Summary
Inbox providers generally avoid directly sharing user-specific deliverability data, primarily due to privacy concerns and the principle of independent assessment. However, a robust ecosystem of indirect data sharing and collaboration exists to combat spam and improve overall email security. This includes sharing aggregate data, participating in threat intelligence programs (like MAPP), using feedback loops (FBLs) to process complaint data, and utilizing shared blacklists and whitelists. Industry collaboration through groups and conferences also facilitates information sharing and coordinated efforts. The shared information is mostly focussed on threat data related to malicious actors and botnets.
Key findings
- No Direct User Data Sharing: ISPs prioritize user privacy and generally refrain from directly sharing user-specific deliverability data.
- Threat Data Collaboration: ISPs routinely share threat intelligence, including data on botnets and malicious actors, to enhance collective security.
- Feedback Loops (FBLs): Feedback loops allow senders to receive data on user complaints, indirectly informing ISP filtering decisions.
- Shared Reputation Systems: Shared blacklists and whitelists influence deliverability across multiple ISPs.
- Industry Groups & Standards: Industry groups and standards like ARF facilitate information sharing and coordinated efforts against spam.
- Aggregate Data Sharing: Some email providers share aggregate data and cooperate on threat intelligence, without revealing user-specific details.
- Yahoo/ATT Backend Relationship: Historically, Yahoo handled the backend for AT&T's email, which explains correlation between Yahoo and AT&T delivery.
Key considerations
- Reputation Management is Key: Maintaining a positive sending reputation is crucial, as reputation data influences deliverability even without direct data sharing.
- Monitor Feedback Loops: Actively monitor and respond to feedback loop data to address user complaints and improve sending practices.
- Proactive Security Measures: Implement robust security measures to prevent being flagged as a source of threats, affecting your overall reputation.
- Focus on Best Practices: Adhering to industry best practices, such as DMARC, can help improve deliverability and trust with ISPs.
- Understand Independent Filtering: Recognize that while collaboration exists, each ISP independently assesses email, and what works for one may not work for another.
What email marketers say
11 marketer opinions
While inbox providers generally do not directly share user-specific deliverability data, they indirectly share information and collaborate in various ways to combat spam and improve email security. This includes sharing aggregate data, threat intelligence, and using feedback loops, blacklists, and industry collaboration to identify and mitigate widespread threats.
Key opinions
- Indirect Data Sharing: ISPs share aggregate data, threat intelligence, and use mechanisms like feedback loops (FBLs) rather than directly sharing user-specific deliverability metrics.
- Reputation Sharing: Reputation data is shared indirectly through blacklists and whitelists, which are used by multiple providers, impacting deliverability.
- Threat Intelligence: Email providers collaborate on identifying and mitigating widespread threats like botnets and phishing campaigns through joint industry efforts and data sharing platforms.
- Industry Collaboration: Industry groups and conferences facilitate informal data sharing and collaboration among email providers.
- Third-Party Blocklists: Several email providers subscribe to common blocklists managed by third-party organizations, impacting deliverability if listed.
- Yahoo and AT&T: Yahoo used to handle the backend for AT&T's email, so Yahoo best practices may also lift results for sbcglobal and att.net.
Key considerations
- Holistic Approach: Deliverability depends on more than just direct data sharing; it's influenced by reputation, threat intelligence, and industry collaboration.
- Reputation Management: Maintaining a positive sender reputation across all providers is crucial, as a negative reputation with one can impact deliverability elsewhere.
- Feedback Loops: Utilizing and monitoring feedback loops to remove users who mark messages as spam is essential for maintaining a healthy sending reputation.
- Blacklist Monitoring: Regularly check to ensure you're not on any shared blacklists to prevent deliverability issues.
- Threat Prevention: Implementing robust security measures to prevent malicious activity or botnet compromises is crucial for maintaining a good sender reputation.
Marketer view
Marketer from Email Geeks suggests that it would be shocking to know if ISPs are sharing data with each other, as that is exactly the bad practice they punish when brands use third-party data, indicating it is highly unlikely.
18 Feb 2025 - Email Geeks
Marketer view
Email marketer from Reddit mentions that while explicit deliverability data is not shared, ISPs use similar spam filtering technologies and share threat intelligence, leading to correlated outcomes. If one ISP identifies a sender as malicious, others may independently reach the same conclusion.
16 Nov 2021 - Reddit
What the experts say
4 expert opinions
Inbox providers generally avoid direct sharing of user-specific deliverability data due to privacy concerns and the principle that each provider independently assesses mail. However, they do share threat data related to malicious actors and botnets. Additionally, indirect data sharing occurs through feedback loops, which provide senders with complaint data, and shared blacklists, influencing filtering decisions across multiple ISPs.
Key opinions
- No Direct Sharing of User Data: ISPs do not directly share user data or preferences due to privacy implications and independent evaluation.
- Threat Data Sharing: ISPs share threat data related to malicious actors and botnets to protect their users collectively.
- Indirect Sharing via Feedback Loops: Feedback Loops (FBLs) provide senders with data on user complaints, indirectly informing ISP filtering decisions.
- Shared Blacklists: Shared blacklists influence deliverability across multiple ISPs.
Key considerations
- Focus on Reputation: Maintaining a positive sending reputation is crucial, as reputation data influences deliverability across multiple ISPs, even without direct data sharing.
- Monitor Feedback Loops: Actively monitor and respond to feedback loop data to address user complaints and improve sending practices.
- Prioritize Security: Ensure robust security measures are in place to prevent becoming a source of threat data shared among ISPs.
- User Preferences Vary: Understand that just because a segment of users likes your mailings, does not mean that all ISPs will view your email in a positive way.
Expert view
Expert from Word to the Wise explains that while the idea of direct data sharing between ISPs is a myth, they do share *threat* data such as botnets or other malicious actors, and also indirectly share through Feedback Loops and shared blacklists.
18 Dec 2024 - Word to the Wise
Expert view
Expert from Email Geeks explains that ISPs are very clear that "just because X likes your mail doesn’t mean we do" and that there are privacy implications to sharing user data with 3rd parties.
18 Oct 2022 - Email Geeks
What the documentation says
4 technical articles
While inbox providers may not share specific user deliverability data directly, they actively share information regarding network and email threats to enhance security and combat spam. This data sharing occurs through industry consortiums, threat intelligence programs, and standardized reporting formats like ARF. Collaboration allows providers to improve spam detection and protect their users collectively.
Key findings
- Threat Data Sharing: ISPs routinely share information about network threats and malicious actors to enhance collective security.
- Industry Collaboration: Providers such as Google and Microsoft participate in industry consortiums and data-sharing initiatives to improve spam detection.
- Standardized Reporting: Abuse Reporting Format (ARF) is used by email providers to report spam and abuse, enabling coordinated action against malicious senders.
- Enhanced Protection: Collaboration enhances the ability of each ISP to protect its own network and users.
Key considerations
- Security Focus: Data sharing is primarily focused on security threats rather than specific user deliverability data.
- Indirect Deliverability Impact: While data sharing is primarily for threat mitigation, it indirectly impacts deliverability by improving overall spam filtering accuracy.
- Compliance: Adhering to industry standards and best practices for security can help prevent being flagged as a source of threats.
- Active Participation: Active participation in threat intelligence programs can help keep up to date and assist in improving deliverability.
Technical article
Documentation from IETF explains Abuse Reporting Format (ARF) which is used by email providers to report spam and other abuse. This information is shared, enabling other providers to take action against malicious senders.
11 Nov 2024 - IETF
Technical article
Documentation from Google Workspace Admin Help explains that Gmail uses various signals including user reports, sender reputation, and content analysis to filter spam. Google shares aggregated, anonymized threat data with other providers through industry consortiums to improve overall spam detection capabilities across the internet.
2 Feb 2025 - Google Workspace Admin Help
Are abuse reports and feedback loops (FBLs) still useful in email marketing, and how do they work with different email clients?
Are spam complaint rates siloed by provider affecting deliverability?
Can a competitor damage my domain reputation by sending spam with links to my site?
Do ISPs differentiate between single and bulk spam reports when evaluating email sender reputation?
Do ISPs provide 'not spam' feedback data, and how can ESPs use it?
How can ESPs identify and block spammers before they damage IP reputation?
How can spam complaints and bad content choices impact email deliverability?
How do DMARC, spam complaints, and IP reputation affect email deliverability and rejections?
How do ESPs collect Yahoo FBL data using double DKIM signing?
How do spam complaints and user interaction affect domain reputation?
How do spam complaints from Google and Yahoo inform ESPs, and how should ARF reports be used?
