Sender Protection: Reputation Shield helps maintain your sender reputation by preventing emails to known problematic domains that could damage your deliverability scores.
Why Use Reputation Shield?
Your sender reputation directly impacts email deliverability. Sending to toxic, temporary, or typo-squatted domains can:- Damage sender reputation through high bounce rates and spam complaints
- Waste resources on invalid or temporary recipients
- Enable fraud by allowing bad actors to create fake accounts
- Expose users to attacks through typo-squatted domains used for phishing
Protection Types
Reputation Shield provides two distinct protection mechanisms:Toxic & Tempmail Filtering
200,000+ blocked domainsAutomatically reject emails to known toxic and temporary email domains
Typo Detection
Common misspellings blockedPrevent delivery to typo-squatted domains that attackers use for phishing
Toxic & Temporary Email Filtering
What Are Toxic Domains?
Toxic domains are email domains with low reputation scores that are frequently used by bad actors for:- Phishing attacks to steal user credentials
- Spam campaigns that damage sender reputation
- Account takeover attempts and other malicious activities
- Fraud and abuse of trial offers and promotional codes
What Are Temporary Email Domains?
Temporary email (tempmail) services provide disposable email addresses that users leverage to:- Bypass trial limitations by creating multiple accounts
- Generate fake accounts on your platform
- Avoid legitimate communications from your service
- Abuse promotional offers and discount codes
How It Works
When toxic and tempmail filtering is enabled:- Pre-send validation: AhaSend checks each recipient domain against our database of 200,000+ known toxic and temporary email domains
- Automatic rejection: Matching domains are immediately rejected
- Error response: Your application receives a clear error message
- Real-time updates: Our blocklist is continuously updated with newly identified toxic domains
Database Updates: Our toxic domain database is continuously updated based on threat intelligence from multiple sources, ensuring protection against emerging threats.
Rejection Response
When an email is blocked due to toxic or tempmail domain:- SMTP: During the RCPT TO command
- API: In the response body with appropriate HTTP status code
Typo Detection & Prevention
The Typo-Squatting Threat
People make typing mistakes. They entergmil.com
instead of gmail.com
or outlok.com
instead of outlook.com
. Attackers exploit these mistakes by:
- Registering misspelled domains of popular email providers
- Accepting all incoming emails to these domains
- Harvesting sensitive information from misdirected emails
- Using collected data for targeted phishing attacks
How Typo Detection Works
When typo detection is enabled:- Pattern matching: AhaSend identifies common misspellings of major email providers
- Domain verification: Checks if the recipient domain matches known typo patterns
- Automatic blocking: Prevents delivery to detected typo domains
- User protection: Shields your users from potential security threats
Common Typo Examples
Gmail Typos
Gmail Typos
Protected variations include:
gmil.com
,gmai.com
,gmial.com
gmaill.com
,gmailcom
,gmail.co
gmal.com
,gmeil.com
,gmail.cm
Outlook/Hotmail Typos
Outlook/Hotmail Typos
Protected variations include:
outlok.com
,outlook.co
,outlool.com
hotmial.com
,hotmal.com
,hotmil.com
hotmall.com
,hotmai.com
,hotmeil.com
Yahoo Typos
Yahoo Typos
Protected variations include:
yaho.com
,yahooo.com
,yahoo.co
yhoo.com
,yaoo.com
,yaho.com
yahho.com
,yahhoo.com
,yahoo.cm
Rejection Response
When an email is blocked due to domain typo:User Experience: Consider implementing client-side typo detection in your signup forms to catch these errors before submission, providing a better user experience while maintaining security.
Enabling Reputation Shield
Access Security Settings
Navigate to your account security options:
- Log in to your AhaSend dashboard
- Go to Account Settings from the main menu
- Click the Security tab in the sidebar
Configure Toxic Domain Filtering
Enable toxic and tempmail domain protection:
- Locate “Toxic & Tempmail Domain Filtering” section
- Toggle the feature to “Enabled”
- Review the description to understand the protection scope
This will immediately begin blocking emails to our database of 200,000+ known toxic and temporary email domains.
Configure Typo Detection
Enable typo-squatting protection:
- Locate “Domain Typo Detection” section
- Toggle the feature to “Enabled”
- Review the common typo patterns that will be blocked
Ensure your legitimate recipient domains don’t match typo patterns before enabling this feature.
Save Configuration
Apply your security settings:
- Click “Save Settings” at the bottom of the page
- Wait for confirmation message
- Test with a known toxic domain to verify activation
Settings take effect immediately across all sending methods (SMTP and API).
Implementation Considerations
Handling Rejections in Your Application
When Reputation Shield blocks an email, your application should:- SMTP Integration
- API Integration
User Experience Best Practices
Form Validation
Form Validation
Implement client-side validation:
- Add real-time typo detection to signup forms
- Suggest corrections for common misspellings
- Warn users about temporary email addresses
- Provide clear error messages explaining why an email was rejected
Error Messaging
Error Messaging
Provide helpful feedback:
- Explain why the email address was rejected
- Suggest using a permanent email address for tempmail rejections
- Offer domain corrections for detected typos
- Avoid technical jargon in user-facing messages
Alternative Options
Alternative Options
Offer alternatives when appropriate:
- Allow users to request manual review for false positives
- Provide a whitelist process for legitimate edge cases
- Consider implementing a warning instead of blocking for certain use cases
Benefits
Security Advantages
Reputation Protection
Maintain high sender scores by avoiding problematic domains that generate bounces and complaints
Fraud Prevention
Block fake account creation and trial abuse using temporary email addresses
User Safety
Protect users from accidentally sending sensitive information to typo-squatted domains
Resource Optimization
Save sending resources by filtering invalid recipients before transmission
Operational Benefits
- Reduced bounce rates from invalid or non-existent domains
- Lower complaint rates by avoiding spam trap domains
- Improved deliverability through better sender reputation
- Decreased fraud from temporary email abuse
- Enhanced security posture against phishing attacks
Monitoring and Analytics
Track the effectiveness of Reputation Shield through:- Rejection logs: Monitor blocked attempts in your application logs
- Pattern analysis: Identify trends in rejected domains
- False positive tracking: Review any legitimate domains incorrectly blocked
- Security metrics: Measure reduction in fraud and abuse
Regular Review: Periodically review rejection patterns to identify potential attacks or abuse campaigns targeting your service.
FAQ
Can I whitelist specific domains?
Can I whitelist specific domains?
Currently, Reputation Shield operates at the account level without domain-specific whitelisting. If you have legitimate use cases for domains being blocked, contact support for assistance.
How often is the toxic domain list updated?
How often is the toxic domain list updated?
Our toxic domain database is continuously updated based on threat intelligence from multiple sources. Updates are applied automatically without any action required from you.
Will this block legitimate corporate domains?
Will this block legitimate corporate domains?
Reputation Shield is designed to minimize false positives by focusing on known toxic, temporary, and typo-squatted domains. Legitimate corporate domains are not affected.
Can I get a list of blocked domains?
Can I get a list of blocked domains?
For security reasons, we don’t provide the complete list of blocked domains. This prevents bad actors from finding domains not yet on the list.
Does this affect transactional emails?
Does this affect transactional emails?
Yes, Reputation Shield applies to all outgoing emails including transactional messages. This ensures comprehensive protection across all email types.