Tag Archives: Email

Does ISIPP/Suretymail really work?

ISIPP ( the Institute for Social Internet Public Policy ) or SuretyMail is an accreditation program for email senders ( ESP's or not ). They run a DNS whitelist ( this was named IADB in the past ) and include the ips of their customers in it.

This whitelist can be used by any spam filter to lower the spam score of senders that are found in it. We know for sure that spamassassin comes with rules for checking the whitelist, but isipp doesn't disclose which other filters or ISPs use it.

On their homepage they claim their accreditation service works with all ISPs but is this really true?

The fact is that the big webmail providers ( yahoo, hotmail, gmail and aol ) don't use their whitelist. I know for sure that yahoo and hotmail use a different certification provider and that's the only one they use.

When Suretymail says their service works with all ISPs what they really mean is that they will try to help you get your email delivered to any ISP by trying to find the problems with your messages and tell you how to fix it. I know there's a lot of trying there :).

So let's see the pros and cons of ISIPP/Suretymail


  1. their whitelist is used by one of the most popular spam filters out there.


  1. Do you really need to be in spamassassin's whitelist? Most email service providers will have a "Spam check" feature that would check your message for known spam triggers including spamassassin's rules. So you can easily avoid most of spamassassin's rules or enough to get you under the 5 points of spam score anyway.

    Even if you don't use an email service provider that has such a feature you can always send a test message to an email account that has spamassassin on it and you'll see the rules your message triggers.

  2. Their whitelist is NOT used by any of the major ISPs ( yahoo, hotmail, gmail,aol ). Most email senders send between 35% and 90% of their messages to these ISPs so the accreditation doesn't work for a very big chunk of email addresses in your lists.
  3. Their "trying" to help you is really not so good.
    I was a customer for more then 1 year. Here's the stuff I had to put out with:
    • They didn't answer my messages, claiming it went to their spam folder. Isn't it ironic? 🙂 I had to send some of the support messages twice and ask them to confirm they received it after each message
    • They avoided answering some of the questions in my messages. Like when I was inquiring if yahoo, or some spam filters use their whitelist, or when I was inquiring if they can escalate my problem with yahoo
    • Whenever there's a problem they require you to fill a long form with a lot of useless questions even if you have just described the problem in detail in the previous message
    • Whenever there's a deliverability problem the first thing they suggest is modifying your email message content. And of course that almost never works.
    • These support discussions take weeks or even months sometimes. They say they are working on it but then don't communicate anything for weeks. I one case after not answering anything for a few weeks I sent them a message asking about any progress on the issue. They answered like they thought the problem fixed itself. On some cases by the time they decide to answer the problem does fix itself or you find out how to fix it without their help.
    • They claim your bounce and/or complaint rates are too high even if you're at 0.01% or less. This is their last resort, when nothing works blame the customer. Some ESP's will have no problem with their customers having bounce and/or complaint rates as high as 0.1%.
    • They pick on the bounce and complaint rates you have at other ISPs even if the ones for the ISP you have troubles with are fine.
    • They claim your complaint and bounce rates are very high even if you provide them with clear evidence that it's not as they claim. When you ask how they calculated the rates they don't answer. This was just a pretext to drop the accreditation when they realized their were exposed for not being able to help with yahoo deliverability problems.

And now ISIPP is offereing 50% off their application fee to Goodmail customers since Goodmail is shutting down. The problem here is these senders were using goodmail because they guarantied to have their customer's messages delivered to inbox at some big ISPs ( even yahoo till a while ago ), something that ISIPP will never be able to do.

Anyway this was my experience with ISIPP/Suretymail. If you had a similar or different experience with them feel free to share in the comments.

debian: building custom exim packages

This is a small howto that explains how to build custom exim4 packages on debian.

It was tested with both exim 4.63 ( on debian etch ) and exim 4.69 ( on debian testing/lenny ) .

I needed to build a custom exim email server that would be built with domainkeys and/or dkim support for signing outgoing messages.

So here are the 12 steps I took to get this done:

  1. Create a directory named exim where all activity will take place.
  2. Make sure you have the 'source' URIs in your source.list file.
    If you don't have them put them in  and then run apt-get update
  3. Install packages required for creating a custom package and building it:
  4. Install exim4 source package:
  5. unpack standard configuration files:
  6. Define the new package name. In this step we just put the new package name in a variable and export it in the environment to make the next steps easier. You can use anything for the package name ( actually it's just a package name suffix ) but I recommend using 'custom' for the package name for one main reason: dependencies. Packages that depend on exim4-daemon-light or exim4-daemon-heavy (like sa-exim, mailx and maybe others ) already accept exim4-daemon-custom as a replacement so with this custom package you're not breaking any dependencies.
  7. Edit configuration files. There should be 3 EDITME configuration files for exim and one for eximon, one for each package that will be built. Copy one of the exim EDITME file to EDITME.exim4-$your_pkg_name then edit the new file to set up the new options you want.
  8. pack the configuration files so your new configuration will be saved and used at build time:
  9. Create the custom package. This is required only if you use a package name other then 'custom':
  10. Activate the new package in debian/rules. Edit debian/rules and look for the line where the extradaemonpackages variable is defined and add your package name ( exim4-daemon-$my_pkg_name ) to the list of packages defined there.
  11. Install build dependencies. You can skip this step if this is not the first time you build this package.
  12. Build the packages:
  13. Install the new package. if you already had some version of the exim4-daemon package installed you will have to remove it first and then you can install the custom package. The new package will be in the base directory created at step 1.
    Ex. (for amd64 etch exim 4.63-17 ) :

This process went pretty well for both exim 4.63 and 4.69 on lenny. Exim 4.63 only had experiemental support for domainkeys ( not dkim ) and exim 4.69 on lenny had support for both but I was only able to build it after applying a small patch to exim to make it work with the latest version of libdkim ( 1.0.19 ) .

This post was intended to be a general howto about building a custom exim package. I will write more details about actually building exim with domainkeys and/or dkim in a future post.

google apps: check mail

I went to google apps today and here is what I see on their page:

 With Google Apps, you and your colleagues can check email, schedule meetings, check email, chat in real time,....

So you can check email, schedule meetings, check email, chat, check email, share calendars, check email....hmm if that's how you're going to work I'm not sure how productive you're going to be with google apps. But yes I guess we are all addictive ( to some degree ) to checking our email and stats ... uhh they forgot to mention that, "check stats" - analytics, adsense, adwords, webmaster tools a lot of stats to check...gotta  go!  Have work to do. I haven't checked my email and stats in a long time.

qmail and DKIM

DomainKeys Identified Mail (DKIM) is a method for validating the identity associated with a message using using public-key cryptography and key server technology. DKIM is an enhanced version of Yahoo's Domain Keys and Cisco's Identified Internet Mail methods. As of February 2007 an IETF draft was accepted as "Proposed standard", it may take some more time till this will be a standard but the current version is stable ( according to dkim.org ).

Implementations of DKIM in email servers is not available as much as DomainKeys.
For qmail there is a patch that uses libdomainkeys to implement a replacement for qmail-queue that will verify and sign messages but this only works for DomainKeys not DKIM. I have developed a solution for qmail to be able to verify and sign messages with DKIM. Continue reading qmail and DKIM

Email folders and message filters in thunderbird

I really love using folders on my imap account. This is ( I think ) one of the main reasons why I don't use gmail, labels are just not as good as folders.

I have tens of folders and message filters for each folder, I'm subscribed to various email lists from the freebsd project, Linux kernel, gentoo, postfix, qmail and some others and I use thunderbird with filters to put messages from each list in it's own folder. When you go in thunderbird to set a new filter and you want to move messages that match a certain criteria in some folder, you get a list of all folders in all thunderbird accounts. This is really a pain if you have more then one email account set up and in each account you have 20-30 or more folders.

My folders are well structured so I have just a few top level folders and then each has subfolders. In thunderbird 1.0.x you would get a list of top level folders that you could expand or colapse as you wanted, that was great but now in 1.5 when you
want to find a folder you see the whole list of folders in all accounts with every folder expanded and you can't colapse them. This is really annoing. I wonder why they changed the original behavior.