DMA Email Council February Meeting: Virgin Media Talking Points
31 Mar 2021
A primary role of the DMA Email Council is to build strong relationships between the various components of the email ecosystem. The mailbox providers (MBPs) who host subscribers email accounts are a vital part of this conversation. Better understanding of the challenges MBPs face as they handle huge volumes of inbound email traffic (much of it fraudulent and/or malicious) means legitimate senders can be more intentional about adopting the standards and best practices that make them look like good actors.
So it was a real pleasure to welcome Jamie Dent, Ken Oaten and Steven Lundie from Virgin Media, and Paul Janzen from Liberty Global (Virgin Media’s parent) to our February Council meeting. We had a fascinating conversation, and they were exceptionally generous in sharing a wealth of knowledge and expertise around how they think about the email space – spam, fraud, and the role of legitimate senders.
They have graciously allowed us to share these insights with our community, and the following Q&A provides a summary of the key talking points from the session.
Tell us about the position Virgin Media occupies as a major player in the UK mailbox provider (MBP) landscape?
We operate millions of mailboxes, on behalf of our customers, and receive ± 50 million inbound emails daily. Many of these emails are rejected at the gateway. Of the ones we accept, ± 90% are placed in our customers’ inboxes, with ± 10% balance placed in their spam folders.
Do you accept there is a place for legitimate, permission-based email marketing?
We absolutely accept that commercial mailers have a right to be there. Over the years, email marketing volumes have increased, and we have grown our own capabilities to deal with this. We have definitely seen that commercial senders are getting their act together (by implementing best practices like DMARC etc.) that makes them easy to identify as valid senders. But the email landscape has probably become a lot harder for small businesses – there are lots of rules and standards to follow, and this potentially acts as a barrier to entry.
How do you define spam?
The definition of spam has definitely changed over time. For us at Virgin Media, spam is basically any emails that our customers don’t want to receive. While we accept that marketing emails can be sent with the best intentions, if they hit a customer on a bad day (perhaps generating a spam complaint notification) that sends a negative signal which informs how we see the sender.
How do you process inbound emails, and what tools/techniques do you use to identify/block potential spam?
Because spam takes so many different forms, we have a very comprehensive approach to dealing with it:
- We use a lot of real-time block lists (RBLs – Spamhaus, Spamcop, etc.). In total we take feeds from 15-20 of these providers.
- All non-block listed email traffic is then passed through Cloudmark (a global security platform that automatically detects and mitigates email abuse and threats). This includes checks for correctly formatted email headers, and use of email authentication, e.g. SPF, DKIM, and DMARC)
- Cloudmark and the RBLs automatically catch around 90% of our inbound spam. For the remaining 10% we then use more granular techniques including elastic search and data comparison to evaluate factors such as where the email is coming from (single vs multiple sources, shared vs dedicated IP addresses, and especially email originating from different countries) – and we use these insights to train Cloudmark. We also rely a lot on our customers marking emails as spam, as well as phishing notifications.
- Another aspect is SMTP (outbound) spam – this is usually where user accounts have been compromised, and we are much stricter in terms of how we handle this. The bulk of Paul’s time is spent dealing with SMTP spam.
What trends are you seeing in the email fraud landscape at the moment?
Some things don’t change – probably 25% of our inbound traffic is still formed of typical Viagra style mailings! But spammers are also very quick to adapt, using big news stories as a pretext for their messages (so-called “Phishing du Jour”). The COVID-19 pandemic, vaccinations, GameStop, and Wallstreetbets are all currently hot topics for the phishing bandwagon.
- As spammers continue getting smarter, we will see a lot more false positives, with email programs unintentionally sending spam (because their legitimate messages look near identical to the fraudulent ones!)
- Botnets are posing a big challenge – They often have 100s of people behind them, but there are only 3 or 4 people “down in the dirt” defending against these attacks.
- The internet of things means that compromised devices don’t just refer to computers and smartphones. We are genuinely seeing HELO records with descriptions like “refrigerator” in them!
What advice do you have for email marketers to ensure they maximise deliverability to Virgin Media subscribers?
Keep your complaint rates low by sending only valuable, relevant content that your subscribers actually want to receive.
- Bulk senders will often use Amazon Web Services (AWS) or Google cloud. This means IP addresses get rotated, which makes senders harder to monitor, opening up the potential for abuse. Senders should use dedicated IP addresses to avoid this.
- Implement industry standard authentication (SPF, DKIM, and DMARC) which to help identify senders as legitimate.
- Sign up with Virgin Media’s complaints feedback loop service (FBL). We have launched this in collaboration with Validity about a year ago and it’s been very successful, delivering a 50% YoY reduction in spam complaints.
- Implement Validity’s Certification program, which is recognised by Cloudmark and provides preferential treatment when emails are evaluated for spam likelihood.
Is it possible for program owners to engage with Virgin Media if they are experiencing deliverability challenges reaching their VM subscribers?
It is – senders can:
- Use the contact address in our bounce notifications.
- Post to one of our Virgin Media forums, which our customer information and security teams actively monitor and will respond to.
Thanks again to Virgin Media for being so generous with their knowledge sharing. Industry collaboration like this means senders and receivers are aligned when it comes to offering their shared a customers the best possible experience. That, after all, is why email is – by some distance – consumers’ preferred channel for receiving marketing messages, and reflecting the trust and relevance they associate with the channel.