The Email Delivery Guru

The Email Delivery Guru
The latest on email marketing delivery best
practices & trends from our resident guru,
Al Iverson, Director of Privacy & Deliverability.

Require a login to opt-out?

Wednesday, November 18, 2009 by Al Iverson

If you're wondering if it's OK to require that recipients must log into your website before they can unsubscribe from your emails, the answer to that is no-- it's prohibited under US Federal law.

The FTC explicitly clarified this in the May 2008 CAN-SPAM Rule Update. It's on page 104, near the bottom.

Here's what it says:

Section 316.5 Prohibition on charging a fee or imposing other requirements on recipients who wish to opt out. Neither a sender nor any person acting on behalf of a sender may require that any recipient pay any fee, provide any information other than the recipient's electronic mail address and opt-out preferences, or take any other steps except sending a reply electronic mail message or visiting a single Internet Web page, in order to: (a) Use a return electronic mail address or other Internet-based mechanism, required by 15 U.S.C. 7704(a)(3), to submit a request not to receive future commercial electronic mail messages from a sender; or (b) Have such a request honored as required by 15 U.S.C. 7704(a)(3)(B) and (a)(4).

What does that mean? Read carefully: Senders are not allowed to require recipients to "provide any information other than the recipient's electronic mail address and opt-out preferences." That means you can't require them to login to your website before continuing on to a preference center or other page. The only thing a recipient has to give you is their email address, and the opt-out preference. (i.e. do you want to opt-out from all messages, or would you like to opt-out only from certain specific lists.) The law prohibits any requirement that the recipient "take any other steps except sending a reply electronic mail message or visiting a single Internet Web page" when unsubscribing -- meaning it's not OK for it to take five clicks for somebody to unsubscribe. Interact with one page means the unsubscribe link takes them to a web page, where they are either unsubscribed automatically, or push some button on that web page to complete the unsubscribe process. (That would be interacting with that single web page.)

For more information on CAN-SPAM, visit our CAN-SPAM Information Center at http://canspam.etdeliverability.com/

Lashback Working with Yahoo

Tuesday, November 17, 2009 by Al Iverson

Lashback reported today (via Twitter) that they're working with Yahoo nowadays to help Yahoo determine the "unsubscribe reputation" of senders. What does this mean? According to Yahoo's help pages: "We work with LashBack to identify certain senders that honor unsubscribe requests. When a user reports "Spam" on an email from a sender that has a good unsubscribe reputation (as per LashBack's UnsubSafe score), LashBack facilitates an unsubscribe request so the user is removed from the sender's mailing list."

What does this mean for you, dear senders? I think it's another suggestion to keep your nose clean. I think this means that if you send mail to people after they have unsubscribed, you're going to end up with yet another data point identifying you as a bad guy, and it's going to further interfere with your ability to deliver email, at Yahoo, and elsewhere.

What is Lashback? Lashback calls themselves "The Email Compliance Authority." They do a few different things. They offer an email plugin for end users to download and install, and the plugin helps them compile unsubscribe compliance information, the goal of which is to help people unsubscribe from emails more easily, and denote when senders do not respect the fact that a recipient has unsubscribed. They also denote when suppression lists have been abused, are receiving mail that they shouldn't be. The goal is to denote when senders or advertisers are out of compliance with CAN-SPAM.

We actually contract with Lashback to help us monitor client compliance with unsubscribes (and help us monitor for the unlikely event that our own unsubscribe handling processes were to fail). Some of what they look at is specific to third-party ad networks and ExactTarget is not a third-party ad network, and declines to serve mail for third-party ad networks, so not every single bit of data they collect is going to be useful to somebody like us. But, overall, they provide really useful data that has helped us take action against numerous clients engaged in bad acts.

So, it doesn't surprise me to see Yahoo referencing Lashback data, since I find it valuable myself.

Be Careful: Marketing to Children Under 13

Friday, November 13, 2009 by Al Iverson

Marketing to children online? Be careful that you comply with COPPA, or else it'll cost you.

The Children's Online Privacy Protection Act of 1998, in effect from April 21, 2000, applies to the online collection of personal information from children under 13 years of age. It details what a website operator must include in a privacy policy, when and how to seek verifiable consent from a parent or guardian, and what responsibilities an operator has to protect children's privacy and safety online including restrictions on the marketing to those under 13. (Wikipedia)

What can happen if you don't comply? Here's an example. The FTC reports: "Iconix Brand Group, Inc. will pay a $250,000 civil penalty to settle Federal Trade Commission charges that it violated the Children’s Online Privacy Protection Act (COPPA) and the FTC’s COPPA Rule by knowingly collecting, using, or disclosing personal information from children online without first obtaining their parents’ permission."

The FTC alleges that "Iconix knowingly collected and stored personal information from approximately 1,000 children without first notifying their parents or obtaining parental consent." Additionally, the FTC alleged that "on one [specific] web site, MyMuddWorld.com, Iconix also enabled girls to publicly share personal stories and photos online."

The FTC has a pretty straightforward overview of how to comply with COPPA, available here, as well as a COPPA Frequently Asked Questions (FAQ) page.

FTC action against marketers who violate COPPA may be rare but this isn't the first instance we've seen. Last December, the FTC announced a $1,000,000 civil penalty settlement with Sony BMG Music. The FTC alleged that "on 196 of [Sony's] sites, Sony Music knowingly collected personal information from at least 30,000 underage children without first obtaining their parents' consent, in violation of COPPA."

Verizon "Wireless" and Not Wireless

Wednesday, November 11, 2009 by Al Iverson

A quick update to something I posted back in July: Verizon.com is no longer listed as a wireless domain. We've removed it from our list detective filter, as we're no longer legally mandated to filter it out as a wireless domain.

Keep in mind, we're forced to go by what's actually on the list-- we can't just make exceptions or reject listings because we don't think they're right. And trust us, in some cases, we do notice entries that we don't think are correct. We'll continue to nudge ISPs and domain owners whenever we see anything like that, and work with affected clients to do the same.

Be sure to check out our FCC Wireless Domains website for more information, and don't hesitate to contact the deliverability team if you have any questions.

Do consumers hate email append?

Wednesday, November 4, 2009 by Al Iverson

It sure looks like they do. Morgan Stewart breaks it down. It looks to me, as it does to Morgan, that consumers are not pleased when a company they've done business with, but not provided an email address to, suddenly start emailing you. When they put you on a mailing list without consent. When a company falsely assumes that a business relationship equates to permission.

Seriously, can somebody explain to me, why would you ever engage in a marketing practice that is going to upset a good 50% of the people who end up on your list?

It's nice to see the data on consumer expectations. It backs up the deliverability side of the equation, the elephant in the room that people have been dancing around for years: Email append grows your lists, grows them into big, dirty beasts that get you blocked and bulked. The biggest, the worst, the most significant deliverability and marketing strategy issues I've dealt with over the past years, they are all due to email append. A company, some well meaning big brand, tells me their list is all opt-in, everybody asked for this mail, and they're just plain stumped as to why the big ISPs don't want to allow it to the inbox. Many discussions and much head scratching later, it comes out that they had done some big email append and magically grew their list by a couple million addresses. And gee, if you back that append data out, suddenly their deliverability improves. (Most of the time it has been Just That Simple.)

As Morgan says, "The belief that marketers can send email to their customers based on a ‘prior existing relationship’—the premise for email appends—is dead. Customers don’t want the practice to continue."

Google's Kind of a (B2B) Big Deal

Monday, October 19, 2009 by Al Iverson

Google employees Tom Oliveri and Vivian Leung point out over on Google's blog that Google Apps has gotten very popular in the B2B email hosting space. Google Apps, if you're not aware, is basically private-label Gmail for your domain.

I've been using it to host my personal email domain for a few years now, and I love it. And I'm apparently not the only one -- Google says that "over two million business and 20 million users in over 100 countries and more than 40 languages" have adopted Google Apps.

What does that mean to you? It means that Gmail's spam filtering matters to you if you're a B2B sender. Lots and lots of companies use Google Apps for email, and the spam filtering is exactly the same as Gmail's spam filtering. (And engagement rules at Gmail!)

(H/T: Mark Brownlow via Tamara Gielen)

The Rise of Emperor Engagement

Friday, October 9, 2009 by Al Iverson

If Permission is King, then Engagement is the Emperor, my esteemed coworker Karen Balle explained to me this morning. And she's right.

Engagement (or lack of engagement) seems to be causing a lot of bulk foldering issues lately. If your mail is going to the bulk folder at a top ISP, it's probably going to be because recipients don't care about your email. They're not engaged.

What is engagement? I could break it down, but why re-invent the wheel? George Bilbrey provided a nicely detailed breakdown of engagement metrics, how they work, and what ISPs do with them.

To me, this highlights yet again that an email address isn't forever. Keep mailing somebody forever, or send them irrelevant messaging, and they're going to get bored with you. (Even if they had opted in!) Your open and click rates drop off significantly, and ISPs pick up on that. They will denote that most of the subscribers don't care, that recipients never read the email you send. And that means that the ISP isn't going to feel compelled to ensure that mail goes to the inbox. If the recipients don't care, the ISP isn't going to care either.

George points out that engagement isn't a new thing, but I would counter that engagement is now a much bigger deal than it was, say, two years ago. Or go back even further, to the days where a single spam complaint would get you blocked. You'd protect against it with double opt-in, and the ISP would keep the gates open for you. Now, permission isn't enough; you have to make sure what you're sending is wanted by recipients.

Of course, reputation still matters significantly, as do all the things that have historically gone into reputation metrics, most importantly, permission. Chip House and I will touch on reputation and engagement, along with a panel of experts, next week at our Connections '09 Conference.

Canadian anti-spam bill far from a done deal

Thursday, October 8, 2009 by Al Iverson

Michael Geist, Internet Law Columnist for the Toronto Star says that the current Canadian anti-spam legislation under consideration in Parliment is under attack. On bill C-27 – the Electronic Commerce Protection Act, he reports: "Although support for anti-spam legislation would seemingly be uncontroversial, various business groups have mounted a spirited attack against the bill, claiming requirements to obtain user consent before sending commercial email will create new barriers to doing business online."

Read the whole story here. (H/T: Box of Meat)

Gmail offering unsubscribe option

Thursday, July 23, 2009 by Al Iverson

I was going to blog about Gmail offering an unsubscribe option today, but my good friend Laura Atkins beat me to it. Read what she has to say on the topic over at her Word to the Wise blog.

Yahoo Feedback Loop Volume Down

Thursday, July 23, 2009 by Al Iverson

Early Wednesday morning we noticed that Yahoo Feedback Loop complaint volume was much lower than normal. We have confirmed that ExactTarget is not the only affected ESP or mailer. We notified Yahoo of our observations, and on Wednesday night they posted the following statement to the Y! Mail Admin Yahoo Group: "For those enrolled in our Complaint Feedback Loop program, we have an ongoing issue, which started late yesterday, in sending out the feedback reports. If you're seeing a lower-than-usual stream of user complaints of late, this is likely the reason. We're continuing to investigate the problem and will keep the list updated of any progress. Stay tuned."

Update: Volume seems to be ramping back up to normal levels as of 7/23/2009.

Yahoo Update: July 17, 2009

Friday, July 17, 2009 by Al Iverson

From approximately 3:00 am through 3:00 pm (Eastern Time) on Thursday, July 16th, the Yahoo Spamhaus issue reared its ugly head once again. We worked to identify the affected servers and notified Yahoo of our findings. As of the evening of Thursday, July 16th, Yahoo assures us that the issue is resolved. They also published a note to that effect on the Y! Mail Admin Yahoo Group.

You Control Your Deliverability Reputation, but Your ESP is Critical to Ongoing Success

Thursday, July 16, 2009 by Al Iverson

Over on Email Insider, George Bilbrey of ReturnPath provides some very good advice on how senders are ultimately in control of their own ability to enjoy deliverability success. He writes, "From time to time we run into marketers who think that they have deliverability covered because they have signed up with an Email Service Provider (ESP). You've probably even seen some ESPs that are promoting their very high delivery rates. This is confusing and misleading, because the ESP fully controls only one of the five major drivers of deliverability failures."

Though there is a caveat or two, this is actually very solid advice. So much of deliverability is driven by your list hygiene and send practices. But, I do believe that an ESP brings a lot to the table; empowering you to get as much of your mail delivered as possible. ExactTarget is actually pretty darn good at doing this, if I do say so myself. George explained five different things that impact your deliverability, and explained that only one of them is controlled by the ESP.

True, but simplistic. What about proactive block and bounce monitoring? Customizable blacklist alerts. Specialized reporting to review and monitor your sending reputation. Active deliverability and strategy consultation. The Big Rolodex of every ISP we've ever dealt with. Active multi-client experience, helping you understand if the deliverability issue you're facing today is really aimed at you, or if you're only in the cross hairs accidentally due to an ISP issue.

We help you translate all of this crazy data and these complex issues into plain English terms that can be easily understood so that clients can apply our best practice guidance to their day-to-day email marketing campaigns.

On the flip side of that, there's a secret that ESPs rarely reveal: ESPs are very bad at getting bad mail delivered. If you're a spammer, ISPs want to block you. No amount of "ISP Relationship Management" on the part of ExactTarget or some other ESP is going to prevent that. What we do instead, is teach you how not to be a spammer. The ExactTarget application does some of the work there; it sets you on the right track to process bounces, feedback loops, authenticate mail, and so on. But none of these things can overcome a deliverability issue caused by poor permission practices.

In that way, George is absolutely right. People are very much mistaken if they think that they are all set just because they happen to be working with an ESP. You can't discount the fact that high complaint rates, bounce rates, spamtrap hits, and content issues all play a role in your deliverability. Get these things wrong and your deliverability is sure to suffer. To that end, these are things that we help ExactTarget clients address every day, but George is right: these are all data points that refer to what is being sent and whom it is being sent to, not which ESP platform it is being sent from.

The moral of the story? I think we're both right. What do you think?

Third Largest Social Networking Site Sued for Invasion of Privacy, Identity Theft

Wednesday, July 15, 2009 by Al Iverson

DailyTech (and many others) report that Tagged.com, a social networking site, is under attack by New York Attorney General Andrew Cuomo. He writes: "This company stole the address books and identities of millions of people. Consumers had their privacy invaded and were forced into the embarrassing position of having to apologize to all their e-mail contacts for Tagged's unethical -- and illegal -- behavior." Read all about it here.

Important lesson: Don't try to use the guise of social networking to spam people. Perceived falsity and deception in "forward to a friend" and "invite" viral-type messages are one of the top things that make government agencies sit up and take notice.

Don't take my word for that; ask Jumpstart.

Yahoo Status Update: July 14, 2009

Tuesday, July 14, 2009 by Al Iverson

We have seen issues these past few days with a few different clients being bounced at Yahoo due to the previously-reported Spamhaus "false bounce" issue. We've contacted Yahoo, helped them to identify the affected server, and we've blocked sending to that server on our side. As long as the issue remains isolated to that one server, delivery to Yahoo addresses should continue to work smoothly for all clients.

We'll be sure to publish an update if the situation changes.

Gmail: Authentication icon for verified sender

Tuesday, July 14, 2009 by Al Iverson

Brad Taylor, Gmail's Spam Czar (one hopes that really means "anti-spam czar") reports the following over on the Official Gmail Blog: "[In the Gmail interface, you can] turn on 'Authentication icon for verified senders' from the Labs tab under Settings, and you'll see a key icon next to verified emails that are super-trustworthy."

Putting an icon in the UI to indicate that a sender is trusted reminds me a lot of Goodmail's Certified Email. It'll be interesting to see if internal, free, manual lists of "special senders" is something that will take off in the long term.

Right now this functionality is very limited:
- Each recipient has to turn it on themselves.
- It only does anything for emails from eBay and Paypal (for now).

They hope to add more "super trustworthy" senders in the future.

Business Card Permission: Touched a Nerve?

Monday, July 6, 2009 by Al Iverson

My post on May 27th, talking about the permission failure inherent in exchanging business cards, and how that is not really an opt-in process, has inivited some well considered (and not so well considered) feedback via comments.

"It's freakin' elecctrons (sic) and that's what the delte (sic) button is for," spouts one random Joe. Freakin' wrong, if you ask me. But we'll touch on that more in a moment.

Commenter Lori Feldman put some more thought (and spell check) into her response. "I have to disagree," she says. "Putting yourself 'out there' in eyeball to eyeball social networking where both parties hand over business cards is implied permission."

Lori, thanks much for your comments. I do agree with you that exchanging business cards does imply permission for one-to-one communication. If I give you my card, it's not unreasonable to assume that you may personally email me. We're not talking about one to one communication, though. We're talking about adding somebody to a list. Permission isn't based on the recipient being "out there." Instead, a big part of permission is actually based on doing the right thing to ensure that your recipients don't complain in significant numbers to cause deliverability issues.

If your marketing strategy relies on the recipient having to take the "right action" (in your opinion), your marketing efforts are going to backfire someday. You, like so many others, talk about how you send people a message and they can unsubscribe, if they want to. I can't stress enough what a failure that is. What if your recipients report your mail as spam? You have no control over that, and what you're doing is making an assumption, and crossing your fingers, that they'll choose to unsubscribe, instead of reporting your mail.

It's a very common mistake-making an assumption and substituting that for permission, and telling recipients they can unsubscribe if they don't like it. The big ISPs are perfectly happy to relegate this mail to the bulk folder or block it outright. Why? Because assumptions lead to higher spam complaints and higher spam complaints lead to deliverability issues.

Keep in mind that I didn't just make this up; every day, I see somebody get blocked over this kind of miscalculation. It's a practical concern for successful email delivery. What to get the mail delivered? Don't make assumptions. Sure, not everybody has it blow up in their face every time. The cops don't always catch every criminal in the offline world, either.

"Just hit delete!" is what our inarticulate friend Joe wants us to do. Joe's clearly upset that people can do things without taking his wishes into consideration. It's something that happens millions of times a day, every time somebody hits the "this is spam" button at Yahoo, AOL, Hotmail, Gmail or any of the other ISPs that support this functionality.

Joe can be angry about it if he wants, but anger doesn't get email delivered. Making sure you don't give recipients something to complain about is what gets mail delivered.

What's a better way to do it? You've received a business card, and you want to turn that into a newsletter subscriber. Akira Morita has a great suggestion: "[Forward] a published newsletter (with a personal message inviting the receiver to subscribe) would be an okay way to get around not having a explicit permission. Of course, you want to make sure it's relevant to the receiver first, but this way, they don't have to actually opt out from anything if they don't want any more emails from you."

I like it! Why? No assumptions made. Want to keep receiving emails? Feel free to opt-in. The net result is a list that is more responsive, because it's comprised only of recipients who want your mail, not a mix of those people and people whom you've made assumptions about.

Verizon "Wireless"?

Thursday, July 2, 2009 by Al Iverson

Here's a topic that comes up quite a bit: What constitutes a wireless domain?

As instructed by the FTC and per CAN-SPAM, the US federal anti-spam law, the FCC publishes a list of wireless domains. Your ability to send commercial mail to those domains is restricted; the legal requirements reference digital signatures; require a higher standard of affirmative consent (compared to CAN-SPAM). The intent is that "wireless domains", meaning devices like pagers and cell phones, should be spared certain types of messaging sans explicit consent.

This whole thing strikes me as odd. If the US standard were simply explicit consent across the board, there wouldn't have to be any weird exceptions or tighter rules only for certain email domains. But, I digress.

Ask yourself the following: What if a domain ends up on the FCC wireless list when it's not really a wireless domain? Is there anything to be done about that? Not really, unfortunately. The domain owners (typically telcos and ISPs) submit their domains to the FCC for inclusion in this list. Whether or not something qualifies for inclusion is something for the ISP and the FCC to work out; an ESP, or an ESP's client, doesn't really have any standing to make a judgment call that a domain is not validly found on the FCC wireless list.

A lot of people ask us about Verizon. "I thought Verizon was filtered," they ask, "but I see that I was able to send mail to somebody at a Verizon domain." Why? Because there are three different, common Verizon domains:

Verizon.net. This is the Verizon consumer ISP. If you have home internet service from Verizon, you probably have a Verizon.net email address. This domain is NOT filtered. It is NOT on the FCC wireless domains list, and as long as you are following normal permission best practices, it's okay for you to send mail to your subscribers at this domain.
Verizonwireless.com. This domain has "wireless" right in the name, but it isn't in the FCC wireless domains list. It used to be listed, but it was removed very recently, within the last couple weeks of June. As this domain has been removed from the FCC wireless domains list, we've removed it from our List Detective filter. How is this domain not a wireless domain? Don't ask me, nobody's ever explained it to me, and it doesn't make sense. But, I don't go by what the domain name is; I have to go by what is in the list or not in the list. (Coincidentally, I used to have a Verizon Wireless USB modem up until a couple of years ago. Back then I called Verizon and asked them if that means I have a verizonwireless.com email address. They told me no, Verizon Wireless users do not receive a mailbox at this domain. So perhaps this domain is corporate mailboxes for the wireless division of Verizon.)
Verizon.com. this domain IS in the FCC wireless list, meaning that sending to this domain is restricted. I think this might actually be Verizon's corporate email domain, and I don't understand why it's on the FCC wireless domains list. Perhaps Verizon will see this note and offer up some details. (I emailed them about this a while back, but received no reply.) But, as I say above, I have to go by what's actually on the list, not what my common sense tells me.

Clear as mud, right? Be sure to check out our FCC Wireless Domains website for more information, and doesn't hesitate to contact the deliverability team if you have any questions.

Mail to Excite.com Addresses Delayed

Wednesday, July 1, 2009 by Al Iverson

Mail to addresses at the excite.com domain is significantly delayed and may not be going through at all, or is going through so very slowly that very little mail will actually be delivered.

From our investigation, I see that this issue does not appear to be specific to ExactTarget. The issue appears to be on the receiving side of things, meaning the issue is with the ISP, not with the sender. I've contacted BlueTie, the outsource mailbox provider that handles inbound mail for Excite, and I'll let everyone know what I hear back.

Nowadays, the relatively percentage of Excite.com addresses on a typical list is pretty small; if you were to query your own lists to find all active Excite.com recipients I suspect the number would be very low (or zero). So, don't fret; this isn't likely to have any significant impact on your ability to send mail.

Morgan Stewart Explains Co-Reg

Wednesday, July 1, 2009 by Al Iverson

I can't believe I missed this the first time around! Back on June 19th, esteemed colleague Morgan Stewart posted an excellent review of how to do co-registration the right way. The key, he says, is clear notice and consent. No tricking or forcing potential recipients to opt-in.

"After this form, guess what happens? I get a thank you page! No trap, no gimmicks. No requirement to register in order to get the thing I really wanted in the first place. (Remember in the Free IQ Test example, I had already invested 20 minutes in taking the test. In order to get my score I was compelled to register for things I was not interest).

[...] Co-registration that makes subscription a requirement to get something. These vendors put your add before delivering the value proposition promised by the site. This is a trap for consumers and it will only deliver you bad email addresses from angry consumers.

Second is co-registration that offers the opportunity to take advantage of additional deals after the main value proposition has already been delivered. True, some consumers may be annoyed by that, but it is still the consumers choice to take advantage of the offer or to say, “No, thanks”. The subscribers you get through this process are much more likely to stay engaged with your program over the long haul."

Read all about it here.

The ExactTarget Blog

Follow Us On...

Recent Entries

Authors

Categories

The Email Delivery Guru