Browsed by
Category: Articles and Resources

Comscore and Quantcast – How they work and why they are the gold standard of guess-work.

Comscore and Quantcast – How they work and why they are the gold standard of guess-work.

Comments 22 comments

Greetings sports fans, welcome to another post that I hope will either spark some discussion, open some eyes or perhaps help me understand this situation in a different light, granting it some legitimacy a bit heavier than the feather-weight I feel it has.  It is often said that comScore is the gold standard of measured site metrics used by advertising agencies when they make their digital media buy decisions, shortly followed by Quantcast.  These companies have the power to influence multi-million dollar decisions that can potentially be made based on their demographic reports.

I deal with comScore and recently Quantcast on a regular basis, and quite honestly I’ve come to the conclusion that they are really nothing more than peddlers of educated guesses.  I also feel that the possible error-range in their evaluations has the potential to me massive, hence unfairly denying someone possible revenue dollars due to their metrics net being too small.  I often scratch my head wondering, how in god’s green earth did these guys get so influential in the world of advertising?  Really good PR I guess.  I also often wonder just how far is the line pushed when polling the demographic data they gather in the efforts for online accuracy supremacy.

I would say one of the biggest errors the digital ad industry makes is confusing or blurring the lines between actual site metrics, vs site demographics beyond what is provided in the browsers header information.  Let me be very clear here, the ONLY way a site can truly know the age, race, income or favorite beer of any given user is if that user enters it in a form and clicks enter.  Anything beyond that, is quite honestly guesswork.

Site Metrics

Real site metrics easily defined is the collection and reporting of REAL visitor data to your website by a piece of analytical software, the most popular in the world being Google Analytics.  GA uses the REAL data from your REAL visitors, records and collects that anonymous data and provides you easy-to-read formats of that traffic information in a vast palette of reporting options.

The site demographic metrics reports you get from comScore are really just educated guesses based on a pool of poll users that are tracked via plugins, web beacons and/or tracking cookies.  They then average out that information with the number of uniques and page views you have and their advanced algorithm provides you with Gold Seal demographics… or what I call educated guesswork.

This is also why you can’t marry the data comScore spits out vs actual Google Analytics information.  So if your comScore reporting is telling you the median age of your site is 28 and 35% of your audience is gamers, you can’t ACTUALLY track who those people are and what parts of your site they are visiting.  You can’t track them because they aren’t real visitors, it’s just a guess.

What is comScore?

comScore is an Internet marketing research company providing marketing data and services to many of the Internet’s largest businesses. comScore tracks all internet data on its surveyed computers in order to study online behavior. You can visit their site at http://www.comscore.com.

How does comScore work?

One of the most common questions asked is how does comScore work?  Where do they get the demographics information that almost seems to come out of thin air?  Well, they in fact have a couple of primary methods.

comScore is a paid measuring tool, meaning you must subscribe to their services in order to track and report your comScore metrics reports.  The website to be tracked must have the comScore tag propagated throughout the entire website in the same way you would a GA code and this will allow comScore to accurately measure your traffic, pageviews and other information that you a standard analytics program would collect.  So typically pageviews and unique visitors are quite accurate and should line up with GA numbers, although UVs will likely be a bit lower due to the way comScore measures uniques vs Google Analytics.  GA uses actual uniques, comScore magically tracks you and guesses when you are using your work PC, phone and Home PC and then numbers you as a single unique.

When I asked a comScore rep how exactly age is calculated by comScore for the demographics reporting, they confirmed the above:

“Demographic information is gathered from our panel.  When someone opts into the comScore panel, they are required to fill out a short questionnaire where we gather demographic information for themselves as well as other people in the HHLD who will be using the metered computer.  We then use census populations estimates to project out to the total internet population.”

So how does this part of the magic happen? How does it know what color your poop is, how old your car is and how much you make a year?  A couple of ways.

The Research Panel

comScore maintains a group of around 2 million monitored research panelists that run a background monitoring software package that tracks everything they do online.  comScore partners up with several technology brands to create and maintain this software, such as Permission Research, Opinion Square and VoiceFive Networks.  The users in this group are given benefits for being a panelist, including free software, online storage data, and chances to win cash and prizes from comScore.  comScore then uses a series of weights to adjust the statistics so that they have a better reach that reflects US and global browsing than just the two million panel members bring to the table.  This is where the guess-work comes in, as well as comScore panelists…

comScore Panelists

comScore regularly recruits panelists through random digital dialing, as well as additional online and offline methods such as polls, quick questionnaires and much more.  comScore then uses that data to determine total people online, geographic location, income, age, and other factors and then apply that information to “massage” their research panel stats and generate an accurate global or US demographic.

Additional information about comScore

I sent comScore a request with some of my questions and got back some great information directly from comScore:

comScore measures people and not cookies or IP addresses as your internal data does.  The way we do this is as follows:

When a company wants to become unified they sign up and place a beacon (or a tag) on every page of their website.  Whenever anyone goes to one of those pages (regardless of whether they’re in our comScore panel or not) our beacon call will place a comScore cookie on the machine. We count these cookies and then we use the people in our panel to understand the following:

  • Users deleting or blocking cookies
  • Users using multiple browsers per machine
  • Users using multiple machines across home and work
  • Users using multiple machines at home
  • Multiple users on the same machine
  • Computer Overlap: An adjustment is applied to the cookie counts to account for usage across multiple machines within the same household.

Based on our findings from the above criteria, we then assign an average Cookie Per Person ratio for that site. This CPP is updated every single month for every single entity we report on.

We then take the following steps to calculate the Unique Visitors:

  • We sum up the number of cookies for the particular country we’re measuring and  just for Home and Work (so we filter out International traffic, shared computers and mobile devices)
  • We use the Cookie Per Person ratio based on the criteria above to calculate Census Only Unique Visitors from cookies
  • We use the panel to understand the number of UV’s NOT seen from cookies.  Since the site may not have tagged every single page, some UV’s will go unnoticed by cookies.
  • We sum the Panel only Unique Visitors and Census Only Unique Visitors to reach Unified Home and Work Unique Visitors
  • We use the panel to understand the overlap between people using BOTH home and work computers
  • We report the final UNIFIED UNIQUE VISITORS

Page View numbers are calculated by the following:  

This measure comes 100% from the tags on your site.  We take the raw tag number and filter it from: 

  • International traffic (if you are only purchasing US data)
  • Shared environment/mobile traffic
  • Auto refreshes and don’t comply
  • Forced viewing (pop-ups….)
  • Nedoms (non-essential domains) comScore maintains a list of pages.
  • Non human traffic from bots and spiders are also removed

Why the comScore numbers don’t match my Web Analytics data:

  • comScore measures unique persons
  • Web Analytics “unique” numbers are a measure of unique cookies
  • Differences in the numbers come from:
    • Users deleting or blocking cookies
    • Users using multiple browsers per machine
    • Users using multiple machines for home/work
    • Users using multiple machines at home
    • Multiple users on the same machine
    • Web Analytics data totals include approximations of visitors using a  combination of IP addresses and user agent when a cookie cannot be dropped.
  • comScore filters out the following:
    • International data (for US subscribers)
    • Non-human traffic (bots and spiders)
    • Nedoms (non-user initiated traffic) pop-ups, & partial page loads
    • Shared usage environments (internet cafes, libraries, airport kiosks…..)

What is Quantcast?

Quantcast is a media measurement, web analytics service that allows users to view audience statistics for millions of websites. Quantcast Corporation’s prime focus is to analyze the Internet’s web sites in order to obtain accurate usage statistics by surfers from the USA.  It is primarily used by online advertisers looking to target specific demographics such as age, income or other traits. You can visit their site at http://www.quantcast.com.

How does Quantcast Work?

Quantcast has a large network with millions of sites running its data collection feeds, web beacons and anonymous cookies, so it can track a person as he/she visits any of the websites in its network, and can build a profile of that person’s browsing habits, and then extrapolate demographics.  Quantcast tends to associate themselves to the way search engines examine how webpages are interlinked, and thereby determine relevancy within it’s network and the demographics they collect.  You can read more about what they do from a company perspective at http://www.quantcast.com/how-we-do-it.

Is it Legal?

Both comScore and Quantcast use proprietary algorithms they use to try to make educated guesses about the age of the user based on their internal measures and then displaying that person the ad.  This is again not real data, it’s based on educated guesses based on their own measures and not on the real data of the actual visitor, which is what true analytics use.  They can only track anonymous browsing habits…  AGAIN, the only real way for a site to know 100% the age of the user is if the user enters their age on the site and submits that information… anything above and beyond that is quite honestly educated guesswork on an internal formula of indicators and measures gathered by web beacons and cookies that track behavioral browsing patterns.

This is actually why Quantcast and other demographic tracking companies have faced numerous lawsuits and privacy violations… they all have to walk a very fine line of how intrusive they can be in their data gathering methods until they start to break the law.  It is illegal to gather personal individual data without authorization via cookies, beacons and other tracking means unless the user agrees to it, which is why contest pages etc all have terms and conditions the user has to agree to (one of the reasons anyhow).  All general traffic behavior research gathering has to be anonymous and is generally mentioned in website privacy policies, which you can see on just about every company website you can think of. This is why the demographics information from comScore can’t actually be applied to the real analytical data.

Both companies have an extensive history of lawsuits, accusations and general privacy violations as they try to push the boundaries of what they collect and the collection processes.  A quick Google Search shows dozens and dozens of privacy violation lawsuits against comScore.

There is no question that online privacy is a farce, and hopefully as individuals continue to see how easily their privacy is exploited online, we learn to keep things closer to the vest.  Check out this little blog post by Robert Dempsey about comScore, a bit of an eye opener in case your head is in the sand.

Why do ad agencies LOVE Comscore?

Is it a lack of options?  Awesome marketing on comScore’s part? Dominance in the industry? Well, it’s a bit of everything to be honest.  We know that it’s nothing but educated guesswork, yet multi-million dollar deals are lost and won because of what comScore has to say, more so than REAL numbers such as the metrics provided by Google Analytics for example. comScore has positioned itself to be the leader in demographic research and through aggressive business propagation and smart marketing have made it as common and standard to digital ad planning as TVs are to a consumer’s home.  You may not realize it, but you are likely touched by comScore on a daily basis… when you surf, when you read magazines, when your boss is making decisions that affect you and your company and so much more.  It’s used daily in media kits, presentations, infographs, marketing plans and many other mediums for everything from entertainment to purchase proposals.

comScore is everywhere and has become masters of educated guesswork, ninjas of not-so-naked truth and warriors of what’s up online. There is no question that if you plan to work with ad agencies on premium ad buys for your website, you have no choice but to tag with comScore if you plan on playing with the big boys.  BUT if you’re concerned about your online privacy and how you are tracked, fact-finding on the practises of comScore, Quantcast and other demographic measuring companies is a scary eye-opener.

How do you feel about your online privacy or about comScore and their metrics?  Are you an actual comScore research panel member?  Please chime in with your comments by using the form at the bottom of the page and please share this article socially with your friends and connections.

Thanks for reading!
Dan

Problem with WP-Stats-Dashboard Plugin “wp-content/plugins/wp-stats-dashboard/view/admin/graph.php” solved!

Problem with WP-Stats-Dashboard Plugin “wp-content/plugins/wp-stats-dashboard/view/admin/graph.php” solved!

Comments 0 Comment

If you’re looking for a pretty slick WordPress stats package, you have to check out WP-Stats-Dashboard and the awesome functionality this brings to your admin dashboard.  As I toy around with this package, I am having a few issues I am slowly working on as I continue to re-import my tutorials back in to the site and look for missing images and errors.  One of the very first issues I had was when the package was first installed and instead of getting my trending graph reports, I would get one of the following two lines of text instead of a graph:

  1. ../wp-content/plugins/wp-stats-dashboard/view/admin/graph_trend.php
  2. ../wp-content/plugins/wp-stats-dashboard/view/admin/graph.php

I fiddled around with this for about 30 minutes, deleted and re-installed the plugin and tried a few other things to no avail… I ended up throwing my hands in the air in disgust and moved on to other things instead of wasting more time.  Well, turns out that was the right decision as it looks like this is an issue many folks are seeing when they first install the plugin.  How do you fix it?  Wait!  Yep, just wait for the graph to cache and it will start working all on its own… I came back to the WordPress dashboard a couple of hours later and VOILA, it started working.

So with that solved, I only have a couple of other issues:

  1. The WP-Stats-Dashboard iOS app looks awesome, but apparently Apple Store Canada does not carry the app… what the hell is that all about!?  I know there is a long tedious way to bypass this issue, but I’m too lazy to mess with it.  I’ve contacted Dave, the owner of WPSD so hopefully he can look in to this and start going international!
  2. When I go to the main WPSD stats dashboard, there is a box with all your social media metrics labeled “Stats – Social Media Metrics”.  When I click the reload button, it generates the following error: “Warning:  number_format() expects parameter 1 to be double, string given in ../wp-content/plugins/wp-stats-dashboard/classes/util/metrics/WPSDTechnoratiRank.php on line 59″. Now I have my WPSD set not to track Technorati so I have no idea why it is calling this page and why it’s generating an error.  I fiddled around with this as well and couldn’t find a solution.
  3. I’m also having a bit of an issue getting my social stats to track properly beyond Twitter and Facebook (Stumble, LinkedIn and G+ refuse to track) but I haven’t had a chance to mess with any of this yet.  I’m wondering if you need a paid account with LinkedIn for it to work.

Anyhow, hope this helps relax your nerves if you’re dealing with the graph.php issue and if you know the reason why my other 3 issues are happening, please feel free to chime in.

Thanks!
Dan

The SEO Marketing Traps – There is no secret SEO recipe you don’t know about!

The SEO Marketing Traps – There is no secret SEO recipe you don’t know about!

Comments 3 comments

After a recent experience of mine with some SEO related service questions, I wanted to put together a few thoughts on SEO services, tactics and maybe put some of your minds at ease… both for people who provide SEO, people who do SEO package reviews like me, and users of SEO.  If you’re trying to find the secret ingredient to SEO success, you might like to read this.  Please note this is an updated posting, the tutorial has been moved from the old host.

You’ve probably seen the emails…  a company in India is a leading SEO specialist, and for a monthly fee ranging from $100 a month to over $1000 will perform some SEO magic on your website, making you more visible, higher ranked on keywords, increased PR and even possibly a better lover!  You’ve been busting your head trying to figure out what these guys are doing that you’re not…?  your site has been stagnant and after a couple of months of work, you’re not really getting anywhere.  So what the HECK are these guys doing that’s you’re not?  What secret recipe are they using that will yield the amazing results you’ve been after but have failed to produce?  What do they know that I don’t?!

The answer is likely… nothing.  And here lies the trap, and likely leads to the most common SEO mistakes most of us have fallen prey to at some point.

SEO is real, powerful and necessary for the success of your website even at a basic level.  Internet marketers and specialists focus (or least should focus) very strongly on SEO practises, and SEO companies like YEAH! Local are trying very hard to let all webmasters know that SEO is important and that you need to use them and their elite SEO knowledge to get results and be the top of the world quickly and effectively.  The truth of the matter is many of us think that SEO is a bag of tricks that changes month to month and that only a few folks that have dedicated hundreds of hours to the study of SEO truly know what they’re doing.

Good news…  that’s completely untrue, and most SEO tactics that result in overnight increases in traffic often do more harm than good as they are probably against search engine guidelines and their TOS.  You have to change your mindset completely… there is no secret recipe or overnight tricks.  You need patience and time, plain and simple.

 01. There is no SEO smoking gun!

The first mistake to avoid is looking for the secret that you believe SEO experts know and you don’t.  Every single SEO concept and tactic you need has been repeated over and over in thousands of free tutorials and articles all over the web.  Deep down you probably even know that, but you’re on a mission for more organic search engine traffic so you throw caution to the wind and decide to pay an expensive SEO service that will employ exactly the same tactics you already know about, they will simply dedicate more time to it than you probably realized was required, and even the best of SEO companies can’t deliver overnight results unless they are performing shady blackhat tactics.  SEO is a lot like investing money… you need to think long-term, as in 6 months down the road, not 6 days or 6 weeks.  Forget about spam campaigns or link directories with a million other SEO “gurus” have posted links.  You need to focus on quality backlinks and real keyword research, and of course the king of web marketing: CONTENT!

02. Search Engine Guidelines

Another mistake most webmasters make is to completely disregard user guidelines of the major search engines.  I think it’s safe to say that most of us know that Google has a TOS with very specific guidelines of what you can and can’t do to optimize your site for it’s index, but how many of us have actually read it?  Oh, you have?  Good stuff, now how many of you check it for changes on a regular basis?  That’s what I thought…  and yes it changes quite often.  Following these terms is critical if you care about search engine traffic because you can score some very effective tips on optimizing your site, plus find out what could end up getting your site penalized.

03. Internal Linking Strategy

The final mistake I see quite a bit, that even I am working on correcting, is internal linking.  You can bust your butt on backlinks, but if you ignore the topology of your internal link, you are missing a VERY important ingredient to your SEO success and your ability to earn what is called “link juice”.  First time you hear this term?  Link juice is the currency used by Google to determine why your site should outrank others.  For a great explanation on link juice and how it works, check out this article.

The fact is, it’s extremely difficult, if not damn near impossible to control how other sites link to you, but you can do whatever the heck you want with your own site.  Internal linking is an art-form on it’s own and can yield significant long-term gains when properly applied.  By creating effective internal linking, you’re more or less promoting other areas of your site that are less popular, but still possibly relevant to your visitors.  This increased visibility on an internal level can introduce your users to features, areas and content they may have never realized you had, and these users are all potential backlinks, social media buffs or word-of-mouth links to untapped traffic.  Just check out large sites like Microsoft, Amazon, eBay, Digg and many more… you’re presented with the content you are looking for, as well as internal links to other relevant areas in an effort to engage you and explore further.  This is effective internal linking.

Again, you’ve read SEO articles before and most say the same thing… you need to focus on the following:

Onsite SEO

  1. Establish and optimize your website pages for specific keywords.  This includes metatags, URLs and content.
  2. Investigate and research your competitors… see where they rank for keywords and how they are optimizing their pages.  Are they ranked higher than you?  You can find out why by checking meta tags, backlinks and their content pages.
  3. Optimize your title, meta and header tags.
  4. Optimize your anchor text, your robots.txt and your image Alt tags.
  5. Write relevant content as often as possible!
  6. Fix broken links on your site.
  7. Create an XML sitemap and submit it.
  8. Ensure your site is included in major search engines and see how you rank for your top 10 – 20 keywords.  Keep track on a monthly basis to check your progress.
  9. Install and use Google Analytics.
  10. Validate your code for easy crawler inclusion.

Offsite SEO

  1. Verify search engine guidelines and make sure you are compliant
  2. Research and build up backlinks to your site… there are dozens of strategies.
  3. Create a separate blog and keep it updated with content regarding your site, updates, research and other projects.  Use it to generate interest!
  4. Create articles for open distribution
  5. Take advantage of social media and social bookmarking sites
  6. RSS Feed submission
  7. Forum posting
    Search for link directories and link exchanges relevant to your site’s content and join them!  Don’t just submit to everything under the sun, most link directories are completely useless.

I’m sure I’m missing a couple of items on here, but this is everything you need to know, and this is everything an SEO company will do for you no matter how much you spend per month.  There are no magic bullets, smoking gun or any other catch-phrase worthy techniques you don’t know about, it’s all out in the open.  The key is to dedicate time to your SEO strategies and set long goals for results, but short-term goals to get there.  For example, rather than say “OK this month I want to increase my traffic an extra 5000 visitors a day” look for a more tangible short term goal such as “This month I will create 50 new one way links to my site”.  With small monthly goals, the long-term traffic goals will follow and will likely exceed your initial estimates.

Of course, if you have absolutely no time to optimize your site for search engine traffic, that’s an whole different issue and at that point you may wish to employ the services of a reputable SEO consultant, but don’t spend a cent if you’re thinking they know something you don’t.  Patience and hard work always trumps looking for a quick fix and instant results.

Now for some handy links you should know about…

Google Webmaster Guidelines
Yahoo Terms Center
Bing’s Webmaster Center
W3C Standards
SEO Centro Keyword Rank Checker

That’s for me on this one guys, thanks for reading and see you on the next tutorial!

Take care,
Dan

How to Fix “554 Your access to this mail system has been rejected due to the sending MTA’s poor reputation”.

How to Fix “554 Your access to this mail system has been rejected due to the sending MTA’s poor reputation”.

Comments 36 comments

IP reputation…  when it comes to running servers, especially client hosting servers, server IP reputation is critical to ensure the highest level of service to your clients so they in turn can deal with their clients.  Poor server IP reputation means blocked emails, blacklists, blocked content, firewall issues and all kinds of other nightmares.  It’s especially frustrating because you can be off ALL known blacklists and STILL have a poor IP reputation getting you in trouble.  The bad news is that I’m still struggling with this issue myself… the good news is I can help you with what I’ve learned so far.

As you may or may not know, I run a small hosting company called P2LHosting.com and I recently started leasing a new server for my customers and was assigned an IP that the previous owner had obviously abused, so I inheritied all the blacklists and issues that came along with it.  I didn’t know it at the time since I didn’t have anything running on this box initially, but as I moved clients to the server over the next couple of months, the complaints for rejected emails start rolling in, and thus the nightmare began.  Granted, I could have called up the DC and had the IP changed (and that’s probably what I SHOULD have done), but you know me… I love a challenge!

Here are some of the rejections notices, you’ll probably recognize some of these:

“host smtp.secureserver.net [216.69.186.201]: 554-m1pismtp01-024.prod.mesa1.secureserver.net
554 Your access to this mail system has been rejected due to the sending MTA’s poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.”

“host ecrmdmzmx1.ecrm-online.com [207.54.174.158]:
554 Service unavailable; Client host [darth.pixel2life.com] blocked using Barracuda Reputation;”

“host relay.verizon.net [206.46.232.11]: 571 Email from 67.228.10.58 is currently blocked by Verizon Online’s anti-spam system. The email sender or Email Service Provider may visit http://www.verizon.net/whitelist and request removal of the block.”

“Delay reason: SMTP error from remote mail server after initial connection:
host e.mx.mail.yahoo.com [67.195.168.230]: 421 4.7.0 [TS01] Messages from 67.228.10.58 temporarily deferred due to user complaints – 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html

Now those are just a few samples, but the one we received the MOST is the “MTA’s poor reputation” version, which is naturally the most difficult to fix.  You see, rejection warnings will normally tell you that you are blacklisted from a specific spam filter list.  So if we look at the examples above, Barracuda, Verizon and Yahoo all have their own blacklists that you can contact and ask for removal if indeed you are NOT sending spam from your server’s IP any more.  So, let’s look at some handy tools you should use to check your IP’s reputation and see if you’re blacklisted anywhere.

First you’ll want to use MX Toolbox’s SuperTool… a very handy and completely free online tool that allows you to perform many important domain and IP related activities, including check all known blacklists for your IP’s inclusion.  You can find the tool at mxtoolbox.com/SuperTool.aspx and there you will see a complete list of commands and what they do.  In order to run a blacklist check, enter “blacklist: (ip)” (replace (ip) with your server’s IP duh!) and click the lookup button to run the check.  Should you get any positive hits and you ARE indeed blacklisted, they will be listed at the top with a red icon and you can contact them directly and asked to be removed.  A clean bill of health will look like this:

This is where things can get frustrating… you run this blacklist check and you are green across the board, yet you continue to experience those darn MTA reputation warnings!  First off, what the heck does MTA stand for?  MTA is the acronym for Mail Transfer Agent and it’s nothing more than a fancy term for your server that sends out your mail.  So in case you thought MTA was some kind of dedicated Microsoft technology that you can deal with directly, it’s not… it’s just a general term for the hardware doing your email sending.  There are several databases and companies that calculate this reputation, and some ISPs rely on these companies to provide them with tolerance scores to reject possible spam. 

So as an example, if you have 100 ISPs using SpamCop for filtering and you get blacklisted, you can contact SpamCop and have your IP removed.  Now, if you have 100 ISPs using Senderbase reputation ratings and anything rated “poor” is blocked, then you have to contact 100 ISPs, which of course is unrealistic.  You have to improve your reputation, then those 100 ISPs will correct themselves.

Unfortunately these are more difficult to deal with sometimes than a regular blacklist that you can just contact and ask to have your IP taken off.  When it comes to fixing IP reputation scores, it’s very much like performing an SEO tweak and then waiting to see if Google likes what you did.  Let’s look at some IP reputation sites and see how we score.

The first check is with www.sendmail.com and their IP reputation lookup tool located HERE.  Sendmail has been around since the early 80s and according to their company literature, the sendmail Open Source MTA is the most widely used email technology on the Internet with their  Open Source and commercial versions found on over 35 percent of all Internet servers, and deliver over 65 percent of the email messages sent worldwide.  Now when I started this trip in to IP reputation, our lookup page was pretty bad, with our IP in the red and pretty bad looking spam numbers:

When  you see this kind of information, you clearly have an issue and you’re able to narrow things down because this report is based on the last 30 days of traffic from your server.  So if you’ve owned the IP for the last month or more, you know there is spam coming from your IP under YOUR watch.  So at this point it’s critical to find out where the spam is coming from… if you’re not sending out unsolicited email then either you have a client doing so through their site, your server has been compromised with Malware of some kind or a script on your server is being exploited.  You will need to pour through your mail logs to see where the spam is coming from, it will likely stick out like a sore thumb.  In my case not only was I handed an abused IP, but now I had a client that was getting the “tell a friend” script on his site’s shopping cart exploited.. .the logs showed over 33,000 spam emails were sent from his account!  I did some research and found it was a known exploit (if you run CubeCart, DISABLE the “tell a friend” functionality) and we fixed the issue.

When making changes to your server, it can take up to 30 days for your changes to reflect in your reputation score.  The good news is that with sendmail.com we dropped from an 80% risk to 40% within 48 hours.  Unfortunately this is where a bit of frustration starts to kick… our reputation was now well within acceptable limits and I thought we were all set but we were STILL getting those confounded “554 Your access to this mail system has been rejected due to the sending MTA’s poor reputation” error messages.

So now what?  Further research lead me to Cisco’s Ironport hardware and their IP reputation system that Cisco maintains for spam blocking on their Ironport units.  All this information can be found on their main security network page at www.senderbase.org and you can find the actual reputation check tool right at the top right-hand corner in the “Look up your network” box.  It turns out that the “554” error is in fact the default error message from Ironport units, so in order to fix THAT issue, my senderbase IP score would have to be fixed.  It’s been about 72 hours since canning the exploited cart script and stemming the spam but we’re still rated at “poor”:

So at this point it’s a waiting game as we see how long it will take for the record to update, but all the research I’ve done so far indicate up to 30 days.  You can see in the screenshot at the bottom right corner that my second server is rated neutral, which is normal.

What else can you do to improve your MTU reputation rating?  Aside from stemming the flow of spam from your server, you can also take some server configuration steps to build up your reputation.  In fact one of the possible factors contributing to a poor reputation is server configuration error.  So you do have to make sure your MX record is in order.  Some other tips:

1. RDNS (reverse DNS) – You need to set RDNS as some mail server check for RDNS settings.

2. Some experts say you should set SPF records for all the domains on the server.  You can find information on SPF records here:
http://www.openspf.org/SPF_Record_Syntax
http://old.openspf.org/dns.html
http://old.openspf.org/wizard.html

3. Ensure that your server is properly hardened, secured and updated to avoid possible exploits that would allow hackers to run spam campaigns through your hardware.

4. Run a malware and rootkit scan on your server.

5. Review your email logs and verify that your server is no longer sending out spam of any kind.

Here are some additional reputation look up tools:

http://www.reputationauthority.org/index.php
http://www.trustedsource.org/

I also found a very interesting post that was made by Hotmail domain support and found some useful tips, check it out:

We have identified that messages from your IP (xx.xxx.xxx.x) are being filtered based on the recommendations of the SmartScreen filter. This is the spam filtering technology developed and operated by Microsoft and is built around the technology of machine learning. It learns to recognize what is and isn’t spam. In short, we filter incoming emails that look like spam. I am not able to go into any specific details about what these filters specifically entail, as this would render them useless.

Furthermore, the deliverability issues on IP were based on negative filter verdicts or other IP reputation issues that caused some (or) all of your mail to be deleted and/or potentially blocked.
E-mails from IPs are filtered based upon a combination of IP reputation and the content of individual emails. The reputation of an IP is influenced by a number of factors. Among these factors, which you as a sender can control, are:

• The IP’s Junk Mail Reporting complaint rate
• The frequency and volume in which email is sent
• The number of spam trap account hits
• The RCPT success rate

Enrolling your IP address to our Junk Mail Reporting Program (JMRP) and instilling an SPF record on your domains, should help avoid common deliverability issues. These programs are in place to help legitimate companies deliver their email messages to Hotmail users. After you have taken steps to enroll in the JMRP and Sender ID, please contact us again so we can assist you further. Please include the SRX number you were given after you complete the enrollment.

Publish/update your SPF records – Please ensure that you have published SPF records for your sending domains and register with Sender ID. You can find additional information and submit your domain for inclusion into the Sender ID program at http://www.microsoft.com/senderID. Please note that technical standards (RFC 4408) discourage use of “PTR” for performance and reliability reasons.
Junk Mail Reporting Program (JMRP) – Enrollment with this free program will benefit you as a sender as it will keep your email lists updated and populated with interested Windows Live Hotmail Customers. This program will help you to remove those Windows Live Hotmail Customers who do not want to receive emails from your company. Please visit HERE!

It is Hotmail’s expectation that complaint rates and spam trap account hits are kept at a minimum. RCPT rates should be as close to perfect as possible. IPs that does not send email on a regular basis with consistent volume is often burdened with poor reputation, as spam attacks are similar in this respect. In addition, IPs that have little to no history of sending email messages to Hotmail users are more likely to be targeted by SmartScreen. There is no hard and fast rule as to email volume and frequency but if the IP is regularly used the likelihood that the IP experiences poor reputation problems diminishes.
Below are additional recommendations that we have for you to prevent being filtered by SmartScreen. These will help you manage the factors that affect your IP’s reputation.

1. Hotmail has created the Smart Network Data Services program. This is a service that helps legitimate email senders work with their customers and partners to reduce spam originating from their IP. To register, please go to http://postmaster.msn.com/snds/. This program allows a sender to monitor the ‘health’ of their IPs.

2. Ensure that there is not anything technically wrong with your MTA. Some of the questions that you need to keep in mind are:

a. Are your DNS records updated?
b. Are you transmitting data upon making the SMTP connection?
c. Is the problem isolated to any specific machines?
d. Do your SMTP logs show any failures?

3. Segment your mailing infrastructure by IP. Marketing email, transactional corporate email, “forward to a friend” email and signup emails should be sent from different IPs. This will help to identify what types of messages are being flagged by Hotmail users.

4. Strengthen the sign up process. Confirm that you are using a double-opt-in sign up process. This will not help in removing existing Hotmail customers from your email lists but it will confirm the authenticity of those who sign-up on for your email campaigns and newsletters.

5. If you have any feedback loops setup with other ISPs, you should look for trends to try and determine possible causes like a new data source or a new advertisement. It may also be that customers signing up do not recognize the mail you are sending them.

6. Clearly mark your emails so that Hotmail customers are able to identify quickly and easily that they requested emails from your service.

7. Do some analysis on the data regarding complaints. Look at Hotmail users who have never clicked, opened, responded or bounced in any way. These poor performers could contain many bad addresses.

8. Evaluate the frequency of your mailings. Are you making your mailings less relevant and welcome by sending too many emails?

9. Enroll in the Sender Score program. This is the only white list that Hotmail uses. It is owned and operated by Return Path. You can find information about this program at http://www.senderscorecertified.com
10. Visit http://www.senderbase.org to verify that your IP is not being listed on any third party block lists.
11. You can also take advantage of the following email delivery consulting companies who participate in the Messaging Anti-Abuse Working Group (http://www.maawg.org/home/), and the Authentication and Online Trust Alliance (https://www.aotalliance.org/index.html).
The information that we have provided are only recommendations. Microsoft makes no guarantees that following these steps will guarantee deliverability to MSN, Windows Live Hotmail, or Live.com customers. If you believe that you have taken advantage of the recommendations above and believe that you have built a strong IP reputation and still encounter problems sending to Hotmail users, please don’t hesitate to let us know and we’ll see what we can do to assist you further.

So now that I have made all the recommended changes (and HOURS of research) I am hoping this will do the trick.  I will keep an eye out on the reputation status of my IPs and update this posting as results start to come in, and I will add additional information and tips as I find them.  I hope this helps you figure out how to deal with your own IP reputation issues!  Please feel free to click on the comment icon below to comment on this article or to share your own tips or experiences dealing with this  issue.

Thanks,
Dan

Final Update and Thoughts on “error 24” Issue with CorelDraw!

Final Update and Thoughts on “error 24” Issue with CorelDraw!

Comments 2 comments

Good morning everyone!  Wow, this whole "error 24" issue out of Corel that I figured was a small error I had somehow generated through some magical Vista voodoo ended up being quite the event, not to mention my most commented article to date on this blog.  I want to thank everyone that stopped by to post a comment, be it to thank me for the help or to slap my wrist for helping folks with pirated copies circumvent the error.  All comments are welcome on here as long as they are civil, so no worries.  Anyhow, Corel has posted their final statement on the issue and have offered a deal for anyone that has been scammed by a retailer as long as you have proof of purchase, or if you want to purchase X4 outright.  Please check it out HERE.

At this point, it's obvious that Corel is acknowledging the fact that many users have paid for software thinking it was legitimate when in fact it was not, or people were using valid NFR or demo versions, or you were using a pirated version with a generated serial number.  The application is programmed to expire on these non-retail type passwords June 1st, 2010, hence the shenanigans that kicked up this week. I personally have been using NFR copies given to me directly by Corel since version 12, and quite honestly, this is the first I hear of any kind of expiry on them.  I called Corel this morning and they confirmed that my X4 was a vendor eval version and unfortunately has expired and I can no longer use it.

This is frustrating to me because when I was given this copy, I was not told of any expiry date or time limit, nor did it mention any in the terms and conditions I agreed to when installing the software.  Granted, I was given this software for free, but I don't think it's a far cry to say that I have since sold many copies to potential clients through my constant plugging of this software, not to mention the thousands of views my Corel tutorials and articles have received.  Either way, my X4 has expired so the question becomes, what do I do now?

First up, I've removed my X4 install and re-installed by eval copy of version 12… and low and behold,it works fine with no error.  So it would appear that the expiry date on vendor eval copies is new in X4 (unless X3 had the same expiry date).  Next up, I'll see if I can get a copy of X5 in the same manner, otherwise I'll pick it up… upgrade is $200 from the Corel store, so not a huge deal when compared to Adobe's pricing, although Photoshop has clearly become a heck of a lot more powerful vs Photo Paint, and there's no touching Illustrator.  But I guess when you've been using the same software brand for 15+ years, you get a little attached to it.

OK, moving right along… in terms of folks linking to the dr14.dta file in my previous post about this topic, I'm afraid that because this is a confirmed issue with eval versions expiring or generated serial numbers being invalid, using this workaround is not legal.  I know many of you have paid good money for your Corel software, but you've been unfortunately scammed and need to contact Corel ASAP to get your issue resolved.  So that being said, and after speaking with the Corel rep directly to confirm all the facts, I will be removing all the links to the .dta files in the comments area.  I know anyone can find these doing a simple Google search, but it's not exactly in my nature to support software piracy seeing as it's almost a daily struggle for me to stop people from copying my sites, stealing content etc.

So thats it from me on this issue…  now to get back to writing tutorials!  By the way, in case you are new to this blog and found out about it when you searched for a resolution to the "error 24" thing, thanks for stopping by!  If you're fairly new to the world of CorelDraw and would like to check out some Photo Paint tutorials, check out my complete list HERE!  I also run a huge tutorial search portal with thousands of free tutorials for graphic designers, programmers and webmasters and you can check that out at Pixel2life.com.

Thanks again for all the comments and feedback guys, take care and happy drawing!

Dan