List Profile Report

Cleansing Summary

Usage Guidance

Threat Intelligence Detail

Traps Moles Quarantine Seed Key

Delivery Intelligence Detail

Invalid Parked Site Dormant Account Discretionary Certified Safe to Send

Data Export Specs

Testing and Evaluation

File Name: SAMPLE_FILE

Report Date: May 11, 2017

Cleansing Summary iRecipient Count

Raw File. Raw file counts with duplicate entries removed. 1,320,186 (100.0%)

Threat Intelligence

Trap. Purpose-built, Spam-trap, or Honeypot e-mail address, any e-mail 223 messages sent to this address are immediately considered unsolicited. (.0%) Email address has known association of having direct ownership or control over the resources involved with the reception of a message leading to its submission to one or more DNSBL sites.

Mole. Collaborating recipient submission-based or domain-level, 5,911 anti-spam solution with no current, direct ownership of resources (.4%) involved. Yet historical evidence firmly establishes a relationship to one or more DNSBL sites.

Quarantine. Once active traps gone dormant may become reactivated 1,629 during a 90 day period. Yet actively considered certified. (.1%)

Seed. Third party oversight email address used for general monitoring 833 of company's network resources. Removal of litigators and collaborative (.1%) anti-spam activists historically known to purposely seed their email address(es) for the purpose of litigation.

Key. Complex pattern recognition and threat string algorithms designed 579 to remove intra-domain recipients employed by that domain for use as (.0%) spam traps.

Delivery Intelligence

Invalid. Defined as the inability to actually deliver an email message to 30,308 intended recipient's receiving domain per RFC standards. (2.3%)

Parked Site. Email addresses that after careful evaluation have been 2,036 established to be least likely to be responsive or engage. (.2%)

Dormant Account. TLD account with no login activity for a long period 1,783 of time, the recipient account is defined by the provider as “inactive” and (.1%) turned into a form of unknowing collaborator with no non-delivery report (NDR) indicating “no such user” or “mailbox not found” being sent as a response.

Discretionary. We are able to conclude that these email addresses do 57,327 not represent a threat and are safe to send to. These addresses, (4.3%) commonly referred to as “Accept All’s”, contain a domain-wide setting that does not allow for anyone to conclusively verify that these addresses are deliverable.

Certified Safe to Send. Email address with no known reason to expect 1,221,340 a delivery failure or harm to email senders online reputation. (92.5%)

List Profile Report - 05/11/2017 - SAMPLE_FILE Page 2 of 13

Recommended Usage Guidance

The guidelines presented below will ensure you are adhering to email best practices, enabling more emails to reach the inbox. As a result, you will mitigate any risk associated with emailing to potentially “bad” addresses and you will experience additional opens, higher click through rates, increased conversions, and more revenue while protecting your online reputation.

Safe to Send

Send ONLY if Recipient was organically acquired with user-based submission evidence OR has purchase activity within last 90 days (open/click activity excluded)

Do Not Send

Threat Intelligence Detail

Impressionwise’s data intelligence platform is based on policy-driven rule sets and real-time scanning algorithms that use a multi-layered approach to identify, validate and protect against a wide range of e-mail-based threats. These threats, ranging in severity, are broken down into the following categories for flexibility in customized export usage options while providing unprecedented, detailed insight.

Traps, Moles and Quarantine

Trap. Purpose-built, Spam-trap, or Honeypot e-mail address, any e-mail messages sent to this address are immediately considered unsolicited. Email address has known association of having direct ownership or control over the resources involved with the reception of a message leading to its submission to one or more DNSBL sites.

Quarantine. Once active traps gone dormant may become reactivated during a 90 day period. Yet actively considered certified. Quarantined values shown below in ( ).

Mole. Knowing or un-knowing collaborating recipient providing submission-based evidence manually or via automated, domain-level, anti-spam solution with no current, direct ownership of resources involved with the acquisition and processing of this email leading to its submission to a DNSBL. Yet historical evidence firmly establishes a relationship to one or more DNSBL sites.

Brand/ Network Resource/ Deliverability Harm: If your firm is impacted by threats in this section, you need to take immediate action as a laundry list of negative outcomes have potentially already begun ranging from significant deliverability issues to service termination from your ESP or ISP. If ignored, your brand reputation could be permanently tarnished and easily become associated in some circles with known spam organizations such as SpamHaus’s ROKSO or other similar blacklists.

List Profile Report - 05/11/2017 - SAMPLE_FILE Page 3 of 13

DNE Elements Description Type Domains (Quaran) Recip (Quaran)

AB.SURBL.org URIBL Trap 0 (3) 0 (3) Abuseat.org (CBL) RBL Trap 0 0 BBFH RBL Trap 1 (8) 1 (8) Invaluement RBL Trap 3 (4) 3 (4) JP.SURBL.org URIBL (user app net not incld) Trap 1 (134) 1 (139) MailPolice.com RBL Trap 5 (61) 5 (74) MainSleaze SpamBouncer RBL Trap 0 0 Project Honey Pot (http:BL) RBL Trap 0 (3) 0 (3) SORBS.net-BBFH.org RBL Trap 3 (13) 5 (16) SpamCop RBL Trap 5 (7) 8 (8) Spamhaus Contributing Partners Trap 0 0 Spamhaus DBL URI-RBL Trap 0 0 SpamHaus RBL Trap 4 (9) 4 (64) SURBL.org URI-RBL Trap 4 (1) 22 (1) UCE Protect RBL Trap 1 (1) 1 (1) Unspam Technologies Trap 0 0 URIBL.org URI-RBL Trap 7 (1) 9 (1) WS.SURBL.org URIBL Trap 3 (2) 3 (3) Bounce.io Seed Network Mole 0 0 General Spamtrap Contributing Network Mole 0 0 HostKarma RBL Mole 19 (6) 42 (6) MailPolice Contributing Network Mole 0 0 SORBS Contributing Network Mole 0 0 SpamCop Mole Mole 0 0 SpamCop Network Mole Mole 82 (2) 83 (2) SpamHaus Network Mole Mole 55 (8) 105 (73) Spamstophere/ Spamanalyzer.com Mole 68 (13) 81 (15) UCE Protect Network Mole Mole 45 (34) 64 (35) Unspam Technologies RBL Mole 71 (19) 72 (20)

Network Resource/ Deliverability Impacted: Below are threats that could cause some significant delivery and reputational issues. At worst, you will experience continued delivery impacts and may be forced to purchase new sending domain and IP resources in order to achieve optimal deliverability.

DNE Elements Description Type Domains (Quaran) Recip (Quaran) Abusix RBL Trap 1 2 AHBL.org RBL Trap 0 (8) 0 (23) Backscatterer.org RBL Trap 0 0 Barracuda RBL Trap 3 3

List Profile Report - 05/11/2017 - SAMPLE_FILE Page 4 of 13

DNE Elements Description Type Domains (Quaran) Recip (Quaran)

BBQ RBL Trap 10 (1) 13 (1) Cloudmark Anti-Spam Network DNE Trap 0 0 Day Old Bread-SupportIntelligence.com URIBL Trap 0 (8) 0 (12) DeadBeef RBL Trap 0 0 Fail2Ban/ Blocklist.de Reporting Service RBL Trap 25 (7) 27 (10) Internet Defence Systems RBL Trap 0 (1) 0 (1) Kempt.net RBL Trap 0 0 MailSpike RBL Trap 0 0 Mobile Device FTC DNE Trap 0 0 NJABL.org RBL Trap 0 (2) 0 (8) NoSolicitado.org Trap 19 (10) 26 (43) NSZones URIBL Trap 0 (2) 0 (4) Passive Spam Block List Trap 0 0 Polar Communictions RBL Trap 2 2 RFC-Ignorant RBL Trap 0 0 Spambulance RBL Trap 0 0 SpamCannibal RBL Trap 0 (142) 0 (216) SpamEatingMonkey.net RBL Trap 5 (3) 7 (4) Spamgrouper.com Trap 0 0 SpamRats.com RBL Trap 3 4 StopSpam.org RBL Trap 0 0 V4BL RBL Trap 0 0 WPBL (Weighted Private Block List) RBL Trap 0 0 Invalument Contributing Network Mole 5 6 MaySoft SpamSentinel DNE Mole 0 0 NJABL.org Network Mole Mole 6 6 Redcondor Anti-Spam Network DNE Mole 639 (51) 4,522 (111) SURBL Contributing Network Mole 0 0 SURBL JP (jwSpamSpy + Prolocation) Mole 4 4 SURBL OB (Outblaze) Mole 1 1 SURBL SC (SpamCop/Spamvertised Site) Mole 0 0 SURBL WS (Bill Stearns' SpamAssassin) Mole 2 (1) 2 (1) URIBL Contributing Network Moles Mole 1 (1) 1 (1)

Impacted Delivery: The following threats will result in temporal delivery issues, diminishing your campaign's outreach and effectiveness. Prolonged sending of these threats may result in longer lasting temporary blocks leading to eventual permanent blocking of your emails. There is minimal overall brand and sending resource reputational harm from these items.

List Profile Report - 05/11/2017 - SAMPLE_FILE Page 5 of 13

DNE Elements Description Type Domains (Quaran) Recip (Quaran)

Abuse.ch Swiss Security Network Trap 0 0 BlakJak RBL Trap 0 0 Burnt-Tech DNSBL Trap 0 0 CanTV DNSBL Trap 0 0 CASA RBL Trap 0 0 Choon RBL Trap 0 0 Cyberlogic DNSBL Trap 0 (1) 0 (4) Cymru Bogon DNSBL Trap 0 (4) 0 (7) Cyveillance Threat Intelligence Network Trap 0 0 D. D. N. S. B. L. RBL Trap 0 0 dnsbl.othello.ch DNSBL Trap 0 0 DNSBLChile RBL Trap 0 0 DRBL Trap 0 0 DSBL.org RBL Trap 0 (4) 0 (4) Dynamic Domain Name Spoofers RBL Trap 0 0 eBlockade.com RBL Trap 0 0 EFnet RBL Trap 0 0 Emailbasura DNSBL Trap 0 0 FusionZero RBL Trap 0 0 HostsControl DNSBL Trap 0 0 IBM DNS Blacklist Trap 1 1 Intercept DNS RBL Trap 0 0 Interserver DNSBL Trap 0 0 iX RBL Trap 0 0 JIPPGs RBL Project Trap 0 0 Karmasphere RBL Trap 0 0 KISA-RBL Trap 0 0 MXRate RBL Trap 0 0 NiX Spam DNSBL Trap 0 0 No-More-Funn RBL Trap 0 0 NoToSpam.com Trap 0 0 Nukesapm.org RBL Trap 0 0 ORBITrbl RBL Trap 0 (1) 0 (1) Pedantic RBL Trap 0 0 PowerWeb DNSBL Trap 0 0 Quorum Listing Service Trap 0 0 Redhawk RBL Trap 0 0 S5H RBL Trap 0 0 Scientific Spam RBL Trap 0 0 Shlink URI-RBL Trap 0 0

List Profile Report - 05/11/2017 - SAMPLE_FILE Page 6 of 13

DNE Elements Description Type Domains (Quaran) Recip (Quaran) Solid Clues RBL Trap 0 (2) 0 (8) South Korean Network RBL Trap 0 0 Spamblock DNSBL Trap 0 0 SpamChampuru DNSBL Trap 0 0 SpamLab RBL Trap 0 (29) 0 (31) SpamStinks Anti-Spam Trap 5 (2) 5 (2) Technovision Spamsource RBL Trap 0 0 Tiopan Consulting RBL Trap 0 0 Toasted Spam Trap 0 0 TornevallNET DNSBL Trap 0 0 TRBL DNSBL Trap 10 (2) 11 (2) TRIUMF.ca DNSBL Trap 0 0 Unsubscribe Blacklist (UBL) RBL Trap 0 0 Webequipped DNSBL Trap 0 0 ZapBL DNSBL Trap 0 0 Zenon.net RBL Trap 0 0 ZoneEdit combined DNSBL Trap 0 (4) 0 (4) Abuse.ro URIBL Mole 0 0 Barracuda Contributing Network Mole 333 (33) 465 (58) Clean-MX Anti-Spam Mole Network RBL Mole 0 0 Cloudmark Contributing Network Mole 0 0 Commtouch Anti-Spam Network DNE Mole 48 (7) 51 (7) NSZones URIBL Mole 9 10 Othello.ch DNSBL Mole 0 0 ReturnPath Contributing Network Mole 0 0 SURBL PH (Phishing/ Malware Site) Mole 1 2 TrendMicro Contributing Network Mole 120 (11) 137 (29) Websense Anti-Spam Network DNE Mole 0 0

Seeds

Specifically defined as a third party oversight email address used for general monitoring of company and company's network resources used. Also this category includes litigious address removal – removal of litigators and collaborative anti-spam activists historically known to purposely seed their email address(es) for the purpose of litigation.

DNE Elements Description Domains (Quaran) Recip (Quaran)

Disposable Email Address 1 1 Non-Individual, Group or Role Account 0 0

List Profile Report - 05/11/2017 - SAMPLE_FILE Page 7 of 13

DNE Elements Description Domains (Quaran) Recip (Quaran)

General Monitoring Seed 1 20 Habitual Domain Protestors 357 765 Habitual Recipient Protestors 17 31 LashBack Seed 12 16 Litigious/ Anti-Spam Activist Seed 1 1 Phish Labs Cybercrime Intelliegence 0 0 Returnpath.net-Sendercore Seed 0 0

Keys

Collection of complex pattern recognition and threat string algorithms designed to remove recipient-based, intra-domain recipients employed by that domain for use as spam traps.

DNE Elements Description Domains (Quaran) Recip (Quaran) Heuris. Recip Numeric Complex Pattern 0 0 Heuristic DomainKey 271 578 Heuristic RecipientKey 0 0 Heuristic RecipientKey Complex Pattern 0 0 Offensive KeyWord 0 0

Delivery Intelligence Detail

Impressionwise's Delivery Intelligence scans focus on items that are specific to your list's deliverability that may have a less-lasting negative impact or cause harm to brand and reputation. These categories may impact your ability to deliver, and if hit, may cause unnecessary bouncing. These threats, ranging in severity, are broken down into the following categories for flexibility in customized export usage options while providing unprecedented, detailed insight.

Address Validation

Once first tiered DNE (do not email) elements (traps, moles, parked sites, etc.) have been removed the second greatest threat to your message deliverability and eReputation is bounced addresses. Bounces come in many forms some temporal (mail box full, etc.) while others are permanent notifications (mailbox not found, etc.) Even if you have a trap-free or “clean” list, sending to bounced email addresses can cause great harm as most large ISP’s (AOL, Yahoo, Gmail, Hotmail, etc.) use this information in the form of a bounce rate to determine whether or not to accept any future mail from your sending domain.

List Profile Report - 05/11/2017 - SAMPLE_FILE Page 8 of 13

Invalid Elements Description Domain Count Recipient Count Failed Domain DNS Validation 646 1,497 Invalid Recipient 2,148 26,183 Malformed DomainName 0 0 Malformed Recipient Address 1 505 No Domain MX Record Present 186 332 Non Responsive Domain MX 5 5 Null MX/ Domain Blackhole 3 3

Parked Resources

This site intelligence gives you the leverage of avoiding sending email traffic to millions of unused and parked website domains. Since parked domains have previously not been configured for email by the owner, any recipient is by definition, invalid and being spammed as they receive email in the form of a catch-all/role account.

Identified Elements Description Domain Count Recipient Count

Domain Actively Advertised For Sale/CyberSquating 25 40 Domain Pending Renewal or Deletion 1 3 Domain Suspended or Expired 34 34 Parked Domain 613 659 Parked Site 441 1,300

Dormant Accounts

Email addresses are not permanent. When there has been no login activity for a long period of time, the recipient account is defined by the provider as “inactive” and turned into a form of unknowing collaborator with no non-delivery report (NDR) indicating “no such user” or “mailbox not found” being sent as a response. Thus any email sent during this period of time before account deactivation is assumed, in the collective, as spam and its email signature mapped and used to block any email to other active recipient accounts within the domain.

Provider Description Domain Count Recipient Count AOL Invalid 1 123 Gmail Invalid 1 97 Hotmail, MSN, Live, Outlook 1 254 Yahoo Invalid 1 1,309

List Profile Report - 05/11/2017 - SAMPLE_FILE Page 9 of 13

Discretionary

These addresses, commonly referred to as “Accept All’s”, contain a domain-wide setting that accepts every single email received. It can be impossible to determine the validity of the address. These types of email addresses are commonly used in small businesses, and in some cases, the server will accept the emails sent and then bounce it back to the sender. At Impressionwise, we have the ability to determine these addresses are not riddled with spam traps or other severe threats, so a potential bounce is your greatest threat when sending to these recipients. If your list was obtained organically and you are confident in the address's validity, these addresses may be used at your discretion.

Description Domain Count Recipient Count

Catch-All 9,196 35,508 Catch-All Type 2 1,957 21,819

List Profile Report - 05/11/2017 - SAMPLE_FILE Page 10 of 13

Data Export Specifications

Manifest of deliverables contained within compressed file named:

Example: SAMPLE_FILE.zip

The following export files contain the full row of fields initially provided in comma-delimited or CSV files unless noted otherwise:

Cleaned. Once a file has completed processing, it will be placed in this folder as a compressed (zip) file of the same name as the original file.

Within the compressed file you will find the following files and folders:

SAMPLE_FILE-CERTIFIED.csv (1,221,340)

All addresses in this file have been certified safe to send. You may upload this list to your ESP and send to each address with full confidence. This file is comprised of certified safe to send and network protected recipients.

SAMPLE_FILE-DISCRETIONARY.csv (57,327)

We are able to conclude that these email addresses do not represent a threat and are safe to send to, we were unable to conclusively verify that these addresses are deliverable. These addresses, commonly referred to as “Accept All’s”, contain a domain-wide setting that accepts every single email received providing no invalid responses to our requests. We advise sending this group initially on a separate network (domain/IP) to confirm bounce ratio is within acceptable norms before sending thru your main sending network.

SAMPLE_FILE-SUPPRESS.csv (41,519)

All addresses in this file should be entirely removed from your active mailing list as they have been classified as “Do Not Email”. These addresses contain various reputation and deliverability threats and should be avoided. You may use this list as a suppression file to be uploaded to your ESP for ease of use. This export contains the following threat classifications: Trap, Mole, Quarantine, Seed, Key, Invalid, Parked Site, and Dormant Account classified recipients.

Details. At Impressionwise we want to empower you with the knowledge to create a combination of your results that achieves your desired goals. A tool for our most advanced users, our details subfolder contains the individual exports that will allow for customized suppression versus the recommended DNE provided within the root of the compressed file.

SAMPLE_FILE-CERTDOM.csv (1,217,275)

List Profile Report - 05/11/2017 - SAMPLE_FILE Page 11 of 13

These addresses have been classified as certified safe to send with the mail server being of domestic US origin.

SAMPLE_FILE-CERTINT.csv (4,065)

These addresses have been classified as certified safe to send with the mail server being of non-US or international origin.

SAMPLE_FILE-NETPROTECT.csv (7,443)

To address specific deliverability challenges, use the below network protected codes provided within the exports to allow for individual classification suppression. https://www.impressionwise.com/kb/npdcodes.html.

Reports. Contains a PDF based summary of results. This List Profile Report references the data we purport to be undeliverable versus validated and trap free. Our line item reporting and detailed documentation will provide you with a detailed analysis identifying the exact cause of the individual spam traps/ non-deliverable elements within your data as well as probable cause(s) that may be affecting the deliverability of your messages.

Testing and Evaluation

As such, we recommend the following testing methods when declining the recommended use of the Suppress or DNE export in lieu of a customized suppression based on one or more of the individual exports within the Details sub-folder. To ensure a successful evaluation, ensure proper A/B testing procedures are followed. As the name implies, two versions (A and B) are compared, which are identical except for one variation that might affect deliverability and e-reputation of each network’s resources (domain and IP used). Simply stated, in network A use the recommended DNE and for network B make use of the combination of individual suppressions to conduct the desired test.

List Profile Report - 05/11/2017 - SAMPLE_FILE Page 12 of 13

General Disclaimer: Every reasonable effort is made to locate all known traps and threat classification elements mentioned herein, yet due to the constantly changing and dynamic nature of the online environment, we can not guarantee the results or deliverable will be free of any/all traps or threat classification elements identified within this report.

This document contains Confidential, Proprietary and Trade Secret Information (“Confidential Information”) of Impressionwise, LLC and may not be copied, distributed, duplicated, or otherwise reproduced in any manner without the prior written consent of Impressionwise, LLC.

While every attempt has been made to ensure that the information in this document is accurate and complete, some typographical errors or technical inaccuracies may exist. Impressionwise does not accept responsibility for any kind of loss resulting from the use of information contained in this document. The information contained in this document is subject to change without notice.

The recognized authority in delivery and threat intelligence