That's not how you do it…

Got an email this morning from a company advertising their newest webinar “The Two Pillars of Effective Large-Scale Email: Security and Deliverability.” The message came to a tagged address, so clearly I’d given them one at some point. But I didn’t recognize the name or company or anything. I did a search to seen when I may have interacted with this company in the past.

Looking through my old emails, it appears I contacted this company through their support form back in 2007. They were blocking a client’s newsletter. This is what I sent:

One of my clients has asked me to talk with you about your blocking schemes. They’re rather confused as their mail to a customer (one-to-one mail, not bulk) is ending up in the junk/spam folder. They’re not sure what they’re doing to get filtered.
Is there someone who can talk to me about your filtering schemes so I can explain to your mutual customer what is happening?

The response was pretty unhelpful.

I see that the email address insight@ESP is already in Michael’s allow list in his Email Defense filter settings — was this a recent addition? This should let any emails sent from that address through without being filtered first. Another suggestion would be to add the source IP address itself to his allow list if emails are still being caught. Let us know if this alleviates the situation.

That’s the last I heard from said company until this morning, when they sent me an ad.

A common question we’re asked is “How can I safely and securely utilize large-scale/mass emailing to communicate?”
Whether you’re sending newsletters, announcements, notifications, even sensitive or private information, there are two pillars you must have in place to ensure your communications are sent securely AND are delivered without being classified as spam.

One way to prevent communications from being classified as spam is to not grab addresses from a decade ago out of your support queue and use them for marketing out of the blue. Also, I’m much more likely to trust your opinion on delivery if you follow CAN SPAM. I mean, it’s nice you sent me a picture of the nice lady who sent the spam, but you forgot to put a postal address on the email.
Interestingly enough, the company actually has a pretty effective sounding AUP for their customers. They prohibit, among other things:

  • Automatically opting visitors or purchasers into their subscriber list. This includes “pre-checking” an opt in box on forms.
  • Automatically adding subscribers on one mailing list to unrelated mailing lists
  • Sending emails to subscribers that are unrelated to the purpose to which they opted in
  • Adding people to the mailing list without their permission
  • Sending messages to people who have requested to be removed from the mailing list
  • Using old lists without checking with the subscribers that their addresses are still valid and that they still wish to be subscribed.

Too bad they don’t apply their AUP to their own email program.

Related Posts

You might be a spammer if…

… the best thing you have to say about your email practices is “They’re CAN SPAM compliant.”
… text to .gif is a vital part of your email generation process
… you have to mail from multiple ESPs in order to get good delivery
Please contribute your own in the comments.
I’d also like to thank Al for guest posting 2 days this week. Thanks, Al!

Read More

TWSD: breaking the law

I tell my clients that they should comply with CAN SPAM (physical postal address and unsubscribe option) even if the mail they are sending is technically exempt. The bar for legality is so low, there is no reason not to.
Sure, there is a lot of spam out there that does not comply with CAN SPAM. Everything you see from botnets and proxies is in violation, although many of those mails do actually meet the postal address and unsubscribe requirements.
One of my spams recently caught my eye today with their disclaimer on the bottom: “This email message is CAN SPAM ACT of 2003 Compliant.” The really funny bit is that it does not actually comply with the law. Even better, the address it was sent to is not published anywhere, so the company could also be nailed for a dictionary attack and face enhanced penalties.
It reminds me of the old spams that claimed they complied with S.1618.

Read More

Outreach or spam?

This showed up in my mailbox earlier today:
Pluckyou
The tweet in question
pluckyou2
From Crunchbase: “Pluck is an email prospecting tool that gives you the email addresses of the people tweeting about subjects related to your business.”
Prospecting: another name for spamming. Look, I know that you want to sell you’re newest, greatest product to the world. But just because I tweet something with a # that you think is relevant to your product doesn’t mean that I want to get your spam. I also know it’s hard to get attention and find prospects; I’m a small business owner, too and I need to market my own services. But spamming isn’t a good idea. Ever.
There’s been a significant increase in this kind of spam “to help your business” lately. It’s a rare day I don’t get something from some company I’ve never heard of trying to sell me their newest product. It might be something if they tried a contact or two and then went away. But they’ll send mail for weeks or months without getting an answer. Look, silence IS an answer and it means you need to go away and leave your prospects alone.
Unfortunately, there are services out there that sell a product that let you “automatically follow up” with your prospects. Pluck up there uses one of them, as that’s who’s handling all the links in the message. In fact, if you go to the bare domain (qcml.io) they talk a good anti-spam game. “Die, spammers, die.” I reported the message to them. I’m not expecting them to actually do anything, and I’m not expecting a response.
It’s just spam under another name. There’s no pretense that it’s anything else. Even if it’s sent in a way that makes it look like a real person typed the message, like QuickMail offers. “All emails will come straight out of your personal inbox as though you typed them yourself.” As if you typed them yourself.
The worst part is there’s no real way to stop the mail. I can’t unsubscribe. The companies selling the software don’t provide any guidance to their customers about what the law requires. Take the message from Pluck that started the post. It violates CAN SPAM in multiple ways. Moreover, the address they used is not publicly associated with my twitter handle, which means they’re doing some harvesting somewhere. That means treble penalties under CAN SPAM.
I could reply and ask them to stop mailing me. I’ve done that a couple times with a message that says, “Please don’t email me any more.” I’ve got to tell you, some people get really mad when you ask them not to email you. Some just say yes, but others are really offended that you asked them to stop and get abusive. It’s gotten to the point where I don’t ask any more because of that one person who decides to harass, threaten and scream at me. Sure, it’s maybe 1 in 5, but I don’t have the time or energy to figure out who is going to be receptive and who isn’t. I don’t have time for that. No one has time for that.
I’m expecting that filters are going to catch up eventually and these types of mail will be easier to filter out. Until then, though, small business owners like myself are stuck in a place where we have to deal with spam distracting us from our business. At least I get blog content out of it.
 
 
 

Read More