Confirming addresses for transactional mail

A colleague was asking about confirming transactional mail today. It seems a couple of big retailers got SBLed today for sending receipts to spamtraps. I talked a few weeks ago about why it’s important to let people unsubscribe from transactional email, and many of those same things apply to confirming receipts.

First, let’s look at what Spamhaus has to say. Initially they listed the reason for the SBL listing as “receipts to spam traps.” They later clarified the underlying issue.

…[T]he issue with these receipts isn’t simply that one-off receipts are being sent to typoed email addresses. That issue would be trivial if no further email were sent to those email addresses, even during the Christmas shopping season. The issue is that typoed email addresses are being associated with customer accounts and receiving all sorts of email (transactional and marketing both) without ever being confirmed. Spamhaus Statement (.pdf)

This matches very closely with what I said in my earlier post about allowing people to unsubscribe from transactional emails.
Transactional mail that is only ever a single event and where that address is not associated with an account doesn’t need to have an unsubscribe link. If it’s a one-time email, then it’s OK to not have an opt-out link. It’s OK to have an opt-out link, but not necessary.

However, transactional mail that’s associated with some sort of account and is likely to receive future emails must have a process in place to make sure that the mail is going to the right person.

A couple examples where retail stores should have confirmation in place.

Apple has an option to associate an email address with a credit card. Customers that take this step can go into any Apple store, buy something with that card and Apple will email them a receipt. This type of setup should have some process to confirm that Apple are sending the receipt to the right place.

Citibank links online banking accounts to credit or debit cards. They’ve now started offering the ability for ATM transaction receipts to be sent to the email address on file for that card. They have incorporated a verification process as part of setting up online banking, and receipts should only go to the actual customer.

There are, however, lot of retailers that collect addresses at point of sale and use those for receipts and marketing without any confirmation. Some online retailers collect email addresses and then let customers create an account with that address. They often don’t confirm these accounts, either. That may not sound so bad, creating an account is a simple step that encourages repeat purchases.

Without some sort of address confirmation in place, customers can create accounts with email addresses they don’t control. In most cases, customers can continue to use those accounts until they forget their passwords. Purchase confirmation emails and marketing mails both can be sent to unrelated 3rd parties.

Spamhaus listing companies that are sending repeated transactional emails to spamtraps means senders who don’t confirm addresses are at increased delivery risk, even when the majority of mail sent to those addresses is transactional. It’s not the content, it’s the volume. The more mail sent to an address the more important it is to make sure that the person at that address is actually the right customer. Otherwise, senders open themselves up to delivery problems. There is also the possibility that some congress person decides that receipts going to the wrong person is a problem that needs to be fixed with laws. I’m pretty sure whatever that congress person decides will be worse for both consumers and retailers than retailers confirming email addresses.

Related Posts

Bit.ly gets you Blocked

URL shorteners, like bit.ly, moby.to and tinyurl.com, do three things:

Read More

Is Spamhaus still relevant?

Today’s Wednesday question comes from a recent discussion on the Only Influencers mailing list. One of the participants asked “Is Spamhaus relevant and necessary? Are they willing to work with marketers?”

Read More

Marketing to businesses

“If you do stupid things, you’re going to get blocked,” says Jigsaw CEO Jim Fowler in an interview with Ken Magill earlier this week.
Jigsaw is a company that rewards members to input their valuable business contacts. Once the addresses are input into Jigsaw, they are sold to anyone who wants them. Jigsaw gets the money, the people providing information get… something, the people who provided business cards to Jigsaw members get spammed and the people who downloaded the lists get to deal with a delivery mess. Sounds like a lose for everyone but Jigsaw.
Except that now Jigsaw is listed on the SBL for spam support services. Well, that’s going to cause some business challenges, particularly given how many companies use the SBL as part of their filtering scheme.
It’s hard to think of a situation where I would appreciate someone I gave a business card to providing my information to a site that then turns around and lets anyone download it to send email to. I know, I know, there are a million companies out there I’ve never heard of that have The Product that will Solve All my Problems. But, really, I don’t want them in my work mailbox. The address I give out on my business cards is, for, y’know, people to contact me about what I’m selling or to contact me about things they’ve already purchased from me. That address is not for people to market to. I have other addresses for vendors, and even potential vendors, to contact me.
Jigsaw clearly facilitates spam to businesses by collecting email addresses and then selling them on. This is a drain on small businesses who now have inboxes full of valuable offers to wade through. Perhaps their stint on the SBL will make them reconsider their spam support services.
HT: Al

Read More