November 2015: The month in email

As we head into the last month of the year, we look back at our November adventures. I spoke twice this month, first at Message Systems Insight in Monterey (my wrap-up post is here) and then with Ken Magill at the  at the 2015 All About eMail Virtual Conference & Expo (a short follow-up here, and a longer post on filters that came out of that discussion here.). Both were fun and engaging — it’s always great to get a direct sense of what challenges are hitting people in the email world, and to help clear up myths and misconceptions about what works and doesn’t work in email marketing and delivery. I’m putting together my conference and speaking schedule for 2016 — if you know of anything interesting that should be on my radar, please add it in the comments, thanks!
In industry news, we noted a sharp uptick in CBL listings, and then posted about the explanation for the false positives. Steve wrote about an interesting new Certificate Authority (CA) called Let’s Encrypt, which looks to be a wonderful (and much-needed) alternative for certificates, and I put together some thoughts on SenderScore.
Steve and I did a few posts in parallel this month. First, Steve posted an interesting exercise in SPF debugging. Are you seeing mail from legitimate senders flagged as spam? This might be why. My investigative post was about ISP rejections, and how you can figure out where the block is occurring. In each case, you’ll get a glimpse of how we go about identifying and troubleshooting issues, even when we don’t have much to go on.
We each also wrote a bit about phishing. Steve posted a timely warning about spear phishing — malware attacks disguised as legitimate email from within your organization — and reminds all of us to be careful about attachments. With all of the more secure options for document sharing these days, it’s a lot easier to avoid the risk by maintaining a no-attachments policy in your company. And I wrote about how the Department of Defense breaking HTML links in email to help combat phishing. If your lists include military addresses (.mil), you may want to come up with a strategy for marketing to those recipients that relies less on a clickthrough call to action.
We amused ourselves a bit with a game of Deliverability Bingo, then followed up with a more serious look at the thing we hear all the time — “I’m sure they’ll unblock me if I can just explain my business model.” While an ESP abuse desk is unlikely to be swayed by this strategy, it is actually at the core of how we think about deliverability at Word to the Wise. Legitimate senders have many kinds of lists, many kinds of recipients, many kinds of marketing strategies, and many kinds of business goals. For us to help marketers craft sustainable email programs, we need to understand exactly what matters most to our clients.

Related Posts

October 2015: The month in email

Oct2015_blog
When you spend most of your day working on email and spam issues, it starts to cross into all aspects of your life. In October, I was amused by authors who find names in spam, SMTP-related t-shirts on camping trips, and spam that makes you laugh. Maybe I need a vacation?
We were quite busy with conference presentations and client work this month, but took time to note the things that captured our attention, as always. We highlighted a few things we enjoyed reading around the web: Brian Krebs’ Reddit AMA, the results of Jan Schaumann’s survey on ethics in internet operations, and a great post on Usenet from Joe St. Sauver.
In industry news, we covered a few glitches that are worth noting, in case you missed them: Yahoo FBL confirmation emails, Google postmaster tools, Network Solutions email, and weird Lashback listings. Even though these have mostly been resolved, it’s useful to keep track of the types and frequency of these sorts of issues, as they can significantly impact your deliverability and may be useful as your clients or business stakeholders raise questions about campaign performance.
Steve contributed a few key technical posts this month, including a short post on IPv6 authentication issues, following up on the issues he outlined back in July. He also noted Gmail’s upcoming move to DMARC p=reject, which is notable for the ways they are are looking to mitigate risks with their ARC proposal.  Finally, he wrote that it’s worth looking at false positives every now and then, as it can reveal interesting patterns in the ESP landscape.
Finally, a good suggestion from the best practices file: engagement through confirming user names, and a not-so-good plan for an app that’s sure to invite abuse and harassment.

Read More

What happened with the CBL false listings?

The CBL issued a statement and explanation for the false positives. Copying it here because there doesn’t seem to be a way to link directly to the statement on the CBL front page.

Read More

Filter complexity

URLBlockingForBlogDuring the Q&A last week, I mentioned an example of a type of filter trying to demonstrate how complex the filters are. There was some confusion about what I was saying, so I thought I’d write a blog post explaining this.

Read More