Thoughts on filters

One of the questions we received during the EEC16 closing keynote panel was why isn’t there a single blocklist that everyone uses and why don’t ISPs share data more. It would be so much easier for senders if every ISP handled mail the same as every other. But the world isn’t that simple, and it’s not always clear which mail stream is spam and which is good mail.

12495088_10154028658527410_7653293570464523506_n

There were quite a few answers but they basically boiled down to a few facts.

  • Different blocklists have different data strengths and weaknesses.
  • No blocklist has all a full view of all the bad mail.
  • You may want to have different polices for delisting depending on what kind of mail the blocklist is targeting. For instance, Spamhaus has different polices for different lists: CBL has self serve delisting, SBL requires email, ROSKO requires no traceable spam for 6 months.

The short reason was we use different lists and techniques because it makes the spam filtering better.

When I got home from the conference, I saw In-depth analysis of the lessons we learned while protecting Gmail users post. Among other things, it answered the “why not one blocklist” question. Even more, I think it did a really good job of talking about what email looks like from the receiving end.

Any defense can be defeated – Use defense in depth with multiple layers of protection.
Since no combination of detection systems at a given layer is perfect, there is a need to add multiple layers of defense to make it even harder for attackers.

One thing I’ve been trying to get across to marketers is that email is an a very malicious channel. Many of the bad mails out there, the ones the filters are aiming for, are dangerous and malicious. Those attackers spend a lot of time trying to figure out how to get past the defenses.

Make it hard for attackers to understand your defenses – Use overwhelming force and deploy many countermeasures at once.

It is very important to make probing more difficult for attackers by rolling out multiple changes. That way they are overwhelmed by the number of things to test and can’t easily figure out what changed.

This is why it’s so hard to test “what Gmail changed.” They are going out of their way to release multiple things at once. It’s also why it’s not really useful to test. It’s more useful to look at your mailing practices and see where they might be borderline and driving your reputation down.

The whole article is well worth a read. It gives a good overview of what Gmail is doing and how they think about email, filtering and dangers. It also gives examples of the different challenges they deal with on a regular basis.

Overall, it’s important to realize that filters are an important part of the email ecosystem. They are a big part of why it’s a viable marketing channel. Think of it this way, an unweeded garden is not as productive as a weeded garden. Weeds take nutrients away from the plants and stunt their growth. They also make it harder to find the actual produce at harvest time. Filters are the herbicides and weeding that keep gardens healthy and productive. Without them, no one could effectively use or trust email.

Dueling data
Ask Laura: Can you help me understand no auth / no entry?

Related Posts

Purchased lists and ESPs: 9 months later

It was about 8 months ago I published a list of ESPs that prohibit the use of purchased lists. There have been a number of interesting responses to that post.
thumbsup
ESPs wanted to be added to the list
The first iteration of the list was crowdsourced from different ESP representatives. They shared the info they had with each other. With their permission, I put it together into a post and published it here. Since then, I’ve had a trickle of ESPs asking to be added to the list. I’m happy to add any ESP. The only requirement is a privacy policy (or AUP) that states no purchased lists.
People reference the list regularly
I’ve had a lot of ESP deliverability folks send thanks for writing this post. They tell me they reference it regularly when dealing with clients. It’s also been listed as “one of the best blog posts of 2015” by Pardot.
Some 2016 predictions build on the post
I’ve read multiple future predictions that talk about how the era of purchased lists is over. I don’t think they’re wrong. I think that purchased lists are going to be deliverability nightmares on an internet where users wanting a mail is a prime factor in inbox deliverability. They’re already difficult to deliver, but it’s going to get worse.
Thumbsdown
Not everyone thinks this is a good post. In fact, I just recently got an comment about how wrong I was, and… well, I’ll just share it because I don’t think my summary of it will do it any justice.

Read More

Prepping for EEC


Tomorrow I head off to New Orleans to the EEC conference. It’s my first one and I’m really looking forward to meeting some of the people I only know online.
I’ll be speaking on two panels on Friday:
All You Ever Wanted to Know about Deliverability (But Were Afraid to Ask) at 10:50. This is your chance to ask those questions of myself and other experts in the field. I always enjoy Q&A panels and actually hearing from folks what their big deliverability questions are. (and remember, if you have a question, you can always send one to me for Ask Laura)
and the closing Keynote panel
ISP Postmasters & Blacklist Operators: Defending Consumer Inboxes at 1:10. I’m on a panel with various ISP postmasters, blacklist operators and we’ll be talking about what it’s like dealing with the deluge of mail. For instance, there is a huge outbreak of bot-spam at the moment, and a lot of the filters are struggling to keep up. In fact, I’m a last minute replacement for one filter company as they are in all-hands-on-deck firefighting mode to keep their customers safe.
Hope to see you there!
 

Read More

March 2016: The Month In Email

Happy April! I’m just back from the EEC conference in New Orleans, which was terrific. I wrote a quick post about a great session on content marketing, and I’ll have more to add about the rest of the conference over the next week or so. Stay tuned!
March2016_blog
Here’s a look at what caught our attention in March:
On the DMARC front, we noted that both Yahoo and mail.ru are moving forward with p=reject, and Steve offered some advice for ESPs and software developers on methods for handling this gracefully. I also answered an Ask Laura question about making the decision to publish DMARC. Look for more on that in this month’s Ask Laura questions…
Our other Ask Laura question this month was about changing ESPs, which senders do for many reasons. It’s useful to know that there will generally be some shifts in deliverability with any move. Different ESPs measure engagement in different ways, and other issues may arise in the transition, so it’s good to be aware of these if you’re contemplating a change.
In industry news, I wrote a sort of meta-post about how the Internet is hard (related: where do you stand on the great Internet vs. internet debate? Comment below!) and we saw several examples of that this month, including a privacy debacle at Florida State University. Marketing is hard, too. I revisited an old post about a fraud case where a woman sued Toyota over an email marketing “prank”. As always, my best practices recommendation for these sorts of things (and everything else!) really boils down to one thing: send wanted email.
Steve wrote extensively about SPF this month in two must-read posts, where he explained the SPF rule of ten and how to optimize your SPF records. He also wrote about Mutt, the much-loved command line email client, and marked the passing of industry pioneer Ray Tomlinson, who, in addition to his many accomplishments, was by all accounts a very thoughtful and generous man.
Finally, I occasionally like to take a moment and follow the twisty paths that lead to my spam folder. Here’s a look at how Ugg spams my email doppelganger, MRS LAURA CORBISHLEY. In other spam news, there’s a lot of very interesting data in the recent 10 Worst list from Spamhaus. Take a look if you haven’t seen it yet.

Read More