Authors

The Email Delivery Guru

The Email Delivery Guru

The Email Delivery Guru
The latest on email marketing delivery best
practices & trends from our resident guru,
Al Iverson, Director of Privacy & Deliverability.
Comments (1)

Verizon "Wireless"?

Thursday, July 2, 2009 by Al Iverson
Here's a topic that comes up quite a bit: What constitutes a wireless domain?

As instructed by the FTC and per CAN-SPAM, the US federal anti-spam law, the FCC publishes a list of wireless domains. Your ability to send commercial mail to those domains is restricted; the legal requirements reference digital signatures; require a higher standard of affirmative consent (compared to CAN-SPAM). The intent is that "wireless domains", meaning devices like pagers and cell phones, should be spared certain types of messaging sans explicit consent.

This whole thing strikes me as odd. If the US standard were simply explicit consent across the board, there wouldn't have to be any weird exceptions or tighter rules only for certain email domains. But, I digress.

Ask yourself the following: What if a domain ends up on the FCC wireless list when it's not really a wireless domain? Is there anything to be done about that? Not really, unfortunately. The domain owners (typically telcos and ISPs) submit their domains to the FCC for inclusion in this list. Whether or not something qualifies for inclusion is something for the ISP and the FCC to work out; an ESP, or an ESP's client, doesn't really have any standing to make a judgment call that a domain is not validly found on the FCC wireless list.

A lot of people ask us about Verizon. "I thought Verizon was filtered," they ask, "but I see that I was able to send mail to somebody at a Verizon domain." Why? Because there are three different, common Verizon domains:
  1. Verizon.net. This is the Verizon consumer ISP. If you have home internet service from Verizon, you probably have a Verizon.net email address. This domain is NOT filtered. It is NOT on the FCC wireless domains list, and as long as you are following normal permission best practices, it's okay for you to send mail to your subscribers at this domain.
  2. Verizonwireless.com. This domain has "wireless" right in the name, but it isn't in the FCC wireless domains list. It used to be listed, but it was removed very recently, within the last couple weeks of June. As this domain has been removed from the FCC wireless domains list, we've removed it from our List Detective filter. How is this domain not a wireless domain? Don't ask me, nobody's ever explained it to me, and it doesn't make sense. But, I don't go by what the domain name is; I have to go by what is in the list or not in the list. (Coincidentally, I used to have a Verizon Wireless USB modem up until a couple of years ago. Back then I called Verizon and asked them if that means I have a verizonwireless.com email address. They told me no, Verizon Wireless users do not receive a mailbox at this domain. So perhaps this domain is corporate mailboxes for the wireless division of Verizon.)
  3. Verizon.com. this domain IS in the FCC wireless list, meaning that sending to this domain is restricted. I think this might actually be Verizon's corporate email domain, and I don't understand why it's on the FCC wireless domains list. Perhaps Verizon will see this note and offer up some details. (I emailed them about this a while back, but received no reply.) But, as I say above, I have to go by what's actually on the list, not what my common sense tells me.

Clear as mud, right? Be sure to check out our FCC Wireless Domains website for more information, and doesn't hesitate to contact the deliverability team if you have any questions.
Comments (0)

Mail to Excite.com Adresses Delayed

Wednesday, July 1, 2009 by Al Iverson
Mail to addresses at the excite.com domain is significantly delayed and may not be going through at all, or is going through so very slowly that very little mail will actually be delivered.

From our investigation, I see that this issue does not appear to be specific to ExactTarget. The issue appears to be on the receiving side of things, meaning the issue is with the ISP, not with the sender. I've contacted BlueTie, the outsource mailbox provider that handles inbound mail for Excite, and I'll let everyone know what I hear back.

Nowadays, the relatively percentage of Excite.com addresses on a typical list is pretty small; if you were to query your own lists to find all active Excite.com recipients I suspect the number would be very low (or zero). So, don't fret; this isn't likely to have any significant impact on your ability to send mail.

Comments (0)

Morgan Stewart Explains Co-Reg

Wednesday, July 1, 2009 by Al Iverson
I can't believe I missed this the first time around! Back on June 19th, esteemed colleague Morgan Stewart posted an excellent review of how to do co-registration the right way. The key, he says, is clear notice and consent. No tricking or forcing potential recipients to opt-in.

"After this form, guess what happens? I get a thank you page! No trap, no gimmicks. No requirement to register in order to get the thing I really wanted in the first place. (Remember in the Free IQ Test example, I had already invested 20 minutes in taking the test. In order to get my score I was compelled to register for things I was not interest).




[...] Co-registration that makes subscription a requirement to get something. These vendors put your add before delivering the value proposition promised by the site. This is a trap for consumers and it will only deliver you bad email addresses from angry consumers.

Second is co-registration that offers the opportunity to take advantage of additional deals after the main value proposition has already been delivered. True, some consumers may be annoyed by that, but it is still the consumers choice to take advantage of the offer or to say, “No, thanks”. The subscribers you get through this process are much more likely to stay engaged with your program over the long haul."

Read all about it here.

Comments (0)

Spamhaus Listings vs. Asteroid Strikes

Tuesday, June 30, 2009 by Al Iverson
Today I was talking to a client about our various blacklist-related alerts, the different blacklists we monitor, the ones we work with, and how the process works when a blacklist issue is observed. Our process varies from the advisory (only), to consultative, to full on, full stop, policy enforcement suspension until the problem is found and fixed.

In particular, the issue of a Spamhaus blacklisting was something we talked about for a good long time. The prospective client was concerned that we would "shut down their business" in the case of a Spamhaus blacklisting.

I can understand the concern, but truth be told, we certainly would NOT "shut down" a company's business in the case of a Spamhaus (SBL) listing. What we actually would do is work with you to immediately and temporarily suspend mailings until the issue is resolved to everyone's satisfaction - yours, ours, and Spamhaus's.

Spamhaus is run by humans, so it stands to reason that occasionally a Spamhaus listing could be in error. However, an SBL listing typically indicates some really bad problem that needs to be immediately addressed. To continue to send mail in light of that just doesn't make sense.

Consider that probably somewhere around 40% (or maybe even more) of your mail is going to be blocked if you have an SBL listing; they're used at Yahoo and other large ISPs. Also, if Spamhaus is correct, the issue found strongly suggests that ExactTarget's own anti-spam policy and opt-in permission requirements are not being followed. The only way that suspension is going to become permanent is if you're sending spam, and if you're not willing to do what it takes to stop sending spam.

That's why the best thing to do is pause, investigate and resolve the issue. If you keep sending you're going to have exceedingly poor deliverability, very high bounce rates, and you risk angering Spamhaus, who really does have a set of keys governing your ability to get to the inbox. We also have our own reputation to protect -- if we ignore the listing, they could choose to list ExactTarget, hugely damaging our own reputation, and negatively impacting other clients' ability to send mail.

Don't assume this is a common occurrence. It has happened probably three times in the past year, and I don't even think any of those were in 2009. If you truly follow permission best practices, you're more likely to get hit in the face with an asteroid, or struck by lightning, than you are likely to find yourself blacklisted by Spamhaus.

Also, don't assume that some other ESP isn't going to handle this the same way. Unfortunately, a couple of years ago, a client tried to move their mailings to a new ESP after being temporarily suspended by us. This resulted in Spamhaus blacklisting the new ESP, and the client was suspended by the new ESP immediately. Spamhaus has enough reach and power, that if they decide you're not getting that mail delivered, it's not going to get delivered.

If you search the web you'll find a number of complaints from individuals and companies who are upset that Spamhaus was mean to them due to their blacklisting policies or impolite to them in communication. I've found the vast majority of these complaints to be misleading or inaccurate. There's a reason that Spamhaus can make so much of your mail bounce: Because they are so well trusted by so many ISPs, and they've clearly earned that trust throughout their many years of existence.

Comments (0)

B2B Deliverability: Different?

Tuesday, June 30, 2009 by Al Iverson
I helped one of our sales folks out on a call today, and the topic was the world of B2B Deliverability. "We're entirely B2B," the prospective client informed me, meaning that deliverability to individuals at various companies is their primary concern, not deliverability to the top B2C (consumer) ISPs and webmail providers.

Truth be told, Yahoo, Google, and Microsoft host a ton of inbound email for many thousands of B2B companies. Yahoo, Hotmail and Google host mail for more than 264,000 domains. A big chunk of those are small-to-medium sized companies who have outsourced their email handling to one of these mailbox providers. And they pretty much have the same spam filtering systems on the B2B side as on the B2C side.

On the spam filtering hosted service or appliance side, you've got companies like Postini, Barracuda, MessageLabs, Cloudmark, Frontbridge (Microsoft), Brightmail and many others. Probably Postini has the broadest reach, though it's not always easy to tell from the outside how big any of these providers really are. They probably all claim to host a bajillion mailboxes, but what really matters is, what percentage of subscribers on *your* list are hosted behind these various filters. That's the kind of thing we can tell with our domain intelligence data, helping you to understand that if you have a delivery issue at a Postini, it's likely to impact X% of your list.

After you figure out what the top domains and spam filters are (relative to your own lists), it's a simple matter for us to set up specific monitoring for those domains, or even just for any domain with over Y recipients and a Z% block rate.

That's about the only difference between B2C deliverability and B2B deliverability, what domains you look at when you're doing deliverability testing and whom you contact when an issue is revealed. Lots of people I talk to don't realize this - they don't know that 1500 domains on their list are all hosted by Postini or are behind a Barracuda filter. When you dig into it, you find that same commonality of hosting on your list that you find for B2C senders.

And the B2B filterers work pretty much the same way the B2C filters work. That means your sending reputation (and ability to deliver mail through these filters) is governed primarily by complaints and bounces. The usual things that, when they spike, indicate issues with permission.

Just like I talked about in regard to Yahoo, your deliverability is not governed by us having "a relationship" with an anti-spam filtering vendor. We do maintain good relationships with quite a few vendors and I talk to many of them fairly frequently. Helping them test things, discussing the bigger picture of how to improve permission practices, showing them how ESPs prevent and react to spam issues, answering questions about our client practices, etc. But it is important to remember that it is exceedingly rare that we would ever have the ability to call one of these guys and "tell them that your mail is good" because that's not how the process works.
Comments (0)

Profiles in Email Laws: India

Tuesday, June 30, 2009 by Al Iverson
Over on the Lashback Blog, Carl Birkner summarizes the closest thing to an anti-spam or email privacy related law found in India.

Carl says, "The closest legislation relating to email in India is the newly amended Information Technology Act of 2000. It was previously ammended in 2006, and Indian lawmakers amended the IT Act again in December of 2008. [...] The law addresses the following, summarized by Justice Rajesh Tandon of the Indian Cyber-Regulations Appellate Tribunal:
  • Tampering computer source documents
  • Hacking with Computer system
  • Loss/damage to computer resource/utility
  • Hacking
  • Obscene publication/transmission in electronic form.
  • Failure of compliance/orders of Certifying Authority.
  • Failure to assist in decrypting the information intercepted by Govt. Agency.
  • Un-authorized access/attempt to access to protected computer system.
  • Obtaining license or Digital Signature Certificate by misrepresentation/suppression of fact.
  • Publishing false Digital Signature Certificate.
  • Fraud Digital Signature Certificate.
  • Breach of confidentiality/privacy."

Read all about it here.
Comments (0)

Canadian Spam Law Update

Tuesday, June 30, 2009 by Al Iverson
It's hard to pull together full, final information and guidance on Canada's upcoming spam law, as it sounds like there's still a chance that there could be some differences between the proposed bill and the final law. Bill C-27, the Electronic Commerce Protection Act, was introduced in April, and all signs point toward the bill eventually becoming law.

Stay tuned, as we'll be sure to share more information, and guidance, as we learn more and the bill is finalized.

Comments (0)

Chip House on the Tipping Point

Tuesday, June 30, 2009 by Al Iverson
Over on his "House of Email Marketing" blog, Chip House talks about the Tipping Point Between Inbox and Spambox. He raises some good points: Email is a stable technology, but reputation and filtering is ever-evolving. The fact that you got to the inbox five years ago does not mean you will get to the inbox today. Receiving systems are smarter, so senders have to be smarter, too.

Comments (0)

International Legal Compliance: Don’t Spam

Monday, June 29, 2009 by Al Iverson
I'm not a lawyer, and this isn't legal advice.

I get a lot of questions about spam laws both domestic and international. I study various email, privacy, and spam-related laws out there, so I tend to be the one that people ask first when they have a question. All fine and good, I'm happy to share what I've read. But I'm not a substitute for the real thing; ultimately, anyone with legal questions needs to consult with an attorney qualified in the area of concern.

A lot of my advice boils down to "don't spam," and that's for a reason. If your processes are truly opt-in, you're not spamming, and you're not likely to run afoul of any relevant email permission-related regulations. "Don't spam" works well as an answer to almost any spam law-related question.

Here's a few examples:

What does CAN-SPAM mean to me?
It means you shouldn't spam. Spam may be legal, but it also allows ISPs to block it, and all competent ISPs block as much spam as they possibly can. Your mail is not likely to deliver well if it's spam.

What does the new Canadian spam law mean to me?
It's hard to say exactly, because the current version under consideration has not passed yet, and may not be the final version. But, whatever comes, "don't spam" is likely to be the right advice. If you send mail only to recipients who ask for it, I would be surprised if you were not in compliance with the new Canadian law.

How will the new Dutch B2B email restrictions affect me?
As long as you don't spam, they won't affect you negatively. My understanding of the new requirements is that they close a loophole that allowed treating B2B addresses different than B2C addresses. It was already against the law to send unsolicited commercial messages to B2C addresses. Now, any mailings to B2B addresses must also be sent only to recipients who have opted-in.

Keep in mind that no such distinction between B2B and B2C ever existed in ExactTarget's policies. Whether you are mailing consumers or businesses, your recipient lists may only be comprised of email addresses where the owner of that address has specifically told you that they wish to receive email from you.

Comments (0)

More on CAN-SPAM and Whitepapers

Friday, June 26, 2009 by Al Iverson
Yesterday I touched on the topic of CAN-SPAM and recommended reviewing one of our whitepapers, the one all about reputation.

We also do have a whitepaper on CAN-SPAM compliance, what you need to do to make sure you're covered, and also, why it has onlythe most modest relationship to your ability to get mail delivered successfully.

CAN-SPAM is mostly old news by now, but the FTC did provided updated guidance on bits of the legislation back in May 2008. Those updates are indeed covered in the whitepaper.
Comments (1)

CAN-SPAM and Bad Advice

Thursday, June 25, 2009 by Al Iverson
Be careful where you get your legal advice from. As Spamtacular reports, the Attorney General for the state of South Carolina isn't quite up to speed on CAN-SPAM, inaccurately reporting that it enables private right of action. Oops.

Some of the worst legal theories I've heard on the topic of CAN-SPAM are those spouted by the permission challenged. "What I'm doing is OK! This is perfectly legal! ISPs have to accept this mail!" This adds up to a whole big old ball of incorrectness. Sure, it's legal (repeat after me: SPAM IS LEGAL IN THE US). But it's very, very stupid, and ISPs block it whenever they can (repeat after me: IT'S PERFECTLY LEGAL FOR ISPS TO BLOCK YOUR PERFECTLY LEGAL SPAM).

Stop telling people that you are CAN-SPAM compliant. Instead, ask yourself:
  • How do people end up on my email list? Am I asking for permission, or just assuming?
  • Do I provide significant disclosure and notice at the time of signup, what mail they'll be getting and when?
  • What's my plan for subscriber lifecycle management? At what point am I going to drop people off the list when they're not responding?

If people are blocking your mail, even if it's CAN-SPAM compliant, that's where to start. Where do you go from here? Ask your ExactTarget contact for a copy of our Reputation Equation whitepaper, which goes into detail about what things govern your online reputation (and by extension, your ability to get mail delivered).
Comments (0)

Yet Another Yahoo Update

Wednesday, June 24, 2009 by Al Iverson
Back on June 18th, one single client had one single send affected by the Yahoo Spamhaus bounce issue. We contacted Yahoo, and helped them trace it back to a specific server in a specific server cluster that hadn't been fully patched. 

That's the only instance of it since our last "all clear" notice. So, I think it is safe to say that the Yahoo issues seem to be completely behind us. You keep your fingers crossed, and we'll keep our eyes on our bounce monitoring.


Comments (0)

Spamblocked at Yahoo?

Wednesday, June 24, 2009 by Al Iverson
Once in a while, a client will run into an issue where a send has a high number of bounces at Yahoo. Investigation of the issue reveals that the bounces are due to spam complaints: "smtp;421 4.7.0 [TS01] Messages from 1.2.3.4 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html"

"Help!" A client will ask. "Tell Yahoo I'm not a bad guy! Can you get them on the phone and explain to them that we're good guys?"

Sure, I can call them and tell them you're a good guy. They'll believe me, too. The people I talk to at Yahoo are always polite, affable and easy to deal with.

HOWEVER, THIS WON'T GET YOU UNBLOCKED.

Yahoo (like all the other big and smart ISPs) doesn't block your mail because you're a bad guy. They don't unblock your mail because you're a good guy.

They block your mail because it gets too many spam complaints.

The fix to get Yahoo to stop blocking your mail is to reduce your spam complaints.

Sure, getting you signed up for the Yahoo Feedback Loop will help. But it's not a 100% fix-it helps give you insight into who is complaining, but it alone doesn't stop people from complaining about your mail. What you really need to do is examine your opt-in practices. Fix issues with them that are resulting in people receiving unwanted and unexpected mail. Clean up your legacy lists by way of re-engagement. Dump people who aren't ever opening or clicking on any links in your email messages.

This is all necessary stuff to prevent Yahoo blocks (and resolve them when they pop-up). My relationship with various individuals at Yahoo really has nothing to do with it.

Comments (0)

You Need DomainKeys!

Monday, June 22, 2009 by Al Iverson
If you're a B2C (consumer) sender of any size, you really need to be signing your email with DomainKeys.

Why? Because signing your mail with DomainKeys means you'll be able to participate in Yahoo's feedback loop. This will give you valuable insight into what Yahoo users think about your mail, and it enables you to unsubscribe people who complain.

How? Sender Authentication Package. We do all the heavy lifting for you, setting up everything that needs to be set up to sign your mail with DomainKeys, DKIM, Sender ID, and SPF.

Note that if you're using Sender Authentication Package, you need to use a from address that uses the domain we're hosting for you. If that is yourdomain-email.com, then your from address needs to be something@yourdomain-email.com. If you don't do that, then DomainKeys will not work, and you will not receive Yahoo spam complaint information.

Comments (1)

Who are you? Do I know you?

Saturday, June 20, 2009 by Al Iverson
Who is Avner Ronen and why does he want me to vote for my favorite apps?

I came THIS CLOSE to hitting the report spam button on his email.
Thankfully, I decided to read the entire email message before moving forward. (Consider that most people don't do that; they make their "report spam" determination solely off of the from address and/or subject line.)

When I looked at the rest of the message, it suddenly made sense. This is actually an email from Boxee. Boxee is a freeware media center application that I downloaded a few months ago. I guess Avner Ronen is one of their developers or something. But I really don't know anything about him. I have no connection to him, no recollection of him. I signed up to receive emails from Boxee, not from Avner Ronen.

What Boxee's doing here is perfectly legal, but it doesn't make a lot of sense to me. If you send emails in a way that confuses recipients; makes them not recognize that they signed up for that email; you're going to have higher spam complaints, and that's going to lead to delivery issues.

In some cases it might make sense to send emails with a person's from address, instead of the brand's from address. But whether or not that makes sense depends on the relationship between the sender and recipients. If it's the brand that people know,  and not the individual, then it seems to me that you're missing out on something if you're not using the brand in the from address.

(Nothing against Avner or Boxee. I like Boxee a lot, it's pretty cool. I just wish they'd send their emails in a way equivalent to "on letterhead" so I don't get confused.)

Comments (1)

Dead domain: alltel.net

Friday, June 19, 2009 by Al Iverson
As of May 15th, 2009, the email domain alltel.net has been retired. According to this notice, all users have been transitioned over to windstream.net. We'll be adding alltel.net to the ET system's list of invalid domains shortly. If you have any questions, please feel free to contact the ET deliverability team at deliverability@exacttarget.com.

Comments (0)

How to track opt-ins?

Friday, June 19, 2009 by Al Iverson
A client wrote me in response to a previous blog post on spam complaints, asking about the best way to track how people opt-in. That's a good, but complicated question. It might be too detailed for a blog post, but here are my thoughts on the topic. (Feel free to contact me if you have any specific questions.)

If you're using an online method of list signup, track all the variables you request from the person. Name, address, phone number, whatever. Also, make sure you track the IP address they signed up from. If you're really technology savvy, track browser information (Firefox on Linux, for example). All of this data will help prove to ExactTarget that the person opted-in, if there is ever a spam complaint issue.

If recipients opt-in to your mailings when ordering a product or service from you, the transaction details are important. Obviously we're not going to ask you to provide the person's credit card number, but the rest of the details (what was ordered and when, with details) helps to make the case. I used to work for an e-commerce service provider, and that data was always excellent protection against spam allegations.

If the signup method is an offline signup method like a paper form, record all that information obtained via the paper form. I'd recommend recording it in something like an Excel file or Access database. On the (unlikely) chance somebody would ever sue you for spam, you probably should keep those paper forms, too. Make sure you record the date that the form was filled out.

You don't have to actually upload all of this extra information into ExactTarget. It can amount to a lot of data, and if you're not actually using it for segmentation or personalization, I wouldn't bother. The important thing is that you keep this data somewhere that you can access, in the event that we contact you about a spam complaint. Keep it in an Excel file, an Access database, text file, your CRM system, or some place similar.

Keep in mind that we're going to ask you for this info only in unique situations. We're not asking you to pull this information and send it to us for every single spam complaint received back from an ISP, for example. We have a process wherein specific complaints are escalated when the potential for a broader spam issue is observed, and that's when we're going to reach out.

And thank you everyone who has helped us resolve a spam complaint issue by providing this information upon request. As I've mentioned before, there's a direct tie between resolving these issues and getting your mail delivered. I'm very appreciative of how helpful our clients are in working with us to ensure their deliverability isn't negatively impacted by a spam issue.
Comments (0)

Dutch to Implement new anti-spam ban

Thursday, June 18, 2009 by Al Iverson
Radio Nederland Wereldomroep reports, "The economic affairs ministry says all spam e-mails will be against the law in the Netherlands from October. It was already illegal to send spam e-mails to private individuals but the ban will be extended to cover companies as well." Read more about it here.

I've been looking for more information on the updated guidelines and will be sure to share whatever I find. In the mean time, keep in mind that if you are careful not to send spam, and you email people ONLY who have directly consented to receive that email, you're probably already in compliance with any new or updated regulations.

Comments (0)

More on Link Wrapping

Thursday, June 18, 2009 by Al Iverson
Way back in March, I talked about how you have to be careful when using click tracking or URL wrapping. If you're not careful, I explained, you can end up with your mail being caught in anti-phishing filters.

Valued client Joshua Fruchter posted a really good question in the comments section. He writes: "Hmmm...doesn't this mean that the mechanism used to track clickthroughs may signal "phishing" - that is, all the links in an email are wrapped in a redirect URL (e.g., http://cl.exct.net....), but then you end up at a different destination. Can you maybe reassure me (others) why the URL for clickthrough tracking doesn't present an issue?"

My apologies for the delay in response on this, Josh. It's been on my "follow up blog post" to-do list for ages.

Anyway, your question is a very good one, and you're definitely not the first person to ask about this. Allow me to take a moment to clarify exactly what I think you need to watch out for.

What I'm referring to is links where you write out the website URL in plain text. Like this: Visit my website at www.yahoo.com. THAT, when used with click tracking/URL wrapping, increases that risk that your message will be perceived as a phish.

INSTEAD, link to your website like this instead: Click here to visit my website.

How you word it doesn't matter as much as making sure you don't write out your website domain. That way there won't be any opportunity for conflict - there won't be any issue where there's a domain in the text that doesn't match the domain you're actually linking to.

Comments (0)