have the whole thing to yourself.  Of course, you do have to spend a little extra on it, and if you leave a candle unattended and burn the place down, you have no one to blame but yourself.


If you are currently living in the Shared IP and want to make the make the move to Trusted, you must meet the following requirements: You must not be responsible for any spamtrap hits in the past year, you must send less than 75,000 emails per month, and you must adhere to best practices in your lead acquisition (opted-in leads and current customers, no purchased lists).  You can find the application for Trusted IP here -

Is this article helpful ?


In a previous post, I talked about troubleshooting hard bounces.  In this one, I'm going to talk a bit about soft bounces, specifically soft bounces due to throttling.


What is throttling?



Throttling is an issue that occurs primarily with the large Email Service Providers (ESPs) such as AOL, Yahoo, and Hotmail.  When the ESPs are experiencing high volumes, they will throttle bulk email senders such as Marketo.  It works kind of like this:


Marketo walks up to ESP with a big basket of emails.


Marketo: Hi, I'm here to deliver these emails--


ESP: I'm busy.  Come back later.


(Two minutes later)


Marketo: Hi, I'm back to deliver these emails?


ESP: I'm busy...Fine!  I'll take this many. (Grabs a handful of email.)


Marketo: What about the rest?


ESP: Come back later.


(Four minutes later)


Marketo: Hi, I'm back to deliver these emails?


ESP: I'll take this many. (Grabs a handful of email.) Come back later.


(Eight minutes later)


...The cycle repeats with the time interval doubling each time.



Marketo is pretty patient, it will keep coming back and trying to deliver for 24 hours (36 hours for AOL). While it is still attempting to get the ESP to accept delivery on the emails, the emails will show in reporting as status "Pending."  Once the 36 hours are up, Marketo will give up and bounce or soft bounce the emails as appropriate.


The challenge with throttling is that it's like weather or traffic congestion - there's not a lot you can do about it.  One strategy is to break out your sends into smaller blocks - if you think of Marketo with the basket of email, it might be better to have multiple baskets and hope that the ESP takes a handful from each one.  If you have a large number of leads on the commercial ESPs, you might even want to break each one out to a separate send.  This doesn't necessarily help with the throttling, but it does give you better visibility to possible throttling issues that may be occurring on a specific ESP.


A third strategy is to try and massage your sender reputation, to make the ESP more likely to accept your email.  To go back to my nightclub analogy, if you have a bunch of girls who want to get into the nightclub together, they usually send the cutest one of the group to go charm the doorman.  From an email perspective, you want to send to your most engaged leads first - people who are likely to open and click on your emails, improving your reputation.  The next day, you send your somewhat engaged leads, and the day after that, your least engaged leads.


If you are in the B2B space and don't deal much with the large consumer ESPs, the chances are that throttling won't have a big impact on your deliverability.  In the B2C space, however, throttling can definitely step on your overall email performance.  Setting up reporting to keep an eye on your emails and trying different strategies to mitigate the effect can be an important part of your email marketing practice.

Is this article helpful ?


Let's say that you have a weekly newsletter that you send out through Marketo and every week your deliverability is 95% or better - except last week!  Your deliverability was only 80%!  What the heck happened!?


To find out, we pull up a quick Email Performance Report for the email in question and see what it says.  Let's say, for the purposes of this entry that you see a big spike in hard bounces.  (Soft bounces deserve their own write-up.)  I should clarify what Marketo considers a Hard Bounce.  Marketo considers a bounce to be a hard bounce if we get a definitive "NO" from the recipient server.  The server might say "NO" to the delivery because the email address is invalid, or it could say "NO" because it believes the email is spam.  How do we tell whether our spike in bounces was due to invalid emails or due to spam rejection?  We can do this with a Smart List, using the filter 'Email Bounced' and the 'Category' constraint.  Category 1 bounces are spam bounces, Category 2 bounces are invalid email addresses.


If the majority of the bounces are Category 2 - Email Invalid, then you will want to go back to your lead database to see if new leads were added, perhaps incorrectly.  However, if the majority of the bounces are Category 1, we need to figure out how you got flagged as spam.


When an email to a lead bounces as spam, a couple things happen.  The first is that the lead is set to Email Suspended, and the suspension lasts 24 hours.  During that time, it cannot receive any emails from Marketo, and it is not possible to undo the Email Suspended.  You just have to wait it out.  The field 'Email Suspended' is a historical field.  A more accurate name for this field would probably be "This email was suspended at some point in its history."  The actual suspension only lasts 24 hours, so to see if the lead is currently suspended, check the timestamp on the 'Email Suspended' field.  If it is more than 24 hours ago, the lead is not currently suspended.


The second thing that happens is that the actual bounce message received from the recipient server is written to the 'Email Suspended Cause' field.  This field can be full of great information.  To make use of it, let's go back to our Smart List of Email Bounced, Category 2 leads and edit the view so we can see the 'Email Suspended Cause' field.  You will probably need to extend the width of the field to be able to read the bounce messages, but once you've done so, you will be able to scroll down the list of leads and read all the bounce messages we received.


A note about bounce messages: they aren't standardized so don't get too wrapped up trying to decode them.  The admin of an email server can configure their bounce messages to say literally anything.  I saw one bounce message that simply read "Go away."  Some will be totally generic, some will be strings of meaningless characters, but some of them - the ones we are looking for - will tell us the name of the blacklist that caused the email to be bounced for spam.  The most common is Spamcop and the bounce messages may look something like this:


550-"JunkMail rejected - []:48340 is in an 550 RBL, see Blocked - see"


You may also see blacklists for Symantec, TrendMicro, or ATT.Net.  While they are independent and maintain their own reasons for listing, they often reference major blacklists such as Spamcop and so a Spamcop hit can have far reaching consequences.  Marketo actively manages our relationships with the various blacklist organizations, and some delist automatically after a certain period of time, so by the time you get around to looking at your deliverability for an email, we may be back off the blacklist.


Seeing Spamcop in your 'Email Suspended Cause' field, your next question is likely to be "Did I hit a spam trap?"  The answer to that is a maybe, but maybe not.  If you are on a shared IP, it may be that someone else on the IP hit the spam trap, but everyone using that IP is affected.  I think of being on the shared IP sort of like being a tenant in an apartment building.  If one of your neighbors accidentally starts a fire in their living room, you get evacuated from the building along with everyone else, even though you never so much as struck a match.  It's one of the downsides of sharing a resource with other people.


If it was you that hit the spam trap, Marketo will notify you and request that you go through the remediation process to remove possible spam trap leads from your database.  If you fail to do so, you will be moved to the quarantine IP so that you can't continue to impinge on the deliverability of your neighbors.


Chances are, however, it wasn't you.  The short-term solution is to wait out the 24 hours and resend the email to the people who didn't get it.  But what's the long-term solution for people who don't hit spam traps and who don't want to suffer because of someone else's poor sending practices?  There are two options.  If you send at least 100k emails per month, you can get a dedicated IP - move out of that apartment building into your own home, so you aren't sharing a roof and walls with anyone else.  If you send less than 75k emails per month and you haven't hit any spam traps yourself, you can apply for the Trusted IP range, which is a range of IPs reserved for Marketo accounts whose clean email practices keep them out of spam traps and blacklists.  If you would like to apply for the Trusted IP range, you can do so here:


If you don't see any indicators of blacklists in the "Email Suspended Cause" field (which is what it will be, 90% of the time), and instead you find a lot of generic bounce messages - "Blocked by policy", "Access denied" - then make sure your DKIM and SPF records still verify.  I've seen more than one SPF or DKIM record removed by IT staff who didn't realize it's importance, and more than one email sent using a domain in the From: line that wasn't set up with SPF and DKIM.

Is this article helpful ?


When I explain things, I like to do so using analogies.  Here is the one I like to use when people ask me how they can improve their deliverability.


So, imagine there's this hot new nightclub in town called The Inbox, and you really want to get in.  If you want to get past the doorman, you are going to need to be well-dressed, well-known and liked, you can't have a history of getting thrown out of bars for bad behavior, and you need a valid ID.  In deliverability terms, it breaks out like this:


  • Well-dressed - This is your content.  You don't want it looking spammy, so make sure your content and design are on point.
  • Well-known - This is your reputation.  Do people open and click on your emails?  Great!  People like you!  If your emails go straight to the trash over and over, however, this isn't good for your reputation, so it's best to focus your efforts on leads who opt in and interact with your content.
  • Don't get thrown out of the bar - Don't hit spam traps, stay off blacklists.  If you have a history of hitting spam traps, you'll get a rep as a troublemaker and they will stop letting you in.
  • Valid ID - This is your SPF and your DKIM.  You should have both set up because a lot of people won't let you in without it.


There's one more thing to consider - getting on The List.  You know how people cut to the front of the line and tell the doorman, "I'm on the list," and they get right in?  That's the whitelist.  Whenever possible, get your important customers to whitelist you.  If you have a dedicated IP, this is pretty easy.  If you are on the shared IP, this can be a little trickier.  Sometimes customers push back and are unwilling to whitelist all of the Marketo network. Fair enough.  In that case, it may be possible for a customer to whitelist something other than Marketo IPs to ensure delivery of Marketo email only from a specific instance.  For this we recommend using regex version of the Return Path header.  Because this header changes dynamically this regex creates wildcards where the dynamic information is.   Because the Return Path is specific to the Marketo instance, if you would like to use this option, contact Marketo Support and we can provide you with the regex Return Path header for your instance.

Is this article helpful ?