Company Admin Overview / Inbound Messaging
Parent topic: Inbound Messaging

Spam Feedback Loop (FBL) Handling

Gmail provides a feedback loop (FBL) functional offering allowing them to identify spammers on their network. Reports or “feedback loops” from ISPs to large volume senders detail the number of email recipients that mark the sender’s emails as spam. This report provides businesses the ability to watch their sender reputation, allowing them to respond appropriately if a large number of recipients are marking them as a spam provider.

Gmail’s FBL is provided as aggregated spam statistics on a ‘per customer’ or ‘per campaign’ basis. It should be noted that this report cannot be traced to the recipient that has marked the sender as spam. The report itself details the percentage of the sender’s spam complaint rate per customer or campaign of a sender. The report is sent daily to a designated email address provided to Gmail.

To provide this service, Gmail encourage senders to comply with the ‘Gmail Bulk Senders Guidelines’ and requires all senders to perform the following:

  • Use a consistent sending IP address for email
  • Valid RDNS record for all sending IP addresses
  • Use the same address in the ‘From:’ header on each email

Gmail also highly recommends signing with DKIM, publish an SPF record as well as adhere to the DMARC policy.

Using the FBL ID

To use the FBL services, a feedback identifier header “Feedback-ID” needs to be embedded which identifies the customer or campaign, the mailing and mail type. The returned FBL reports are generated using this ID.

The header is of the following format:

Feedback-ID: a:b:c:SenderID

The qualifiers 'a', 'b' and 'c' are optional and can be used to embed identifiers specific to your organization’s campaign, customer or other field.

The ‘SenderID’ is a mandatory unique identifier chosen by the sender and is unique and persistent across all mail streams.

Gmail then aggregates data across the fields in the Feedback-ID starting from the right where the SenderID exists. Reporting is then aggregated against the other fields in the Feedback-ID.

DKIM Requirements

In order to prevent spoofing of the Feedback-ID header, senders must strip instances of the header prior to inserting it. Following this, the sender must DKIM sign it with their domain key in addition to any other signature. This is also known as ‘double signing’.

Up to 10 unique DKIM “d=” signing domains can be used to sign these headers. If these are not available, subdomains can be used as an alternative.

Gmail requires a DKIM key length to be at least 1024-bits long. Emails signed with a key less than 1024-bits long are treated as unsigned.

For more information on DKIM signatures and headers, please see DomainKeys and Domain Keys Identified Mail.

Parent topic: Inbound Messaging
WebHelp output generated byXML Author