Glossary

The terms behind B2B outbound.

Plain-language definitions of every term used across the Allston Labs knowledge base. Each entry links to the chapter that goes deeper.

Email authentication

12 terms.

SPF

#

Sender Policy Framework. DNS record that authorizes IPs/servers to send mail for a domain. Defined by RFC 7208. SPF is a TXT record at the apex of a sending domain that lists the IP ranges, hostnames, and includes authorized to send mail. Receivers perform up to 10 DNS lookups to evaluate the record; exceeding that limit causes SPF to PermError. The policy qualifier at the end (~all softfail, -all hardfail) signals to receivers how strictly to treat unauthorized senders.

DKIM

#

DomainKeys Identified Mail. Cryptographic signature in the mail header that proves the message wasn't tampered with in transit. Defined by RFC 6376. The sending server signs each outbound message with a private key; receivers fetch the corresponding public key from DNS at <selector>._domainkey.<domain> and verify the signature. Modern senders use 2048-bit keys; the 1024-bit keys common before 2022 are now considered weak. Canonicalization mode (simple vs relaxed) affects whether forwarders break the signature.

DMARC

#

Domain-based Message Authentication, Reporting, and Conformance. The policy layer that tells receivers what to do when SPF or DKIM fails. Defined by RFC 7489. Published as a TXT record at _dmarc.<domain>. The policy values p=none, p=quarantine, p=reject are commonly misunderstood as a deployment progression — but p=none is a monitoring posture, not protection, and remaining there indefinitely is the single most common DMARC configuration error.

Alignment

#

Whether the domain that passes SPF/DKIM matches the From: header domain. DMARC requires alignment between authenticated identifiers and the visible From: header domain. Strict alignment requires exact domain match; relaxed alignment allows subdomain matches. Misalignment is why forwarded mail and third-party senders often fail DMARC even when SPF and DKIM individually pass.

RUA

#

DMARC aggregate report. Daily XML reports listing authentication results across all mail claiming to be from your domain. Specified in the DMARC record as rua=mailto:dmarc-reports@example.com. Receivers send aggregate (RUA) reports daily — high volume, low detail. Without a parsing tool (DMARCian, Postmark, Valimail, dmarcanalyzer), they're unreadable. Most domains publish DMARC without an RUA field, which means they have no visibility into authentication failures.

RUF

#

DMARC forensic report. Per-message detail report for failed authentication. Largely deprecated for privacy reasons. RUF (forensic / failure reports) deliver per-message details including raw headers and partial body content. Most major receivers (Gmail, Yahoo) stopped sending RUF reports years ago for privacy and bandwidth reasons. Modern DMARC deployments rely on RUA aggregate reports only.

Selector

#

A label that identifies which DKIM key to use. Allows multiple keys per domain. DKIM signatures reference a selector (e.g. s=google in the DKIM-Signature header), and receivers look up the public key at <selector>._domainkey.<domain>. Multiple selectors enable key rotation without downtime, and multiple sending services (Google Workspace, SendGrid, etc.) to coexist on the same domain.

MTA-STS

#

Mail Transfer Agent Strict Transport Security. Forces TLS for inbound mail and prevents downgrade attacks. Defined by RFC 8461. Published as a TXT record at _mta-sts.<domain> plus a policy file at https://mta-sts.<domain>/.well-known/mta-sts.txt. The policy modes are testing, enforce, and none. Without MTA-STS, an attacker who can intercept network traffic can downgrade an SMTP TLS connection to plaintext.

TLS-RPT

#

TLS Reporting. Daily reports on TLS failures and MTA-STS policy mismatches. Defined by RFC 8460. Published as a TXT record at _smtp._tls.<domain>. Reports surface receivers that couldn't establish TLS to your domain — diagnoses whether MTA-STS is breaking legitimate mail, and whether opportunistic-TLS receivers are downgrading.

BIMI

#

Brand Indicators for Message Identification. Displays a brand logo next to authenticated mail in the inbox. Currently an IETF draft. Requires DMARC at p=quarantine or p=reject. The logo is published as a square SVG at a public URL and referenced in a TXT record at default._bimi.<domain>. Gmail and Yahoo require a Verified Mark Certificate (VMC) — a $1,500-$3,000/year trademark-backed certificate — before they'll display the logo.

VMC

#

Verified Mark Certificate. The $1,500-3,000/yr certificate required for BIMI logo display at Gmail/Yahoo. Issued by DigiCert or Entrust after trademark verification. The trademark must be registered with one of a small set of recognized authorities (USPTO, EUIPO, etc.) — descriptive marks and pending applications don't qualify. The VMC investment makes sense for established brands with high mail volume; rarely makes sense for early-stage companies.

ARC

#

Authenticated Received Chain. Lets forwarded mail survive DMARC by preserving the original authentication result. Defined by RFC 8617. When a forwarder (mailing list, alumni alias, autoforwarder) modifies a message, the original DKIM signature breaks. ARC seals the original authentication results at each forwarding hop so receivers can trust the chain. Gmail and Outlook both honor ARC; many smaller receivers do not.

Operations

11 terms.

Inbox warmup

#

Gradual volume ramp on a new sending domain or mailbox to establish receiver reputation. Receivers track sending reputation per IP, per domain, and per mailbox. Sudden volume from a previously-silent identity looks like a compromised account. Healthy warmup ramps over 21-28 days, prioritizing high-engagement mail (replies, opens to opt-in lists) over cold prospecting. Synthetic warmup networks that simulate engagement are increasingly detected at Gmail and Outlook.

Domain age

#

How long a domain has existed. New domains (under 90 days) face a reputation cold-start curve. WHOIS-visible domain age is one of many reputation inputs at major receivers. A 90-day cold-start applies even to fully-authenticated, perfectly-configured new domains — receivers throttle them until enough engagement accumulates. Aged drop-catch domains compress this but carry their own reputation risk if the prior owner abused them.

Subdomain isolation

#

Sending from a separate domain/subdomain than your corporate mail to protect reputation. Corporate domain (company.com) carries founder, payroll, and customer mail. Sending domain (companyalt.com or mail.companyalt.com) carries cold outbound. A single bad campaign that tanks reputation should not affect inbound payroll. The right boundary is a separate registered domain, not a subdomain — receivers do reputation rollup across subdomains.

Bulk sender requirements

#

Gmail/Yahoo Feb 2024 rules: 5000+ msgs/day = SPF + DKIM + DMARC + one-click unsubscribe + spam rate under 0.3%. Took effect February 2024 for senders exceeding 5,000 messages per day to Gmail or Yahoo. Requires SPF, DKIM, and DMARC at p=none or stricter; one-click unsubscribe via List-Unsubscribe-Post (RFC 8058); user-reported spam rate under 0.3% measured via Postmaster Tools; alignment between the From: header and authenticated domains.

One-click unsubscribe

#

RFC 8058 List-Unsubscribe-Post header that lets recipients unsubscribe without leaving their mail client. Required for bulk senders under the Gmail/Yahoo Feb 2024 rules. The List-Unsubscribe header lists an unsubscribe URL; List-Unsubscribe=One-Click is set to enable POST-without-confirmation. Receivers send a POST to the URL on user click; the sender must process it and stop sending within 48 hours (Gmail enforces this strictly).

Postmaster Tools

#

Gmail's free dashboard exposing per-domain reputation, spam rate, authentication pass rate, and feedback loops. Available at postmaster.google.com after verifying domain ownership via DNS. Surfaces user-reported spam rate (the metric that drives most deliverability problems), domain and IP reputation, authentication pass rates, encryption mode, and inbound spam rate. Most senders never enroll — it's the single highest-ROI deliverability monitoring step.

SNDS

#

Smart Network Data Services. Microsoft's equivalent of Postmaster Tools for Outlook/Hotmail reputation. Microsoft's Smart Network Data Services at sendersupport.olc.protection.outlook.com. Reports IP reputation (red/yellow/green status), trap hits, complaint rate. Less granular than Gmail Postmaster but the only window into Microsoft inbox placement.

Bounce taxonomy

#

Categories of SMTP failure: hard (5xx, permanent), soft (4xx, retry), transient, auto-reply. Defined by RFC 5321 (SMTP codes) and RFC 3463 (enhanced status codes). Hard bounces (5xx) indicate permanent failure — the address should be suppressed immediately. Soft bounces (4xx) indicate transient failure and should be retried with backoff. Confusing the two is the most common suppression-list error and the fastest way to burn domain reputation.

Seed list

#

A list of mailboxes across Gmail, Outlook, Yahoo, etc. used to measure where a campaign lands. Inbox placement testing services (GlockApps, Inbox Inspector, MailGenius, EmailKarma) maintain seed-list networks across all major receivers. A campaign sent to the seed list reports where each message landed: primary inbox, promotions tab, spam folder, missing. Critical signal that user-side metrics (open rate) hide — opens to spam folder still count as opens.

Primary tab

#

Gmail's first inbox tab. The target of cold outbound. Gmail sorts inbound mail into Primary, Promotions, Social, Updates, and Forums tabs (when tabs are enabled). Promotions tab placement reduces open and reply rates by ~5x. Primary-tab placement is determined by sender reputation, mail content (signals like images, links, marketing language), and per-recipient engagement history.

Reply detection

#

Distinguishing legitimate human replies from out-of-office, bounces, and automated responses. Cold email platforms use the In-Reply-To and References headers (RFC 5322) to thread inbound replies, then classify them via heuristics (auto-reply patterns, message length, sender domain). Misclassification causes legitimate replies to be marked as bounces (suppression-list error) or out-of-office to be routed to sales reps (workflow noise).

LinkedIn

6 terms.

SSI

#

Social Selling Index. LinkedIn's 0-100 score of profile completeness, network strength, and engagement. Visible at linkedin.com/sales/ssi. Four pillars: establish your professional brand (profile), find the right people (search), engage with insights (content), build relationships (connections). SSI above 70 unlocks higher daily action limits; SSI under 40 correlates with restriction events. Sales Navigator subscribers see live SSI; free accounts see the score only.

Sales Navigator

#

LinkedIn's premium tier for sales teams. ~$99/seat/mo. Higher search limits, InMail credits, lead recommendations. Required for high-volume LinkedIn outreach. Provides advanced search filters (seniority, company size, job change), 50 InMail credits/month, saved lead lists, and CRM sync. Without Sales Navigator, daily action limits hit much earlier (~80 connection requests/wk vs ~150 with Sales Nav).

InMail

#

LinkedIn's paid-message system. Lets you message a member without being connected. Sales Navigator includes 50 InMail credits/month; refunded if the recipient replies within 90 days. Reply rates to InMail run 15-25% well below cold email (acceptance + reply via connection-request path averages 8-12%). Best for senior buyers and gated audiences where connection acceptance is unreliable.

Connection request limit

#

LinkedIn's weekly cap on connection requests sent. ~80-100 for free accounts, ~150 for Sales Nav. Enforced as a rolling 7-day window. Exceeding the limit triggers a soft restriction (account flagged for review) or hard restriction (24-72 hour pause). The limit varies per account based on SSI, account age, prior restriction history, and the proportion of accepted vs unaccepted past requests.

Residential proxy

#

IP address sourced from real consumer broadband, used to make LinkedIn automation look like a real user. LinkedIn classifies traffic by IP residency class. Datacenter IPs (AWS, GCP) get aggressive bot scrutiny. Residential proxies (Bright Data, Oxylabs, Smartproxy) route requests through real consumer ISPs, dramatically reducing detection signals. Cost ~$5-15/GB. Critical for multi-account architectures.

hiQ v. LinkedIn

#

Landmark case on LinkedIn scraping. After multiple rulings, current status is uncertain — public data scraping is legal but breach-of-contract risk remains. hiQ Labs scraped public LinkedIn profiles for HR products. LinkedIn sent a cease-and-desist citing the Computer Fraud and Abuse Act (CFAA). The 9th Circuit ruled in 2019 that scraping public data isn't a CFAA violation. Supreme Court remanded in 2021. In 2022 the 9th Circuit largely affirmed for hiQ. But a separate 2022 ruling on breach-of-contract for ToS violations means scrapers can still face civil liability.

ICP + lists

5 terms.

ICP

#

Ideal Customer Profile. The narrow segment most likely to buy and succeed with your product. Not the same as 'target market' (broader, marketing concept). An ICP is specific: industry, company size, role of buyer, current tech stack, growth stage. You derive it from closed-won deconstruction — what your existing customers have in common — not from desk research or addressable-market math.

Closed-won deconstruction

#

Reverse-engineering ICP from existing paying customers by extracting common attributes. Even three friendly logos generate signal. Extract attributes (size, industry, geography, role, tech stack, growth signal) and look for unexpected commonalities. The pattern that surfaces is the first ICP hypothesis — to be tested against new prospects, not assumed true.

Prospect graph

#

Structured database of target accounts and contacts with relationships, signals, and history. Goes beyond a flat contact list. Captures account-to-contact relationships (who reports to whom), buying-committee mapping, prior interactions, content engagement, intent signals. The substrate that makes multi-thread outbound and account-based motions possible. CRM is the storage layer; the graph is the schema on top.

Intent data

#

Third-party signals indicating an account is researching a category. Bombora, 6sense, ZoomInfo are the major providers. Aggregated from publisher-site content consumption (CB Insights, TechCrunch, vendor review sites) and search-engine traffic patterns. Surfaces accounts that have spiked research activity for a topic. Highly valuable for ABM but expensive ($50K-300K/year) and noisy — most spikes don't translate to active buying intent.

Enrichment

#

Adding firmographic and contact data to prospect records. Apollo, Clay, Ocean, ZoomInfo are common providers. Waterfall enrichment routes a name+company through multiple providers to maximize coverage and minimize cost. Per-record cost ranges $0.02 (Apollo) to $0.50+ (ZoomInfo specific fields). Accuracy varies wildly by region and seniority — director+ titles tend to be 80%+ accurate; individual contributors much lower.

Copy + campaigns

4 terms.

Personalization

#

Tailoring outbound to a specific person or account beyond first-name/company substitution. Three tiers. Tier 1 (token replacement): name, company, title. Tier 2 (account-level): recent funding, hiring trends, product launches. Tier 3 (person-level): podcast appearances, tweets, conference talks. Reply rates roughly scale 1x / 2.5x / 5x — but Tier 3 doesn't scale linearly with volume. AI-assisted Tier 2-3 is where most teams are pushing.

Multi-touch sequence

#

Pre-defined cadence of multiple outbound touches across email and/or LinkedIn over time. Standard cadence: 3-7 touches over 2-4 weeks. Reply rates compound over the sequence (touch 1 may reply 1-3%, touch 4 may reply 0.5-1.5%) — total sequence reply often 5-12%. Returns drop sharply after touch 6. Shorter sequences (3-4 touches) with higher per-touch quality tend to beat 8+ generic follow-ups.

Spintax

#

Inline syntax like {Hi|Hey|Hello} that randomizes word choice across sends to reduce spam-filter fingerprinting. Filters cluster identical messages sent at volume and flag them as bulk. Spintax breaks the fingerprint by varying greetings, transitions, and CTAs across recipients while keeping the core message the same. Most cold-email tools (Instantly, Smartlead, Lemlist) support spintax natively. Don't spin so aggressively that the copy reads as machine-generated.

AIDA

#

Attention, Interest, Desire, Action. The 1898 copywriting framework that still structures most cold-email opens. Originated in advertising; ported to direct response and now to cold email. Attention = the subject line and first sentence. Interest = a relevant insight or hook. Desire = the outcome you offer. Action = a single ask. Useful as a checklist — if a draft is missing any one element, it's likely to flatline. Pair with the Mom Test for B2B discovery emails.

Sales motion

10 terms.

BANT

#

Budget, Authority, Need, Timeline. The classic qualification framework. Suited to $5K-50K ACV transactional sales. Developed at IBM in the 1960s. Four binary questions: does the prospect have budget allocated, the authority to spend it, an explicit need, and a timeline to act? Works well for short cycles where the buyer holds all the information. Fails in modern enterprise SaaS where buying committees, multi-year contracts, and consensus dynamics dominate.

MEDDIC

#

Metrics, Economic Buyer, Decision Criteria, Decision Process, Identify Pain, Champion. Enterprise qualification framework. Developed at PTC in the 1990s. The structural advantage over BANT: explicitly maps the buying committee (Economic Buyer + Champion) and the decision process (Criteria + Process). Suited to $100K+ ACV multi-stakeholder sales. Variants include MEDDPICC (adds Paper Process + Competition).

SPICED

#

Situation, Pain, Impact, Critical Event, Decision. Modern qualification framework from Winning by Design. Reframes qualification as discovery: what's the current situation, what pain does it cause, what's the business impact, what critical event forces a decision, and what's the decision process? Better suited to SaaS sales cycles where pain is often vaguely understood at first contact.

Champion

#

An internal advocate at the prospect company actively selling your product to the buying committee. Distinct from the Economic Buyer (signs the check) and the End User (uses the product). A champion has authority and political capital to push the deal forward — plus a personal stake in your product winning. Single-thread deals built around just a champion close at 8-15%; multi-thread deals with 3+ stakeholders engaged close at 35-50%.

Design partner

#

An early customer who provides product feedback and case-study cooperation in exchange for free or discounted access during product development. Distinct from a free trial user or beta tester. Bound by a structured agreement (3-9 month term, scope, exchange of value). The pre-PMF B2B playbook — compresses 18 months of customer discovery into 6 months and produces the first 2-3 reference logos. 30-60% convert to paid at end-of-term in well-run programs.

Founder-led sales

#

The founder personally sells the product until the motion is repeatable. The default until ~$1-2M ARR. Founders close differently than reps: they can change the product mid-call, commit to a custom integration, or hand-deliver onboarding. That flexibility is what closes the first 10-20 deals. Hiring a sales rep before the motion is repeatable usually fails — the rep doesn't have the authority a founder does, and the playbook to hand them doesn't exist yet.

Multi-thread

#

Engaging 3+ stakeholders at a target account instead of relying on one contact. Single-threaded deals — one champion, no one else engaged — close at 8-15%. Multi-thread deals (3+ stakeholders mapped and in motion) close at 35-50%. The mechanism is risk: if your one contact leaves, gets reorganized, or loses interest, a single-thread deal dies. Multi-thread also lets you map the buying committee instead of guessing at it.

Hair-on-fire problem

#

A problem the buyer is actively, painfully trying to solve right now. The only kind that closes fast. Hair-on-fire problems have three signals: the buyer has tried to solve them before (with internal tools, spreadsheets, other vendors), they can describe the cost of inaction in dollars or hours, and they're willing to take a meeting this week. 'Nice-to-have' problems take 6-18 months to close if they close at all. Most stalled pipeline is nice-to-haves the rep classified as hair-on-fire.

Ask hierarchy

#

A descending ladder of CTAs in a cold email — meeting > intro > resource — so a 'no' to the first ask can still become a 'yes' to the next. Asking for a 30-minute meeting in the first touch converts low. An ask hierarchy gives the recipient something easier to say yes to: a 15-minute call, a Loom intro, a relevant resource, an opinion. The conversation continues even when the top ask fails. Pair with a single primary CTA per email — don't list all four options at once.

Mom Test

#

A discovery technique: ask about the customer's life and past behavior, never about your idea. Named after the book by Rob Fitzpatrick. Three rules. Talk about their life, not your idea. Ask about specifics in the past, not generics or opinions about the future. Talk less, listen more. The point is that people lie politely about hypothetical products. They tell the truth about what they actually did last Tuesday. Use it in discovery calls and design-partner interviews.

Conferences

2 terms.

Pre-event outreach

#

The 4-6 week outbound motion before a conference. Where pipeline gets built. Most teams skip it. 78% of conference attendees never get touched by exhibitors pre-event. The teams that run a multi-touch pre-event sequence to ICP-filtered attendees book 4-6x the on-floor meetings of teams that wait. The deliverability handoff (warmed sending estate, primary-tab placement) is the prerequisite — there's no time to fix infrastructure during the run-up.

VIP dinner

#

A hosted dinner during a conference for 8-12 ICP attendees. The highest-conversion conference format. Converts at 5-10x per attendee vs booth conversations and 20-30x vs cold outbound for the same audience. Invite math: 30 invited → 12 confirmed → 8 attended is typical. Venue selection (proximity to conference, food quality), co-host strategy (when you don't have the brand to fill it alone), and day-after follow-up determine whether the dinner produces pipeline.

AI search + GEO

4 terms.

GEO

#

Generative Engine Optimization. The practice of getting cited by ChatGPT, Perplexity, Claude, and Gemini when they answer questions. SEO targets ranked link results; GEO targets the answer itself. The mechanics overlap (canonical content, structured data, citations from trusted sources) but the signals differ — LLM answer engines weight semantic clarity, FAQ-shaped content, and explicit attribution. A typical GEO program ships a llms.txt, FAQPage schema, citation-bait research, and IndexNow pings.

llms.txt

#

A proposed standard file at /llms.txt that gives LLM crawlers a curated map of the site's most important pages. Modeled on robots.txt. A markdown file listing the canonical URLs, brief descriptions, and key resources you want LLMs to read first. Adopted by Anthropic, Mintlify, and a growing set of docs sites. Not yet honored by all crawlers, but cheap to ship and a signal of intent. Pair with /llms-full.txt for the full content dump.

FAQPage schema

#

Schema.org JSON-LD that marks up questions and answers on a page. The highest-leverage GEO move. LLM answer engines and Google's AI overviews both lean on FAQPage markup to extract Q&A pairs. Each question becomes a candidate answer the model can quote verbatim with attribution back to your domain. The schema is 10-20 lines of JSON-LD per page. Worth adding to every guide, glossary, and product page.

IndexNow

#

An open protocol for instantly notifying search engines (Bing, Yandex, others) when a URL changes. You POST a list of changed URLs to a single endpoint and Bing, Yandex, and partners pull them within minutes instead of waiting for the next crawl. Google doesn't honor IndexNow directly but Bing-indexed content increasingly feeds LLM answer engines. Setup is a one-line key file at /<key>.txt plus a ping on publish.

Pricing

1 terms.

10/5/20 rule

#

Price at 1/10 of value delivered, raise prices 5% per quarter, and you've underpriced if you lose under 20% of prospects to price. Three heuristics from B2B pricing folklore. 1/10: charge ~10% of the value you create — leaves enough surplus for the customer to feel the deal is good. 5%: raise prices ~5% each quarter on new logos until churn or close rates move. 20%: if fewer than 20% of prospects walk because of price, you're leaving money on the table. Useful as guardrails, not a formula.

Compliance

2 terms.

10DLC

#

10-Digit Long Code. The US carrier registration regime for business SMS sent from local phone numbers. Required by US carriers since 2023 for application-to-person SMS. You register your brand and each campaign through The Campaign Registry (TCR), pay a one-time brand fee (~$4) and per-campaign fee ($10-15/mo), and get throughput limits based on your trust score. Unregistered traffic gets filtered, blocked, or charged per-message penalties.

TCPA

#

Telephone Consumer Protection Act. US law governing automated calls and texts. $500-$1,500 per violation, no cap. Passed in 1991, expanded for SMS in 2012. Requires prior express written consent for marketing calls/texts to mobile numbers placed via autodialer. Class-action plaintiff lawyers actively scan for violations. The big landmines: scrubbing against the National Do Not Call Registry, honoring opt-outs within a reasonable window, and not assuming web-form submission equals SMS consent.

Outbound funnel

2 terms.

Speed-to-call

#

Minutes between an inbound lead arriving and the first call attempt. Below 5 minutes = step-function higher conversion. Inbound lead conversion drops sharply as response time grows. Calling within 5 minutes converts roughly 8x better than calling within an hour. The mechanism is intent decay: a buyer who just submitted a form is in active research mode; an hour later they've moved on. Build the routing so the first call attempt fires automatically the moment a qualified lead lands.

Blitz cadence

#

Hitting a fresh inbound lead with 5-8 rapid touches across call, email, and LinkedIn in the first 48 hours. Stacks on top of speed-to-call. The first call attempt is instant; subsequent touches escalate across channels — voicemail + email at hour 1, LinkedIn add at hour 4, call again at hour 8, etc. The point is to be visible while intent is hot. After 48 hours the lead drops to a normal nurture cadence. Most teams under-blitz: the data says go harder, not softer.

Knowledge base

Now read the guides.

Each term above maps to a longer guide in the knowledge base.

Open the knowledge base →