Message Delivery

Preparing for Message Delivery

Technical Details for Adjusting Campus Spam Filters

IP addresses of the NSSE mail-relay: 129.79.1.58, 129.79.1.59, 134.68.220.35, 134.68.220.40
Bounce coding address: 156.56.127.137
Addresses (please add all to allowlist):
- From email: nsse@nssesurvey.org
- Reply to: help@nssesurvey.org
- Bounce domain: bounce.nssesurvey.org
Sending speed: Messages are sent using a bulk email program that sends 100 or more messages per minute per institution.
Sending window: Between 7 a.m. and 10 p.m. local time on your scheduled delivery days. NSSE is unable to specify the exact time of day messages will be delivered.

Working with Commercial Email Providers (Microsoft, Google, etc.)

It’s not always easy to confirm that messages have been successfully delivered to student inboxes when using commercial email providers. For example, in a recent NSSE administration a campus contact notified NSSE with concern over low response rates. There was no evidence of technical issues; however, after several days of investigation by campus IT staff it was discovered to be a spam filter. IT staff made an easy adjustment and subsequent messages delivered successfully.

NSSE recommends that you identify the person(s) on your campus who can monitor successful email delivery and ask that they check for delivery the day after a message is sent on the Interface. Messages that are returned (‘bounced’) are tracked and displayed for your review. Unfortunately, we cannot see if a message delivers to the inbox or a junk mail folder. Institutions that have concerns about delivery issues can opt to deliver their email recruitment messages from their own servers.

Campuses using third party email filters, such as Proofpoint, should request that the four NSSE email server IP addresses listed above be added to the service’s allowlist.

NSSE adheres to the recommended best practices as suggested by these companies and registers our status with them as a legitimate organization so that our messages are not treated as spam. We monitor response and bounce rates for potential problems during data collection and contact these companies if one is detected.

NSSE uses DomainKeys Identified Mail (DKIM) to digitally identify our messages as coming from our authorized senders. In addition, we utilize a Sender Policy Framework (SPF) record which lists our authorized senders. Both are done to reduce the possibility of phishing attacks and spam from others using NSSE addresses and increase the deliverability of email as well.

NSSE’s DMARC and SPF information is as follows, which can be used by your IT staff. They can also use an online DMARC analyzer tool, such as https://app.dmarcanalyzer.com/dns/spf, to verify the acceptability of your resultant SPF record in terms of syntax (select ‘prevalidate an SPF record update’, then enter your school’s domain and the SPF record).

DMARC record for nssesurvey.org: _dmarc.nssesurvey.org "v=DMARC1; p=none;”
DMARC record for eas.iu.edu: _dmarc.eas.iu.edu "v=DMARC1; p=none;"
Example SPF record: "v=spf1 a:smtphosts.uits.iu.edu -all" (note that a:smtphosts.uits.iu.edu is not preceded with an ‘include:’ statement)

If your institution uses G Suite / Google for email please review the following support documentation from Google and have your campus G Suite administrator add the NSSE email server IP addresses listed above to the allowlist.
• G Suite – Allowlists, denylists, and approved senders
• G Suite – Add IP addresses to allowlists in Gmail

NSSE participates in the Junk Email Reporting Program and Sender ID services offered by Microsoft (listed at https://sendersupport.olc.protection.outlook.com/pm/services.aspx). MS recommends the following procedures for helping NSSE emails be delivered at campuses: The mail administrator can go into PowerShell and create a transport rule to give our sending servers listed above a spam confidence level of 3 or less.

Phishing

By default, the “from” name matches the “from” email address in NSSE recruitment messages (see above). Historically, institutions were encouraged to customize the “from” name to reflect the message signatory (e.g., campus President or Provost) and to further personalize the message. In recent years, however, a growing number of institutions have implemented anti-phishing campaigns on campus to protect from predatory emails. Mismatched from names and email addresses are a common trait of phishing campaigns. Although institutions can still customize the “from” name, NSSE recommends against doing so as a matter of best practice.

Working with Campus Proxy Servers

To maintain our security standards for the survey, we check to see if a reported IP address changes during a survey session. If so, we then rely on the cookies used during the session. We are not able to administer the survey if both a proxy server is used and cookies are not enabled. We recommend that institutions using proxy servers make an exception for the NSSE web survey address so that a consistent IP address is reported. Our survey support staff can work with individual students on temporarily adjusting their browser to enable cookies, but we would prefer to preempt the problem, if at all possible.

Message Delivery

Preparing for Message Delivery

Technical Details for Adjusting Campus Spam Filters

Working with Commercial Email Providers (Microsoft, Google, etc.)

Potential Issues

What NSSE Does

Campuses using Google or Microsoft Outlook

Phishing

Working with Campus Proxy Servers

Evidence-Based Improvement in Higher Education resources and social media channels