All You Need To Know About Gmail’s Feedback Loop Offering

Kate Nowrouzi
Apr. 1, 2014 by Kate Nowrouzi

Gmail introduces a pilot feedback loop offering

Back in February, Gmail announced their Feedback Loop (FBL) pilot offering to ESPs to help them with identifying bad actors and spammers on their network. For anyone who is interested in learning more, the enrollment form can be found here.

For those of you who are unfamiliar with the process, here’s a brief recap. Feedback loops are essentially reports that ISPs provide to large volume senders about the number of recipients who mark their mails as spam. It’s a really important service that allows businesses to monitor their sender reputation with the ISPs and quickly take action for damage control if large numbers of recipients are marking their emails as spam. As you can already tell, this is pretty crucial for businesses that are dependent on email marketing as a main revenue stream. 

Gmail’s feedback loop, however, differs from other ISPs 

Gmail’s FBL is not in ARF format. In order to protect user privacy, their FBL is offered in the form of aggregated spam statistics per customer or per campaign, which cannot be traced back to the email address of the recipient who marked the mail as spam. This daily report provides a percentage of user spam complaint rate per customer and/or campaign of an ESP, and will be sent to the designated email address provided to Gmail by the ESP (eg: GmailFBL@example.com). The service is not designed for list management or delivery evaluation, and if there is a sizable percentage of spam in your traffic, you will receive the aggregated report the next day.

ESPs are highly encouraged to comply with Gmail Bulk Senders guidelines. Gmail requires all senders to use a consistent IP address to send mail, valid RDNS record for all sending IP addresses, and the same address in the ‘From:’ header on every bulk mail. As far as authentication, they highly recommend signing with DKIM, publishing an SPF record and adhering to the DMARC policy.

How does Gmail’s feedback loop work?

ESPs will first need to insert a feedback identifier header “Feedback-ID”. This header will identify the customer and or campaigns, mailings, and mail types. FBL reports will be generated based on these identifiers.

The “Feedback-ID” header will have a maximum of 4 fields, 3 are optional.

“Feedback-ID: a:b:c:ESPid”

  • “Feedback-ID” is the name of the header
  • “a:b:c” are the optional 3 fields which can be anything the ESP chooses (ie: campaign, mailing, traffic type)
  • “ESPid” is the only required field. This ID corresponds to an ESP customer and must be unique and persistent to that customer.

Gmail will aggregate data for the last 4 fields starting from the right side and ignore any extra fields. The data returned in the feedback report will be aggregated by the tag seen in the Feedback-ID header. Every tag will be included in the report and there are no limits on the number of total tags specified. However, Gmail will ignore tags with too few messages to prevent abuse.

Date Identifier Spam_Rate

3/17/13

 a1

1.70%

3/17/13

 a2

0.89%

3/17/13

 b1

2.50%

3/17/13

 c1

3.50%

3/17/13

 c2

2.00%

3/17/13

 ESPid

1.00%

FBL data will be aggregated by way of each identifier independently and not grouped across identifiers. Spam percentages will be reported across all the mails containing a given identifier, irrespective of the position in the identifier header. The FBL report will be sent in the form of a CSV attachment and contains data received by Gmail on the previous day by the ESP. This report is intended for gmail.com users and doesn’t support Google-Apps or Google hosted domains.

What are the DKIM requirements?

To prevent spoofing of the “Feedback-ID” header the ESP must strip any instances of this header first before inserting it and then DKIM sign it with the ESP’s domain key. This is in addition to any existing signature and is a practice commonly known as “double signing”.

There may only be up to 10 unique DKIM “d=” signing domains used to sign these headers but subdomains may be used as an alternative.

As far as DKIM key length is concerned, Gmail requires a minimum 1024-bit long key. According to the Gmail postmaster site, Gmail has been treating all emails signed with less than 1024-bit keys as unsigned since January 2013. They recommend affected senders with short keys to switch to RSA keys that are at least 1024-bits long.

How can we correctly implement Gmail’s FBL requirements in Momentum?

Multiple signatures are supported in the Momentum platform using Lua policy. OpenDKIM is now the preferred signing module in Momentum versions 3.6.0 and newer. More information about the Lua libraries for signing can be found in our documentation.

We’ve also created a simple OpenDKIM signing Lua policy that easily configures a second signing domain. You can find more info about that here.

Which Other ISPs Provide Feedback Loops?

If you’re looking for more information on how feedback loops operate, do refer to the “Complaint Feedback Loop Operational Recommendations” RFC 6449 document. And while we’re talking feedback loops, it would make sense to share links to the other trusted FBL providers out there, in case you didn’t have them already.

Now, to sum up: it’s great news that Google now provides an FBL. It has some quirks and senders will need to do some configuration to get it to work for them. But for Momentum users, that will be a straightforward process. If any readers would like to share their experience with the new Google FBL, we’d love to hear your story. Feel free to leave feedback in the comments.

 

–Kate Nowrouzi
VP, Email Delivery Operations

10 Comments

  • You can add mail.ru and orange.fr in here.

    Reply
  • Hi, are you sure orange.fr provide FBL ?

    Reply
  • Yes, they do via third party called signal spam. They sent like in a CSV format (not art) plus you have to become a member of signal spam to get that fbl.

    https://www.signal-spam.fr/english

    Hope this will help.

  • I was lucky enough to get the chance to interview a member of the Gmail antispam team at some length. I published a post on the feedback loop that is likely to be of some interest to the readers, so I hope you do not mind my sharing:

    http://emailexpert.org/9-gmail-fbl-myths/

    Reply
  • Hello,

    I have been consistently getting emails that are either addressed directly to me like today or to jenniferrobin@gmail.com The issue is they are about things that have no relation to me personally. Homework assignments, Cancer Support Groups and today an appointment for a church that is in TN. I checked online to see if this place exists and it does. I live in CA. Is there a way to stop these emails such as the Feedback Loop? Otherwise I need to change my email address.

    Sincerely,
    Jen in CA.

    Reply
  • Hi Jen,

    Usually, you can unsubscribe from most mailing lists using a (usually itty bitty) link in the small print in the footer of the email. Legitimate senders all have them. If you’ve tried that and they still appear in your inbox or if they don’t have an unsubscribe link you can use Gmail’s Spam button. It’s the octagon with an exclamation point in it, right next to the Archive button at the top of the screen in Gmail where you view the message. I’m not sure if you’re using an app, but that’s where it is in the normal browser version. That should make it so those messages automatically hit your Spam box instead of your inbox.

    Hope that helps!

    Reply
  • Hi Jen.

    It may be possible that someone is giving other users their email address and the person who is tying it is making a clerical mistake. You may consider replying to them if they look legit so that they realize it is going to the wrong person.

    Reply
  • Thank you Corry Frydlewicz. I am doing that with the emails that seem to be Spam.

    Thanks again!

    Reply
  • Can someone please tell me what if an ESP has more than 10 DKIM signed self hosted domains, should one fill more than one form?

    As per the directions, FBL form can only have ESP hosted domains, how can an ESP get data for its customer’s hosted domains.

    Reply
  • “If there is a sizable percentage of spam in your traffic, you will receive the aggregated report the next day”. Can you please tell me in what format I will be getting it, CSV or other. Also if I provide unique email_id for each email as one of the identifier than each spam click for that identifier will give 100 % spam rate, in such case do I get report or Not ?? Please help.

    Reply

Share your Thoughts

Your email address will not be published.

Related Content

10 Steps to Email Deliverability for Beginners

Email deliverability doesn’t have to be a mystery. Get our easy, step-by-step guide on deliverability for beginners and be on your way to sending success.

read more

Are you Realizing the Big Rewards of Email Deliverability?

We did the math, learn how email deliverability is calculated, how it impacts your bottom line, and how to improve it for better engagement rates and ROI.

read more

Personal Whitelists: The Gold Dust for Senders

Personal whitelists are a positive signal to ISPs that your mail is wanted. Here's how personal whitelists can improve your sending reputation.

read more

Start sending email in minutes!

The world’s most powerful email delivery solution is now yours in a developer-friendly, quick to set up cloud service. Open a SparkPost account today and get started for free.

Get Started

Send this to a friend