Managing email deliverability effectively requires insight into how major mailbox providers perceive your sending reputation. Microsoft Smart Network Data Services (SNDS) is a crucial tool for anyone sending email to Outlook.com and Hotmail users. It provides data on your email volume, complaint rates, and spam trap hits, helping you diagnose and prevent deliverability issues, including being placed on a Microsoft blocklist (or blacklist).
While having one person manage your SNDS account might suffice for small operations, larger teams or organizations need multiple individuals to access this data. This allows for shared responsibility in monitoring sender reputation, troubleshooting problems, and ensuring smooth email operations. Adding users to SNDS is not as straightforward as it is with some other platforms, but it is certainly achievable.
This guide outlines the process of adding users to your Microsoft SNDS account, detailing the steps involved, and offering best practices to streamline team access to this critical email deliverability tool.
Understanding Microsoft SNDS access
Microsoft SNDS access is fundamentally tied to a Microsoft account. Unlike some other postmaster tools that offer granular user management permissions, SNDS operates on a system where each individual who needs access must link the IP addresses or ranges to their own Microsoft account. This means there isn't a direct 'add user' button for sharing access within the portal itself, as you might find in other administrative interfaces.
The initial setup typically involves one primary Microsoft account requesting access to an IP address or range, often verified through an email sent to the abuse@ or postmaster@ email address associated with that IP's WHOIS record. Once this initial access is granted, other team members who require viewership of the same IP data must follow a similar process.
This decentralized access model means that while it isn't possible to add users in the traditional sense, you can enable multiple individuals to request access to the same IP ranges, which then requires validation from the registered contacts for those IP ranges. This ensures that only authorized parties can view sensitive email deliverability data for specific IPs, reducing the risk of unauthorized access or misuse.
Steps to grant individual user access
To enable another team member to access your Microsoft SNDS data, they must initiate their own request. Here are the steps they will need to follow, and where your assistance may be required for validation:
Create a Microsoft account: Each user needs a Microsoft account to log into SNDS. They can use an existing Outlook.com, Hotmail, or Live account, or create a new one. Crucially, they can create a Microsoft account using their existing company email address (e.g., a Gmail or custom domain email), without needing to switch to a Microsoft mailbox.
Request access to IPs: Once logged in with their Microsoft account, the new user should navigate to the Microsoft SNDS portal. They will then select the Request Access option and input the specific IP addresses or IP ranges for which they need access. Ensure they enter the correct IP addresses that your organization uses for sending email.
Validate the request: After the request is submitted, Microsoft sends an authorization email to the abuse@ or postmaster@ contact for the specified IP address (as per WHOIS information). The person with access to this mailbox must approve the request for the new user to gain SNDS access. It is important to ensure these WHOIS contacts are up-to-date and monitored. If you are not receiving these emails, consult our guide on why you might not be receiving Microsoft SNDS authorization emails.
This process must be repeated for every individual who needs independent access to the SNDS portal. This can sometimes feel cumbersome, but it is Microsoft's way of ensuring that access is properly authenticated and authorized for each user.
Important Note on Email Validation
The validation email from Microsoft is sent to the WHOIS contact email for the IP address. If your organization doesn't control these email addresses (e.g., if you're using an Email Service Provider), you will need to coordinate with them to get the request approved. Refer to our guide on how to get Microsoft SNDS access when using an Email Service Provider for more details.
Managing team access and best practices
While Microsoft's approach to SNDS access can be a bit challenging, especially when compared to simpler user management systems, there are best practices to make it more manageable for your team.
One common question revolves around sharing logins versus setting up individual accounts. Each approach has its merits and drawbacks, particularly concerning security and ease of use:
Shared Account
Pros: Simple to set up initially, as only one Microsoft account needs to be created and validated.
Cons: Significant security risk if credentials are leaked. Lack of individual accountability for actions within the SNDS portal. Difficulty in revoking access for departing team members.
Individual Access
Pros: Enhanced security, as each user has their own login. Clear audit trail for actions taken. Easy to revoke access when a team member leaves without affecting others.
Cons: More complex initial setup, requiring validation for each user. Potential for delays if WHOIS contacts are not responsive.
I recommend pursuing individual access for all team members who need it. While it may require more coordination initially, it provides a much more secure and manageable long-term solution. You can also monitor who else has access to view an IP range directly within the SNDS portal, allowing you to maintain oversight of all granted permissions.
Troubleshooting common access issues
Despite following the steps, you might encounter issues when attempting to add new users to SNDS. These typically revolve around the validation process or the status of the IP address itself. Common problems include:
Authorization email delays or non-receipt: The most frequent issue is the validation email not arriving in a timely manner, or at all. This could be due to spam filters, incorrect WHOIS contact information, or network issues. Always check spam or junk folders, and verify the WHOIS contact email for accuracy. Our article on SNDS authorization email delays can provide more detailed troubleshooting steps.
IP already linked to another account: If an IP address is already associated with a Microsoft account that your team does not control, you will need to resolve this. Our guide on resolving SNDS issues with already added IPs can help you navigate this scenario.
Incorrect IP address or range: Double-check that the exact IP addresses or ranges are entered correctly. A small typo can prevent access.
Clear communication among your team regarding who is responsible for SNDS access and validation emails is paramount to avoiding delays and frustration. Consider setting up a dedicated team email address (e.g., deliverability@yourdomain.com) as the WHOIS contact email, and then create a Microsoft account with that alias to centralize validations.
Summary
While adding users to Microsoft SNDS isn't a simple click-and-add process, understanding Microsoft's account-based access model is key. By having each team member create their own Microsoft account and individually request SNDS access, you maintain better security and accountability for your email program.
Monitoring your SNDS data is vital for ensuring your emails reach the inbox and avoid landing on a blocklist (or blacklist). Proactive management of this tool, along with other essential email authentication protocols like DMARC monitoring and blocklist monitoring, will significantly contribute to your overall email deliverability success.
Views from the trenches
Best practices
Always use a dedicated Microsoft account (perhaps a shared team account) for SNDS to streamline validation and access management.
Regularly check the WHOIS records for your IP addresses to ensure the contact emails are correct and monitored, as these receive validation requests.
Establish a clear internal process for new team members to request SNDS access and for the designated WHOIS contact to approve these requests.
Set up alerts for the WHOIS contact email so validation requests are noticed and acted upon promptly, minimizing delays in access grants.
Common pitfalls
Sharing a single Microsoft SNDS login across multiple team members, leading to security risks and lack of accountability for data access.
Not monitoring the WHOIS contact email addresses for your IP ranges, causing delays or missed authorization requests for new users.
Assuming that SNDS works like other user management platforms, expecting a direct 'add user' feature instead of individual access requests.
Forgetting to revoke SNDS access for former team members, posing a potential security vulnerability.
Expert tips
If your organization uses an Email Service Provider, clarify with them how they handle SNDS access and validation, as they might control the WHOIS contacts for your sending IPs.
For large organizations, consider automating the monitoring of WHOIS contact emails to quickly identify and act on SNDS authorization requests.
Regularly review the 'who else has access' section in SNDS to ensure that only current, authorized personnel have access to your IP data.
Educate your team on the importance of SNDS data and the proper procedures for requesting and maintaining access, fostering a proactive deliverability culture.
Marketer view
Marketer from Email Geeks says sharing a login is an option, but it's a pain for new users to request and validate their own separate login.
2019-11-08 - Email Geeks
Marketer view
Marketer from Email Geeks says they make team members use their company email addresses for SNDS, which helps ensure that if they leave the company, they can no longer access the data.
Outlook.com and Hotmail users. It provides data on your email volume, complaint rates, and spam trap hits, helping you diagnose and prevent deliverability issues, including being placed on a Microsoft blocklist (or blacklist).
