our resident guru, Al Iverson, Director of Privacy & Deliverability.
AOL's new Postmaster
Blog reveals that the new version of the AOL webmail interface
now blocks
links by default.
Now, when sending to
AOL.com/AIM.com users, your message will have a banner across the top
that says “Enable Links (for this message) | (always for this
sender),” somewhat similar to what Outlook does. Recipients can
choose to enable links for that one message you've sent, or they can
permanently enable links for messages you send them by clicking on
the “always for this sender” link.
On another note: If you happen to
poke around the AOL Postmaster Blog, you'll find this post talking
about how AOL
wants you to minimize your attempts to deliver mail to invalid
recipients. One of the “are you a spammer?” measures that
ISPs use against you, is what percentage of your attempted mail is
undeliverable. If your list is chock full of bounces, it's a sign of
bad list practices. You look like you've bought a list, been sitting
on a list for many years, or otherwise came up with a group of email
addresses that are far out of date and invalid. Good senders don't
have this problem; they mail regularly, only to people who really
signed up to receive mail from them. Good senders also process
bounces properly; invalidating, and ceasing sending to, addresses
that bounce back and aren't deliverable.
AOL doesn't lay out an exact “bounce
threshold” -- they basically say “don't be on the bad end of the
sending spectrum.” It highlights that AOL isn't willing to provide
a bar to allow all senders to slide “just under” as needed;
they're concerned about questionable senders gaming the system.
Instead, they're working based on a process wherein they identify the
spectrum of senders and their associated statistics. They then stack
rank senders, and take those on the lower end of the ranking (the
poorest senders) and those are the ones they're likely to take action
against.
Working this way suggests to me
that their hope is to significantly raise the quality of mail their
users receive over time.
I've heard the occasional bit of grumbling here and there from various senders and other ESPs about how it's not fair and AOL should simply publish an exact threshold and make it clear what the rule is. I don't blame AOL for addressing it the way they are. I know that ISPs are deluged with mail from “edge case” senders trying to do just enough to get by under the radar and get their mail delivered, without a true commitment to permission. I certainly can't blame an ISP for changing things up in a way that hopes (I think) to trip up iffy senders.
Besides, if you're not an iffy sender, what do you have to worry about?
Highlights:
More than 40% of inbound mail to Yahoo is authenticated with DomainKeys.
Yahoo blocks un-authenticated messages that claim to be from eBay or Paypal. They have no plans (as of yet?) to do this in a broader fashion for other domains.
Will Yahoo be sending un-authenticated messages through more filtering than if they were authenticated? Yes.
You can read the full interview here. It's quite insightful. What I get out of it is that email authentication is the future, and the future is now.
Need help with email authentication? ExactTarget can help! Our Sender Authentication Package covers all the common authentication methods, including DomainKeys and DomainKeys Identified Mail (DKIM). Contact your account services representative for more information.
Building a better list and the quality of your email address are inevitably intertwined. A recent change at Comcast / Roadrunner may be affecting your deliverability bounce rates.
Adelphia was a national cable broadband provider that went out of business way back in 2005. Comcast and Time Warner (Roadrunner) bought the assets and split them up between them.
Since then, Comcast and Roadrunner have been slowly transitioning users off of the adelphia.net domain, region by region.
Comcast/Roadrunner are not notifying ISPs or senders when these changes take place. They do notify end recipients whose email addresses are changing with about a month's notice, and encourage them to notify people that their email address is changing.
Comcast is now fully transitioned off of Adelphia, and the Adelphia.net domain will no longer forward mail for Comcast users. That means that you're going to see a higher than average number of bounces at adelphia.net for the few mailings, until these addresses move to undeliverable automatically and scrubbed from future mailings. The ExactTarget system will handle these bounces properly and automatically.
Road Runner, the current owner of the Adelphia.net domain, continues to support email for a large number of users in the Adelphia.net email domain. They have not announced plans to retire the Adelphia.net domain at this time.
Note that for the many email addresses that were just "retired," it's not possible to translate them into comcast.net email addresses, as their username (and therefore the left part of their email address) has likely changed.
If you were looking for some advice from someone who talks to companies sending email, and ISPs receiving email, all day long every day – today's your lucky day! I'm in the mood to share.
Today's advice is on what NOT to do; what NOT to say when talking to an ISP or other site that receives mail from you or your clients.
Don't say: My emails are CAN-SPAM compliant.
If you do say it: You will be scorned. You'll attract derision. At the very least, you're going to make an ISP or spam filterer roll their eyes at you.
Why? Because everybody sending any form of legitimate (or sometimes even illegitimate) mail is CAN-SPAM compliant. Citing this as a reason that an ISP should accept your emails is a lot like bragging that your email has a subject line.
“So?” The ISP employee will ask themselves. “Do they expect a gold star for doing what everybody else does?” From the ISP perspective, only bad guys (and misinformed good guys) tout their CAN-SPAM compliance.
CAN-SPAM allows you to send spam, if you follow certain rules. Right away, your announcement makes them wonder, are you a spammer? Bad guys tell them all the time, “I don't spam, because my mail is CAN-SPAM compliant.” That's practically a non-sequitur. It just doesn't make any sense. CAN-SPAM makes little reference to permission best practices. It practically allows spam. Telling the world that you shouldn't be considered a spammer because you comply is telling the world, “I am not a spammer because I comply with a law that allows me to send spam!” It's not a great message to send. It does not set you apart, and it doesn't convey the true adherence to opt-in best practices that ISPs require to ensure they'll accept your mail.
CAN-SPAM compliance is such a bare minimum as to be useless for describing your email practices. Your send practices have to be CAN-SPAM compliant, sure. But that's far from enough. It takes a lot more than just CAN-SPAM compliance to get an ISP to accept your mail.
ISPs block millions of CAN-SPAM compliant messages daily. They do not care that your messages are compliant with CAN-SPAM. They care only if your mail is desired by their customers, your recipients. That means opt-in; clear opt-in, with details. That means up front signup disclosure regarding who you are, what you'll be sending, and how often. It means proper management of bounces and unsubscribes. It means keeping your list engaged.
Even worse, when you mention CAN-SPAM to an anti-spam group, they usually stop responding to you, or refuse to remove you from a blacklist, or at the very least, they're going to laugh at you. They've heard it all before. After all, the vast majority of people who proudly announce their CAN-SPAM compliance are ... spammers! Don't sound like a spammer, and don't be a spammer.
People who aren't spammers instead say other, better things: My mail is opt-in. People sign up for my mailings directly here at this website (and include a link). I don't buy or sell lists. I don't bury the opt-in notice in a privacy policy. I clearly tell people what they're signing up for and how often I'm going to send it to them.
That's what you need to say, and that's what you need to do.
There’s still a lot of education to be done on the topic of
buying lists, why it’s a bad idea, and why it should be avoided.
Setting aside the emotional and ethical question of whether it’s right
or wrong to buy lists, there are some very practical reasons that bought lists
will damage your ability to deliver mail successfully. Here are the top three.
1. Purchased lists are filled with bounces and invalid
addresses. If you don’t mail a list for a long time, then you mail it, it has a
very high bounce percentage. High bounce percentages are one of the measures
ISPs use to determine who’s doing something bad and should be blocked. If a lot
of your attempted mail bounces, you look like a spammer.
Whoever you’re buying the list from will claim everything is
cool and great and assure you it’s all opt-in. That might have been true at one
time (but probably wasn’t). Ultimately, though, they’re looking to sell you as
much list data as possible. They’re probably not mailing the list themselves,
just selling it to a lot of different people. If they’re not mailing, they’re
not processing and removing addresses who bounce. You buy the list, you buy it,
and boom, you have huge bounces and delivery problems.
2. Don’t forget spam traps. Spam traps are email addresses
that feed straight into spam filters. Hit just a few (or often just one) of
these, and your mail goes to the spam folder or gets blocked. ISPs take
addresses that should never be on their lists (usually common typos and forgeries)
and long dead addresses (things that have been bouncing and would not have on
your list if you handled bounces properly) and turn them into spam traps.
Even if the person you buy the list from was mailing it first, there could be
(and probably still are) spam trap addresses on those lists. The only way to
remove them is to re-engage your list. Dump inactive subscribers. Ask everyone
on the list to click on a link to re opt-in. See, spam trap addresses accept
the mail just fine; they don’t return a bounce. But they don’t open and click.
So you don’t know which addresses are spam trap addresses. And whoever you’re
buying that list from probably is not re-engaging their list – because it could
dump 90% or more of the addresses on that list as being invalid or
uninterested. That reduces the amount of data they’re able to sell you, which
is likely at odds with the list seller’s financial motivation.
3. And finally, consider recipient dilution. What is recipient dilution? That’s
where you and 900 other senders mail the same list. There have been a few
cases, with clients we’ve terminated, where I test somebody’s signup process,
and find that after about a day, they get a hundred emails from 90 different
senders. A hundred emails!
Think of how overwhelming that would be in your inbox. Do you want a hundred
emails all at once? Regular users are going to be overwhelmed and report all
those messages as spam. Your message is not going to stand out, as everybody
that list probably has a very low tolerance for messages they don’t recognize. You’ll
be just another one of the big pile of unfriendly spammers pounding the heck
out of their email account.
Or, let’s assume a different scenario. Perhaps the list owner is compiling the
list over time, and will end up sending it to different people at different
times. The recipients on this list are going to keep getting mail they don’t
recognize that people they don’t know –forever! The list will be sold and sold
and sold and sold, and if you buy it, and send to it, you’re just one of the
people making the people on that list miserable.
Can you imagine ending up on one of these lists? Even if you meant to sign up
for a list that is going to be sold 500 times – after a short while you are
going to start getting very upset. You’re getting more and more mail from
people you don’t recognize and you didn’t expect that mail and a lot of it is
mail you didn’t want. And it keeps coming and coming and coming. You know what
I call that? Spam.
ISP users will report that mail as spam. ISPs will listen to those reports, and you’ll be branded a spammer (and rightly so). You’ve got no hope of making it to the inbox when that happens.
My team and I have great relationships with ISPs. But no ISP will ever knowingly want to help
a sender doing things this way. If you want to get to the inbox, or not get
booted out of the inbox (often permanently), then you need to avoid these practices at all costs.
There are lots
of legitimate ways you can build your list. But buying a list isn’t one of
them.
The number one thing a marketer can do to ensure maximum email deliverability is maintain a good reputation. The vast majority of ISPs decide which mail to accept based on the reputation of your sending IP address. If you are sending mail to names outside of permission; if those recipients don’t expect to hear from you; if you’re continually mailing the same, tired old list for years; these and many other factors can drag down the email reputation of your IP address, increasing the chances of your mail going to the bulk folder (or being blocked outright).
What you’ll find new on this front in 2008 is that ISPs are clamping down more than they’ve ever done before. They’re automating their spam filtering and becoming faster on the trigger. They’re now blocking more quickly, and declining to unblock more often. They’re outsourcing more of their mail delivery choices to third parties. For example, comcast is working with Return Path. And Yahoo now uses the Spamhaus blacklists.
That’s why it’s becoming more important than ever to proactively ensure maximum deliverability through adherence to permission. If you don’t, you could easily find yourself trapped in a deliverability quagmire that you can’t easily resolve – even though it’s a practice that you received no negative feedback about previously!
ExactTarget has excellent technical tools to help you maximize your deliverability. Our automated feedback loop processing, bounce mail management, and mail server fine-tuning all work together to get as much as your mail to the inbox as possible. Our dedicated deliverability services staff stands ready and waiting to reach out to ISPs as needed to help resolve issues. But, even with all of those steps, reputation and permission remain the true, primary governors of email deliverability success.
2007 has brought a lot of changes on the email deliverability front. Most ISPs have moved from a content-focused spam filtering methodology, to a reputation-focused model. They rely heavily on a sending IP address's reputation when determining whether or not to deliver mail to the inbox. Now, your sending reputation — and by extension, your adherence to permission — are the main things ISPs use when determining how to disposition the mail you send.
The good news is that authentication technologies such as DomainKeys and Sender ID are finally starting to make a difference — improving delivery and reputation at Yahoo and Hotmail. Look for more ISPs to start to pay closer attention to email authentication over the next year. The big ISPs promise that eventually reputation will be portable and domain-based. Will that actually happen in 2008? Hard to say, but we're ready and able to support a change like this if and when it happens.
ISP filters, blocking criteria, and sender requirements continue to change as well. For example, Earthlink now expires dead email addresses after a few months of account closing. Comcast now has a feedback loop. And AOL is much more likely to de-whitelist (and block) problem senders than they were a year or two ago. Look for more changes like this over the next year, and look for us to start incorporating feedback loop, bounce, and reputation data from other ISPs (such as Hotmail) to improve our efforts to maximize your deliverability success. For more deliverability insight, check out our brand new whitepaper, 2008 Email Marketing Trends.
You might be noticing higher-than-usual
levels of hard bounces addresses when trying to mail Earthlink
subscribers.
It turns out that Earthlink has
changed how they handle invalid addresses.
From what we can tell, Earthlink subscriber email addresses that have been inactive for more than 90 days are automatically deleted from Earthlink's system. This means that if an Earthlink user has abandoned their email address, after 90 days, any attempts to send mail to that address will be returned as a hard bounce, with a notification that states, "Due to extended inactivity new mail is not currently being accepted for this mailbox."
This means that your hard bounces at Earthlink are going to go up, until those now-invalid and abandoned addresses are converted to undeliverable status by ExactTarget's Bounce Mail Manager (BMM) logic.
Don't fret; this is how the system is supposed to work. These addresses really are abandoned, and attempts to mail these addresses really are supposed to be rejected with a hard bounce. ExactTarget's BMM system will quickly invalidate these bad addresses and move them out of the way; helping to improve your overall email deliverability to Earthlink subscribers.
If you're wondering exactly what domains Earthlink controls, here's a list: http://www.earthlink.net/about/policies/commercial/
As always, if you have any questions, please don't hesitate to reach out to our Deliverability Services team at deliverability@exacttarget.com.
ReturnPath's new article on "Lead Generation Do's and Don'ts" should be considered a must read. How timely! Just yesterday, I was on a call with a client, trying to help them dig out from a deliverability issue (high spam complaints and blocking), and it turned out that lead generation was the problem.
See, our client got snowed. The lead generation vendor said the list was opt-in, but it wasn't. They paid X-thousand dollars for a list they now can't use, because it's a spam list, and therefore not allowed under our terms of service. They were able to launch a mail to the list before we caught it (yuck), and the stats on their IP address spiked so clearly and significantly as to draw a big red arrow pointing back to this bad practice.
The guidance from Stephanie Miller is very similar to the guidance I gave to our client:
Finding a reputable vendor can be tricky. It might be more appropriate to reach out to us for specific advice, but generally speaking, you need to make sure that any such vendor is going to do an OPT-IN process across the board. For both their own lists, and for the way they're going to introduce you to their subscribers. That means:
Incidentally, I've referred a number of clients over to ReturnPath, and they do things correctly. They're not paying me to say this (and we don't make any money if you sign up with them), but I have been working for years with companies who've used Return Path's list rental and lead generation services, and have never run into these kind of problems.
...but didn't think to ask!
Terry Zink is a program manager working for Microsoft as part of their Exchange Hosted Services anti-spam division. He’s a smart guy, who has been kind enough to grace us with everything you wanted to know about email authentication, but didn’t think to ask. His blog is on my “must read” list.
Since June, he's been sharing detailed, deep-dive info on email authentication. It’s been like an “Authentication for Dummies” book. It started out simply, and each successive session builds on the previous one. I’d consider this required reading for anybody who wants to really understand the technical intricacies of Sender ID, SPF, and DomainKeys..
If you want to work your way through the whole series, I'd recommend starting here: Introduction to Sender Authentication.
There are thirty different entries. Think of each of them as a chapter in a printed guide, all chock-full of good stuff. Here's a link to each different section:
Part 1: The Basics of Sending Email
Part 2: Reading Email Headers
Part 3: Checking the Received Headers
Part 4: Forward Confirmed Reverse DNS
Part 5: More on Received Headers
Part 6: Basics of SPF
Part 7: Shortcomings of SPF
Part 8: Best-Guess SPF
Part 9: SPF Syntax
Part 10: More on SPF Syntax
Part 11: More on SPF Syntax (Continued)
Part 12: Some examples of SPF
Part 13: Some SPF odds and ends
Part 14: Introduction to Sender ID
Part 15: How Sender ID interprets SPF records
Part 16: Sender ID vs SPF
Part 17: Hazards of Sender ID and SPF
Part 18: More Hazards
Part 19: How Spammers Evade SPF
Part 20: Advantages of PRA vs. MFROM
Part 21: Some Recommendations
Part 22: Introduction to Encryption
Part 23: Secret Key Encryption and One-way Functions
Part 24: Public Key Encryption
Part 25: Digital Signatures
Part 26: DomainKeys in a Nutshell
Part 27: Public Key Notation in DNS
Part 28: DomainKey Headers in the Message
Part 29: Some DomainKeys Examples
Part 30: The Canonicalization Process
As you may or may not know already, we're members of MAAWG, the Messaging Anti-Abuse Working Group. As part of our participation in that group, we're working to help develop the next version of MAAWG's “Sender Best Common Practices” document. Meant for email service providers, their clients (folks like you), and other senders, the goal is to provide clear and detailed guidance on list management and email delivery practices.
In the mean time, I'd recommend taking
a look at the current Sender
Best Common Practices document. In it, you'll find guidance on
what it means to obtain clear and conspicuous consent, how to make it
easy for end recipients to unsubscribe, how to manage email delivery
issues, list hygiene and maintenance, blocking issues, etc.
It
can be a bit of a dry read, but if you're looking for where to begin
on how to do things right, this is where you start.
As always, if you have any questions, feel free to contact our deliverability team at deliverability@exacttarget.com and we'll be happy to help.