Email Standards

Accountability

I. Participating Senders must ensure that the mail infrastructure used to send Email Messages is well maintained and operated in a responsible manner.

  1. There must be a dedicated IP address(es) for sending Email Messages through Sender Score Certified. The accredited party must be the only entity sending mail over the IPs.
  2. Sending reputation metrics for the IP address(es) enrolled in the program must meet or exceed thresholds as defined in Exhibit A, Quantitative Requirements, including, but not limited to: complaint rates, listings on blacklists, spam trap hits, and unknown user rates.
  3. Email address list maintenance systems must be employed to reliably receive and process bounces and other replies from receiving networks. Permanent delivery errors from Email Messages sent from IP address(es) enrolled in Sender Score Certified must be processed by removing the Recipient’s email address and should not exceed the levels specified in the Exhibit A, Quantitative Requirements.
  4. The IP address(es) enrolled in Sender Score Certified must have valid reverse DNS entries. The IP address of the host name of the reverse DNS entry must match the IP address of the sending mail server.
  5. Participating Senders must be compliant with Network Working Group Request For Comment ("RFC") Nos. 2821 and 2822, which describe how Email Messages must be formatted in order to be processed properly by receiving networks.

Transparency and Authentication

II. Participating Senders must ensure that Email Messages are truthful and accurately identify the source of the message.

  1. Effective June 8, 2006, a Sender ID compliant SPF record must be published for all domains from which email is sent.
  2. Domain Keys Identified Mail (DKIM) usage is currently recommended, and may be required in the future.
  3. Message headers must not be falsified or obscured in any way. This includes, but is not limited to sending domains.
  4. The subject line and content of every Email Message must not be false or misleading.

Security

III. Participating Senders must ensure that there is reasonable security for networks used to send Email Messages and store recipient information.

  1. Participating Senders must ensure that commercially reasonable measures are in place to protect the security and integrity of any Recipients’ email addresses and Related Personal Information held in databases or on electronic systems.
  2. Commercially reasonable efforts must be made to prevent open proxies, open relays and the dissemination of computer viruses, worms, or trojans on the Participating Sender’s network and any IP addresses over which Email Messages are sent.

Disclosure

IV. Participating Senders must ensure that the following is clearly and conspicuously disclosed at the point of collection of email address and Related Personal Information (a link to a privacy statement is insufficient):

  1. The nature of Commercial or Promotional Email Messages to be sent and the types of entities that will be providing content, excluding those messages sent to Recipients with whom there is a prior business relationship; and
  2. Any sharing or renting of the Recipient’s email address and/or Related Personal Information that will result in additional Commercial or Promotional Email Messages from (1) Affiliates and/or (2) Third Parties.

Consent

V. Participating Senders must ensure that consent with appropriate disclosure or a prior business relationship exists prior to sending Commercial or Promotional Email Messages.

  1. Acceptable forms of consent include:
    1. Double Opt-In: (sometimes referred to as ‘Confirmed Opt-In’): The Recipient affirmatively requests to add his/her email address to a mailing list. The Recipient receives a confirmation email and the Recipient confirms his/her request by replying or visiting a provided URL.
    2. Opt-In with Verification: The Recipient affirmatively requests to add his/her email address to a mailing list. The Recipient receives a verification email notifying him/her of the subscription and providing clear unsubscribe instructions.
    3. Opt-In: The Recipient affirmatively requests to add his/her email address to a mailing list.
    4. Pre-Selected Option with Verification: The Recipient consents to have his/her email address added to a mailing list by leaving a clear and conspicuous pre-selected option intact. The Recipient receives a verification email notifying him/her of the subscription and providing clear unsubscribe instructions. Commercial or Promotional Email Messages sent under this form of consent must include clear and conspicuous identification that the message is an advertisement or solicitation.
    5. Pre-Selected Option: The Recipient consents to have his/her email address added to a mailing list by leaving a clear and conspicuous pre-selected option intact. Commercial or Promotional Email Messages sent under this form of consent must include clear and conspicuous identification that the message is an advertisement or solicitation.
  2. A prior business relationship exists where (1) the Recipient has purchased a product or service from the Email Address List Owner within the past 18 months, (2) the Recipient consensually provided his/her email address and (3) the Recipient has not unsubscribed or opted out from Commercial or Promotional Email Messages, or otherwise terminated the relationship. An Affiliate or Third Party may not rely on a prior business relationship for sending Commercial or Promotional Email Messages.
  3. If the Participating Sender has not collected the Recipient’s email address and/or Related Personal Information directly, the Participating Sender must perform due diligence to ensure that appropriate notice was provided, and relevant consent obtained, as required herein.
  4. Exception to Consent Requirement for Peer-Initiated Communication
    1. Commercial or Promotional Email Messages
      A Participating Sender may send one Peer-Initiated Commercial or Promotional Email Message to an individual whose email address has been referred to it by a Recipient without that individual’s consent. The mere referral of an individual’s email address under this sub-section 5D is not consent by that individual to receive Commercial or Promotional Emails from the Participating Sender. Headers of these email messages must clearly and accurately reflect the Participating Sender.

      Participating Senders that send Peer-Initiated Commercial or Promotional Email Messages must employ one of the methods for obtaining consent provided in subsections A(1)-(5) of this sub-section V.D, in order to obtain an individual’s consent for Commercial or Promotional Email Messages other than the Peer-Initiated Commercial or Promotional Email Message.

      An individual’s failure to respond to a Peer-Initiated Commercial or Promotional Email Message may not be construed as that individual’s consent to receive Email Messages from a Participating Sender. If the individual does not respond, the Participating Sender may send one follow-up Email Message soliciting that individual’s consent for Commercial or Promotional Email Messages from the Participating Sender. If the individual does not respond to the follow-up Email Message, the Participating Sender may not send any additional Email Messages to him or her.

      A Participating Sender is free to send as many peer-initiated commercial and promotional messages as the individual peer wants to initiate, unless and until the recipient opts out.
  5. Email addresses may be rented or shared from Third Parties or to Third Parties on a temporary basis to send emails relevant to the consent obtained by the Email Address List Owner. Email addresses may only be purchased from a Third Party or sold to a Third Party through a co-registration process subject to the restrictions listed below.
  6. Co-registration: The following requirements must be met to be considered a co-registration:
    1. The Email Address List Owner that purchases the email addresses was explicitly, clearly, and conspicuously named at the point of email address collection;
    2. Each act of consent (e.g., a check box) resulted in the addition of an email address to only one list; and
    3. Proof of consent, including the date, time, originating IP address, and location (e.g., a URL) where the address collection occurred can be produced by the Participating Sender upon request.
  7. A Participating Sender may not send Email Messages to email addresses that have been obtained by harvesting or dictionary-style attacks.

Unsubscribe

VI. Participating Senders must ensure that the Recipient’s requests to discontinue receipt of Commercial or Promotional Email Messages, or Peer-Initiated Email Messages, are honored.

  1. Every Commercial or Promotional Email Message, and every Peer-Initiated Email Message, sent under these Program Requirements must include an Unsubscribe option. Removal instructions must be clear, conspicuous, and easily understood. This should be as close to a ‘one-click’ process (such as selecting a URL) as possible.
  2. All unsubscribe mechanisms must adhere to the following:
    1. Easy to Use: Unsubscribe mechanisms may include a reply to the Commercial or Promotional Email Message sent to the Recipient or an online process described in that Commercial or Promotional Email Message with a URL. The Unsubscribe process must not require a Recipient to provide any information other than the Recipient’s email address, unless the Recipient has been clearly and conspicuously notified at the point of collection that receiving Commercial or Promotional Email Messages is a requirement to receive a service, in which case a username and/or password may be required.
    2. Timely: A Recipient’s request to unsubscribe must be processed, and the request must become effective within 10 business days from receipt.
    3. Persistent: Unsubscribe mechanisms must be functional for no fewer than 30 days following the sending of the Commercial or Promotional Email Message.
    4. Indefinite: A Recipient’s request to unsubscribe is valid and must be honored indefinitely, or until the Recipient provides his or her new consent, as defined in these Program Requirements, to receive Commercial or Promotional Email Messages.
    5. Absolute: Once a Recipient has unsubscribed, Commercial or Promotional Email Messages may not be sent and the Recipient’s email address or related personal information may not be sold, leased, or otherwise shared with Third Parties.
    6. Flexible: If a Recipient contacts the Sender with an ‘Out of Band Request’ for an unsubscribe, for example, via postal mail, email to another account at the Sender (e.g., abuse@sender.domain or postmaster@sender.domain), or through a telephone call, those unsubscribe requests should be acted on in a timely manner.
  3. In the case of Peer-Initiated Communications, the unsubscribe must allow Recipients to unsubscribe from all future Email Messages from the Participating Sender, whether Peer-Initiated or not.
  4. In cases where a Recipient is clearly and conspicuously notified at the point of collection that receiving Commercial or Promotional Email Messages is a requirement to receive a service, the Unsubscribe option may be provided through a link in every Commercial or Promotional Email Message to a more general account administration tool (for example, ‘account settings’ or ‘account preferences’), and may require a login at a specified web page.

Responsiveness

VII. Participating Senders must ensure that all parties involved in the sending of Email Messages cooperate with the program administrator to resolve any issues regarding Program Requirements by responding in 3 business days of notice, and by taking corrective action within 10 business days of notice.

  1. Participating Senders must create and maintain the standard role email accounts abuse@sender.tld and postmaster@sender.tld for all of their domains that send email in order to facilitate handling complaints and other issues.
  2. Participating Senders must register with abuse.net, and maintain accurate contact information in the whois database.
  3. Sender agrees to maintain current and correct contact information with Sender Score Certified by sending timely updates to support@senderscorecertified.com

Definitions

Affiliate: The term "Affiliate" means an entity that is not connected to the Participating Sender by a common marketing brand, but is related to the Participating Sender by corporate or organizational structure.

Commercial or Promotional Email Message: The term "Commercial or Promotional Email Message" means any electronic email message that is business-related or an endorsement and is sent by the Participating Sender or on behalf of the Participating Sender other than: (1) a Transactional or Relationship Email Message, or (2) a Personal Correspondence Email Message. Examples of Commercial or Promotional Email Messages include, but are not limited to marketing messages, promotional messages, fundraising messages, newsletters, and surveys.

Email Address List Owner: The term "Email Address List Owner" means a company, company division, subsidiary, co-branding partner, or organization that is connected together by a common marketing brand and owns the list of email addresses that is being used under these Program Standards.

Email Message: The term "Email Message" means any email that is sent by the Participating Sender or on behalf of the Participating Sender

List Rental: The term "List Rental" refers to the practice of renting lists from a third party of email addresses belonging to internet users who have signed up to receive commercial e-mail messages about topics of interest.

Participating Sender: The term "Participating Sender" means a company, company division, subsidiary, or organization that contracts with Sender Score Certified. In instances where the Participating Sender did not collect the email addresses directly, but rather is acting as an agent for the Email Address List Owner, the Participating Sender must ensure that the Program Requirements are satisfied by the Email Address List Owner.

Peer-Initiated Commercial or Promotional Email Message:   The term "Peer- Initiated Commercial or Promotional Email Message" means a Commercial or Promotional Email Message that is sent by the Participating Sender, or on behalf of the Participating Sender, to an email address provided by a Recipient who has requested that the Participating Sender contact an individual other than the Recipient for the purpose of informing that individual about the Participating Sender’s product(s) or service(s). 

Personal Correspondence Email Message: The term "Personal Correspondence Email Message" means an email that is sent in the normal course of running a business that meets the following criteria:

  1. The email is sent by an actual person that is clearly identified in the message;
  2. This person sends no more than 1,000 messages per day;
  3. Replying to the message sends a copy of the reply to the original person that sent the message;
  4. Reasonable measures are in place to ensure that requests from individual recipients to no longer be contacted are honored;
  5. Reasonable measures are in place to ensure that the email messages are targeted to the individual recipient;
  6. Email messages sent to one of the following role addresses cannot be considered Personal Correspondence Email Messages if they contain sales-related material, unless the address owner has publicized that the address should be sent such sales-related material. This requirement was adopted from commonly accepted Internet protocols established with RFC 2142 (http://www.faqs.org/rfcs/rfc2142.html).
    1. root@domain
    2. postmaster@domain
    3. hostmaster@domain
    4. abuse@domain
    5. ipadmin@domain
    6. noc@domain
    7. security@domain
    8. webmaster@domain

Recipient(s): The term "Recipient" means the individual who receives an Email Message covered by these Program Requirements.

Related Personal Information: The term "Related Personal Information" means other personal information provided by the Recipient at the time of email address collection.

Spam Traps: Spam traps are email addresses that are set up specifically to catch mailers who are harvesting addresses or using directory attacks to send unsolicited email.

Third Party: The term "Third Party" means a commercial entity that is unrelated by corporate structure to a Participating Sender and that is not acting as the Participating Sender’s agent.

tld: Top level domain.

Transactional or Relationship Email Message: The term “Transactional or Relationship Email Message” means any electronic mail message sent by the Participating Sender or on behalf of the Participating Sender the primary purpose of which is:

  1. to facilitate, complete, or confirm a commercial transaction that the recipient has previously agreed to enter into with the Participating Sender;
  2. to provide warranty information, product recall information, or safety or security information with respect to a commercial product or service used or purchased by the Recipient;
  3. to provide any of the following regarding a subscription, membership, account, loan, or comparable ongoing commercial relationship involving the ongoing purchase or use by the recipient of products or services offered by the Participating Sender:
    1. notification concerning a change in the terms;
    2. notification of a change in the recipient’s standing or status; or
    3. at regular periodic intervals, account balance information or other type of account statement.
  4. to provide information directly related to an employment relationship or related benefit plan in which the recipient is currently involved, participating, or enrolled; or
  5. to deliver goods or services, including product updates or upgrades, that the recipient is entitled to receive under the terms of a transaction that the recipient has previously agreed to enter into with the sender.