The Email Delivery Guru

The Email Delivery Guru
The latest on email marketing delivery best
practices & trends from our resident guru,
Al Iverson, Director of Privacy & Deliverability.

Maine AG: State email lists are public data

Thursday, February 4, 2010 by Al Iverson

As mentioned on MediaPost's Email Insider and elsewhere, the Maine Attorney General's office recently ruled that email addresses of people who contacted various state departments are fair game, that they must be supplied to anybody who submits an inquiry via Maine's Freedom of Access Act.

This means that any sort of advocacy group can petition the state government to provide a list of all the email addresses of people who contacted them on a given topic; and then they would be able to spam those people, to further the advocacy group's goals. BAD NEWS.

Spamhaus blogged about this; click here to read their take on why this is a bad idea. We couldn't agree more with Spamhaus's take on this issue. For our part, we sent a letter to the Maine legislature, looking to explain why we prohibit third-party lists-- any list compiled via this method would clearly NOT be a permission-based email list and we'd clamp down hard on anybody who tried to use a list like that via ExactTarget.

As Morgan Stewart and I explained in our letter, "Allowing advocacy or other groups to obtain email addresses from the Maine state government via a Freedom of Access request allows these groups to build spam lists that will cause harm to internet service providers and end consumers. The owners of those email addresses did not consent to have their email addresses shared with third parties or added to other email lists. Further, recipients of such emails will have to take an affirmative step to unsubscribe from those lists, which adds to the burden of those recipients.

"There is no known legitimate use for email address data in this context other than to compile a non-permission email list and send spam to it. Whether or not the topic of the spam is related to advocacy of something under Maine law is irrelevant; spam is still spam. It is our opinion that there are ample alternate methodologies under which advocacy or other groups may identify and contact Maine residents, without resorting to the most unwanted of email scourges; spam. Please don't enable the sending of spam to Maine residents by allowing their email addresses to be obtained from government agencies."

How about it, dear readers? When you contact somebody in government to provide feedback on an issue or apply for some sort of permit, do you think it's fair that groups can query the government for your email address and be able to add you to a list? And if you're an email marketer, do you really think this is a winning email strategy? Blasting people who didn't sign up for your emails? I sure don't.

Goodmail Changes at Yahoo

Friday, January 29, 2010 by Al Iverson

Goodmail has just informed us that as of Monday, February 1st, how Yahoo will handle Goodmail CertifiedEmail messages delivered to Yahoo recipients will changes. Previously, Goodmail-certified messages were guaranteed inbox delivery with images and links enabled. Goodmail-certified messages will continue to be delivered, but inbox vs bulk folder delivery may vary based on unknown factors. I assume that the reputation of the sender is the primary factor there, but that is a guess on my part.

Goodmail has indicated to us that they are in discussions with Yahoo regarding the future of CertifiedEmail messages as it relates to delivery and disposition of those messages into Yahoo mailboxes.

Goodmail is currently notifying all CertifiedEmail-using clients of this change and has indicated that they will notify of any future changes.

As we learn more, we'll be sure to keep you updated.

Goodmail Goes Live With Verizon.net

Friday, January 22, 2010 by Al Iverson

Last week, Goodmail added verizon.net to its list of ISPs that support delivery of Goodmail CertifiedEmail messages. We're in the process of updating our local configuration to add support for this new domain, and it will be live on our end shortly. This grows the list of US mailbox providers supporting Goodmail to seven: AOL, Yahoo, Comcast, Cox, Mail.com, MySpace and Verizon.

How do I reactivate an address?

Thursday, January 7, 2010 by Al Iverson

Way back in late 2007, I mentioned a change at Earthlink regarding bouncing addresses and how they measure subscriber inactivity. Like a lot of other ISPs nowadays, they shut off mailboxes after a period of inactivity. In this case, 90 days.

This week, a commenter asked, “How do you reactivate an account?”

If you're an Earthlink user, and you're wondering how to re-activate your mailbox, I'm not sure. I assume you would just log into it like normal, and that would re-enable it. But, I'm not 100% sure about that; you should contact Earthlink support for assistance.

If you mean that you're a list manager and you're wondering how you re-enable that address so that you can send mail to it again … you cannot. This isn't a situation you can impact. Whether or not this subscriber's address becomes valid again is up to the ISP and/or up to the end user. (See my note above to any end user wondering about this.) The chances of an address re-activating is probably pretty slim; if somebody hasn't checked their email in months, they've probably moved on to greener pastures (i.e., they've changed email addresses).

What you can do is decide if you want to keep emailing those people. It's going to be a lot better for your sending reputation if you stop mailing users whose addresses are no longer valid. The ET system handles this automatically.

It's a bit similar to engagement, in that, if your contact or campaign strategy involves weeding out recipients who are no longer responsive to your mailings, then you're already way ahead of the game. Weeding people out of your list who never read your emails (and whose addresses are invalid) means you're much more likely to enjoy successful inbox delivery.

See You at Sherpa!

Wednesday, January 6, 2010 by Al Iverson

I'll be participating in a B2C deliverability panel at MarketingSherpa's Email Summit in Miami later this month. I always learn something valuable at a MarketingSherpa conference, and it's very easy to oblige their request to participate when it allows me to listen and learn from all of the other smart minds on display. I hope to see you there! For more information on the summit, check out this note from our own Joel Book (including a discount available through 1/8) and here's the official site.

SpamAssassin Bug

Monday, January 4, 2010 by Al Iverson

If you're a user of our Reputation Reporting, and you've run a report within the past few days, you may have noticed a SpamAssassin rule showing up, "FH_DATE_PAST_20XX." The rule attempts to catch spam that is dated far in the future. Unfortunately, because of a bug in this SpamAssassin rule, 2010 is considered to be far in the future.

The net result is that as of January 1st, a whole bunch of legitimate mail was much more likely to be tagged as spam by SpamAssassin users all around the world. Oooops.

We've updated the Reputation Reporting's copy of SpamAssassin to address the bug, and any tests run from this point forward should will not have this rule trigger undeservedly.

If you have any questions, please feel free to reach out to the ExactTarget Deliverability team and we'll be happy to assist. You can reach us at deliverability AT exacttarget.com.

Canadian Anti-Spam Bill Dies (for now)

Monday, January 4, 2010 by Al Iverson

Canadian Internet law blogger and expert Michael Geist writes: "Reports this morning indicate that the government plans to prorogue Parliament, effectively shutting it down until March. [...] All bills that have not received royal assent die and must be restarted from the beginning when a new Parliament begins." This includes bill C-27 covering anti-spam and electronic commerce. "While the government can try to move bills with broad support quickly back through the process [...], the delays are significant."

That's all for now folks. We'll see what develops in 2010.

Domains by Proxy: A good idea?

Monday, December 28, 2009 by Al Iverson

Is it a good idea to mask ownership of your domain?

Services like Domains by Proxy allow you to mask (hide) the true owner of a domain name. In my opinion, the legitimate business case for doing so is questionable. Wikipedia suggests that it's a good way to block “unsolicited contacts from third parties.” I don't think that's true-- I think a legitimate business is going to have contact info on their website, making it possible to contact them with postal advertising or regarding legal issues, regardless of uses of a domain masking service. And if you're worried about spam, use a unique email address that is well spam filtered, and isn't your primary email address.

I guess if you're a one man shop, working from home, and you register a domain for your business, maybe you're concerned about people knowing your home address. But domain masking isn't the only method of addressing this. The UPS Store (and the USPS) runs a brisk business in PO boxes and/or PMB postal addresses for exactly this kind of use.

And what's the down side to using a domain masking service?

You look like a spammer. Wow, really? Yes, really. It's that simple. A lot of the people that use these services seem to be spammers. I don't have data on this; only anecdotes. But I can tell you that, unfortunately, that based on my personal experience, there is a strong correlation between “likely to send unwanted or unsolicited mail” and “who owns their domain is hidden behind Domains by Proxy.” Sad, but true. Thank spammers for ruining another part of the internet for the rest of us.

Why do spammers do this? Lots of spammers register large numbers of domains. From dozens to hundreds (or even more). If they made their ownership of these domains publicly, easily found via the internet's WHOIS databases, anti-spam groups like Spamhaus would be able to track them much easier. It's not much of a deterrent, but it's enough of one to be very common in spammer circles.

And there might be legal risk as well. Read about this 9th Circuit opinion in USA v. Kilbride, (9th Cir., 2009) as reported by Mickey Chandler over on Spamtacular. The court found that use of a service that masks who owns a domain (like, in my opinion, Domains by Proxy) counts as material falsification under the US Federal anti-spam law, CAN-SPAM.

The jury is out on whether or not this is likely to be used against other bad actors in the email space, but why risk it? If you're a legitimate business, show the world that you are one by having your domain registration accurately reflect that you own every domain you use.

Big Players in B2B Deliverability

Monday, December 28, 2009 by Al Iverson

A client was asking the other day about B2B deliverability, how it differs from B2C, who the big players are, etc.

This isn't the first time the topic of deliverability in the B2B (business-to-business) email realm. Back in June, I answer the question, "Is B2B Deliverability Different?" In a more recent blog post, I link to information from Google about how they've become a very large host of B2B mailboxes.

Clearly, Google is a big player in this space. Meaning, a lot of the B2B mailboxes you send to are going through spam filters run by Google; just as if your recipients were at Gmail.com. What that means to you is that the same rules apply to sends to both those Gmail.com users and any B2B domains hosted at Google.

As I mentioned before, Yahoo, Hotmail and Google host mail for more than 264,000 domains, Google making up approximately 106,000 of those domains. (All three of these guys probably host mail for very many more domains than this; this is just a snapshot based off of last year's client list data. Meaning, if a domain doesn't show up on an email list, I don't know about it.)

That means you've got a huge chunk of the B2B email space hosted by top consumer webmail providers. Meaning that the B2C rules significantly apply to B2B senders, by the fact that the same spam filters are involved.

In the more specific B2B realm, there are too many players to list. Postini, Cloudmark, Barracuda, Ironport, Symantec Brightmail and MessageLabs are just a few of them. There are hundreds, maybe thousands more.

The way these filterers work is very similar to how B2C ISP spam filters work. They build a reputational view of you based on spam complaints, engagement, bounce rates, etc. They're a bit more invisible to some senders, as it's not always easy for you to know exactly what % of your mailing list might be behind a Brightmail filter, for example. But they still matter, very much so. In this combination of hosted service providers and appliance developers, getting tagged as a bad guy means you end up with delivery problems far and wide.

If you end up with a bad reputation as measured by Barracuda, and your mail is going to be blocked or filtered at the more than 85,000 customers that use Barracuda spam-filtering devices.

If Cloudmark determines the mail you send merits a bad reputation, you'll probably find it hard to successfully get to the inbox at any mailbox protected by any of Cloudmark's anti-spam solutions -- that's over 850 million mailboxes in 190 countries!

That's why B2C and B2C are more similar than you might have thought. Filterers handling either type of mail both look at your sending reputation, and treat your mail acordingly. Blocked at any of these providers on either side of things means that you're going to have issues delivering mail to a whole bunch of different mailboxes.

Yahoo Closed the Last Week of the Year

Tuesday, December 22, 2009 by Al Iverson

As reported on the local news in the bay area on Monday night, Yahoo will be closed from December 25th through January 1st.

"Yahoo is shutting down from December 25th to January 1st and if employees are out of vacation time, it will be an unpaid week off.

"Yahoo told their employees this summer, most of the 13,200 employees around the world will be forced to take the time off.

"They are ending the year the way they started it -- trying to cut costs. Yahoo executives laid off about 700 people earlier this year and got rid of some products. Now, the Sunnyvale company is shutting down operations for a week, but this move doesn't shock technology analyst Rob Enderle." -- KGO TV, San Francisco

I'm passing this along as a heads up to ExactTarget clients. Our deliverability services will be around in the week between the two holidays, but keep in mind, we likely will not receive any response from Yahoo on any outstanding issues during this time. Also keep in mind that other ISPs are probably also understaffed due to holiday vacations.

Ending the Spam

Thursday, December 17, 2009 by Al Iverson

A reader named Don posted a comment containing the following question: “I'd really like to end your spam. I do not trust the link on your spam because, just like all the other spam merchants out there, your e-mail appears to be poised to cause more problems than clicking is worth. How do I make you go away and stay out of my in box?”

Don, I'm sorry you're receiving spam from a client of ours. Our clients are only allowed to send mail to people that signed up for their lists. We don't buy or sell email lists, nor do we allow clients to do so. If you want us to investigate, and make the mail stop, feel free to send us a spam report at abuse AT exacttarget.com. Note in your email that the message is unwanted spam and be sure to include a copy of the message, including full headers, if possible. We will immediately investigate, and take action against our client if they are indeed out of compliance with our opt-in permission requirements and anti-spam policy.

Policy compliance (making sure our clients don't send spam) is occasionally a challenge for anybody providing email-related services to a large number of clients. We've got the tools and expertise to be able to nip a lot of these issues in the bud, before you ever see them. But, one of the many components to taking action against spammers is based on reports we receive from the outside world: ISPs, anti-spam groups, and end recipients like yourself.

As far as trusting the link in the email message -- all the unsubscribe link does is mark you as unsubscribed in that client's account. Nothing more, nothing less. It doesn't secretly sign you up for somebody else's email lists. It doesn't give the client permission to email you later (and if they do, they're breaking our rules). However, it doesn't tell us that you thought the message was spam. So if it was spam, feel free to report it to our abuse address, as well, as noted above.

As far as trusting us, the company, ExactTarget, I'm not sure what I can tell you to convince you that we're a legitimate email service provider and not spammers. But here's what I know. ET is a real company, based in Indianapolis (though I work from Chicago), and I've worked for them, helping to oversee and continually improve our anti-spam efforts, for more than three years now. (I have a long history of spam fighting, going back more than ten years.) As you can see here, we have a lot of legitimate, well-known companies as clients. Also, if we knowingly let our clients send spam, ISPs would get fed up with us and block all mail from all of our clients. So that's why it's in our best interest to prevent our clients from sending spam -- it's necessary for us to be able to succeed in the email industry. So it would be extremely unwise of us to do anything other than immediately respect your click on the unsubscribe link, and ensure that our client stops sending you mail.

Political Lists and Confirmed Opt-in

Wednesday, December 16, 2009 by Al Iverson

Here's why political lists should always be double opt-in (confirmed opt-in): To prevent stuff like this.

Blogger Danny Sullivan points out that he has ended up on the email list of a councilmember from a city 400 miles away. What good does that do for the councilmember? Danny's not a constituent; not even a potential constituent.

How did the councilmember obtain his email address? Bought list? Unconfirmed signup process? Hard to say; lots of political senders seem to do a lot of crazy, unethical stuff to build their email lists. They often horse trade list data with others in the same party. And the net effect is that once you end up on one list, your address is going to end up on many more lists.

Reminds me of the good old (bad) days, where my friend Mickey Chandler and I both got signed up for mailings lists relating to political persuasions the opposite of our own. At my last employer, it was a coworker who signed me up for a list because he thought it would be "funny." Then the volume started growing, as the entity that handled the original forged subscription request shared their lists far and wide. I bet that address is still getting political spam to this day, even though I left that company in 2006.

Does Authentication Improve Deliverability?

Tuesday, December 15, 2009 by Al Iverson

There's been a lot of talk about email authentication and related things like domain reputation out in the deliverability blog-o-sphere of late. I'm not linking to anyone in particular, as I don't want to single anyone out, and a lot of people have made a lot of different points, both good and bad.

But if there is one meme that I keep stumbling across, one that I think is (perhaps) technically accurate, but missing the point, it is this: Email authentication doesn't improve your deliverability. That's not what it's for. It doesn't positively impact your ability to deliver mail.

Just for the record, let me point out that email authentication improves deliverability. A couple of rather large ISPs utilize authentication in a way where, directly or indirectly, it improves your sending reputation. Consider:

Hotmail: The 2007 Microsoft Whitepaper "Sender ID Framework: Protecting Brands and Enhancing Detection of Spam, Phishing, and Zero-Day Exploits" explains (among other things) how Hotmail uses Sender ID, one specific type of email authentication. They include a "hypothetical" chart on page 20 showing how Sender ID can add to results from content filtering and other reputation results. The "hypothetical" boils down to, in my opinion, that they don't want to tell you the exact impact any of these measures has on the ability to get mail delivered, but I do believe that this demonstrates that Sender ID is indeed one of the factors used as far as whether or not mail is delivered to the inbox at Hotmail, or if indeed it will be delivered anywhere at all. Hotmail has been known on occasion to discard mail, and also, Hotmail will very clearly decline to assist a sender or email service provider writing in about a delivery issue, if the from domain in use in the problematic sends lacks a Sender ID record.

Consider all of this, and I think you would agree with me: I very strongly believe that authentication has a significant, non-zero impact on the ability to deliver mail to the inbox of Hotmail users. Is it the only measure they use? No, not by a long shot. Does it mean you can send spam, as long as you authenticate? No, and that instance, you can hypothesize (based on the chart on page 20 of the whitepaper) that whatever modest positive reputational boost you may receive from authentication is going to be overwhelmed by the much stronger negative reputational hit you'll take due to other factors, such as high numbers of invalid users, spamtrap hits, and spam complaints. In other words, email authentication + spam = you get blocked.

Yahoo: If you're a list-based sender (like an ESP, ESP client, or self-sender managing your own marketing lists), it is necessary to authenticate your mail with DomainKeys Identified Mail (DKIM) if you wish to participate in the Yahoo Feedback Loop (FBL). Feedback loop participation is important, and does have a significant, if indirect, connection to your sending reputation. Senders who don't participate in an ISP's feedback loop tend to have higher complaints than senders who do, if all other variables are equal. Why? Because if you have an FBL, when somebody complains about your mail, you are told about it. You receive a report back. You're able to unsubscribe the recipient. You're able to compile aggregate data that tells you which list segments are most problematic. Both the ability to unsubscribe those who complain, and the ability to adjust your marketing efforts based on aggregate FBL complaint data, have a positive impact on your ability to deliver email to the inbox successfully.

Maybe that's not why authentication was invented. Maybe that's not even its intended purpose. But as I stand here today, I see a very clear connection between email authentication and improved email deliverability. It's that simple.

Gmail Offering Unsubscribe Functionality

Thursday, December 10, 2009 by Al Iverson

Somebody asked me today if we support Gmail's unsubscribe functionality (yes), so I thought it would be good to mention it here again.

Since this summer (2009), Gmail has offered an option on some email, where, if you click the "this is spam" button, the Gmail system will ask you, "Would you like to unsubscribe?" If you click yes, an unsubscribe request is sent back to the sender. In the case of ET-served emails, yes, ExactTarget handles this unsubscribe request automatically and will unsubscribe that recipient.

For more on Gmail's unsubscribe process, check out this August, 2009 Email Experience Council (EEC) article by my boss, Chip House, and this July, 2009 blog post by Laura Atkins of Word to the Wise.

Note that we can't MAKE the unsubscribe option appear on your email messages in Gmail - Gmail chooses whether or not to make this option available in response to specific email sent and whom it was sent by. It looks to me as though they tie it to sender reputation - meaning, if you're a good, clean sender, this functionality is more likely to appear.

Authenticating based on the Sender Header in an Email

Wednesday, December 9, 2009 by Al Iverson

Did you know: For a while now, ExactTarget has had the ability to add a "sender" header to your email messages, and authenticate off of that header, instead of off of the from address?

There are some scenarios where this might come in handy. For example, if you're serving an email message initiated by a user outside of the system - like, a forward to a friend or other "viral marketing" scenario. You might want the friend's from address to show up in the From: header, but still authenticate the message properly. With use of a "sender" header, everything will authenticate properly.

The only down side is that certain email clients display the sender information in a funky format. You might not like that. This is an issue when sending to recipients at Microsoft-owned webmails (MSN, Hotmail, Windows Live Mail), and users of Microsoft Outlook. When you send a message with a sender header, recipients on those platforms will see the from address show up like this:

From (the sender header) on behalf of (the from address)

So, in a typical client scenario, it could look like this:

From (company@compay-email.com) on behalf of (randomjoeuser@example.com)

That is potentially sub-optimal in some situations, so you'll want to consider this before utilizing the sender header functionality.

If you'd like to enable this functionality in your account, please contact your ExactTarget representative, or our client success team, and they can get you going in the right direction.

(Update: Added Hotmail/MSN/Windows Live. H/T to fellow deliverability guru Greg Kraios, who shared in comments that the from header shows up this way at those properties as well.)

Here Comes the Engagement Train

Thursday, December 3, 2009 by Al Iverson

You'll remember that in my recent blog post, I talked about AOL's EWL (enhanced whitelist) changes and how important engagement is to your sender reputation.

In this article, Ken Magill expands on that and adds in some really good detail about how ISPs now utilize recipient engagement as a metric to determine sender worthiness, and some thoughts on what engagement potentially means in this context. Also in the article, Laura Atkins points out that this is another case of spammers ruining it for the rest of us.

"According to Atkins, some spammers have set up thousands of dummy e-mail accounts, sent e-mail to them, and then hit the 'this is not spam' button to artificially drive their complaint percentages down. 'The spammers really destroyed the metric,' she said."

Over the past few months, I've observed a number of senders learn the hard way that fake "this is not spam clicks" seem to be a fast track to get you 100% permanently blocked at an ISP. It's not a practice that ISPs look kindly upon. (Thankfully, those were not ExactTarget clients...if we found a client doing that, their tenure as a client would likely come to an end.)

Is Dead Really Dead?

Wednesday, December 2, 2009 by Al Iverson

I ran across this blog post on the DMA UK's Email Marketing Blog today. In it, Simone Barratt talks about what you should do about inactive recipients on your list. (Apologies; I've lost track of which other blog linked to this post.) She capably covers a lot of the marketing concerns around inactive subscribers - what constitutes engagement, what to consider when trying to decide whether or not to write off a list segment.

Go back one blog post on that very blog, and author Guy Hanson explains how he was "gob smacked" by the thought that deliverability is a subject that "most companies are just waking up to," and that nobody touched on the topic of sender reputation. Simone, Guy, maybe you should chat. Here's why: Simone's article leaves out a very important consideration: Deliverability, and how mailing to inactive email segments can negatively impede your ability to deliver mail successfully.

My point is, make sure you take deliverability into consideration. Sometimes, the best strategy for dealing with inactive list segments is to jettison them. Yeah, I know, what an anti-list growth point of view. But consider that one of the most recent big changes in deliverability and reputaton metrics is the inclusion of engagement as a reputaton measure by ISPs. Meaning if you have a big old list and very few people ever interact with your emails, you're going to end up with a low sending reputation, and your deliverability will suffer as a result.

Sure, when exactly to define somebody as dead is going to vary, and maybe there are instances in which a different contact strategy or message frequency can save the day. But if hanging on to every single email address on your list forever is likely to cause you problems, it becomes quite the catch 22. It doesn't matter if everybody opted-in to your list; it matters what percentage of recipients show life on the other end of that email message. The hope that someday they might wake up and buy another product for you, in a lot of cases, is going to be overtaken by the disappointment that you can't get messages through to them anymore, because the ISP decided to block or bulk your mail. What's more important? Having the biggest list possible, or having solid inbox deliverability? Sometimes you can't have both.

Quick Update on Candian Bill C-27

Tuesday, December 1, 2009 by Al Iverson

As CAUCE reports, Canadian Bill C-27, the Canadian legislation-in-progress mandating opt-in permission for email marketing, has passed the House of Commons, and now moves on to the Senate.

Data Point: Engagement Affects Whitelisting

Wednesday, November 25, 2009 by Al Iverson

Hot off the press over at AOL's Postmaster Blog, Christine highlights recent changes to AOL's enhanced whitelist. What changed? Engagement. It sounds as though they're now using it as a metric when determining who qualifies for AOL's EWL (enhanced whitelist), the bit of magic that allows your images and links to work automatically in the AOL inbox.

For good guys, I don't know that this is much of a change. Engagement has long mattered at top ISPs, including AOL. Though, it seems to me that perhaps AOL is closing a loophole -- eliminating a method for gaming one of their whitelisting mechanisms. Having a good reputation was already important, but this adds yet another data point into that specific EWL reputation calculation, helping AOL more accurately identify mail that their users care about and want to receive.

It's yet another data point that recipient engagement matters! How people interact with your email messages, and whether or not they interact with your email messages, is more important than ever before.

The ExactTarget Blog

Follow Us On...

Recent Entries

Authors

Categories

The Email Delivery Guru