What kind of mail do filters target?

All to often we think of filters as a linear scale. There’s blocking on one end, and there’s an inbox on the other. Every email falls somewhere on that line.
Makes sense, right? Bad mail is blocked, good mail goes to the inbox. The bulk folder exists for mail that’s not bad enough to block, but isn’t good enough to go to the inbox.
Once we get to that model, we can think of filters as just different tolerances for what is bad and good. Using the same model, we can see aggressive filters block more mail and send more mail to bulk, while letting less into the inbox. There are also permissive filters that block very little mail and send most mail to the inbox.
That’s a somewhat useful model, but it doesn’t really capture the full complexity of filters. There isn’t just good mail and bad mail. Mail isn’t simply solicited or unsolicited. Filters take into account any number of factors before deciding what to do with mail.

What kinds of factors?

There are five broad questions I think about when guiding clients through their email programs.

Is the mail safe?
Is the mail solicited?
Is the mail targeted?
Is the mail wanted?
Is the mail productive?

Different filters have different weights for the categories. Those weights explain why delivery can range so widely across domains and email providers.
Let’s look at each set of factors and talk about who might care more about those factors than others.

Is it safe?

Does the message contain malware, phishing, anything that could harm the recipient’s computer or the network as a whole? These filters are widespread and heavily weighted by most people. Safe doesn’t typically come into it for legitimate mail, but the filters are still there and still sniff at our mail.

Is it solicited?

Alternatively, did the user ask to receive mail from the sender? Many blocklists, including Spamhaus, specifically set out to block unsolicited email. They don’t really care about what the email is. They simply want to make sure that the recipients are receiving mail they asked for.
Confirmed opt-in is a way to ensure that mail is solicited. The folks behind many of the blocklists simply want users to receive mail they asked for. Senders who can demonstrate the mail is solicited get removed from the list.
At ISPs, solicited is somewhat important, but the signs of solicited mail overlap with signs of wanted mail. When ISPs measure unknown users and complaints, part of what they’re trying to determine is if the mail is solicited by their user.

Is it targeted?

Does the user understand why they’re receiving the mail? As a small business owner, I get a lot of targeted email. Random companies buy addresses and target me as someone who might want their service. The mail is targeted, so some filters, particularly those at ISPs, might not block or spam folder the mail.
But just because mail is targeted doesn’t mean the user wants it.

Is it wanted?

Does the user want the mail? Sometimes they do, sometimes they don’t. The big webmail providers (Oath, Microsoft, Gmail) heavily weight wanted. They don’t care so much if the message is solicited or targeted, although both things will increase the likelihood that the mail is wanted. At these ISPs, filters really focus on signs that the user is engaged with the message as part of the delivery process. Wanted mail gets into the inbox, unwanted mail not so much.
But just because the mail is wanted doesn’t mean it will make it to the inbox.

Is it productive?

This filter only really comes into effect when we’re talking about mailing into businesses. Email is a tool for businesses and they often want employees to be working while at work. Even if an employee solicits and email a business might decide it’s not productive for the business and they block that source of email. Likewise, businesses will block targeted and wanted messages simply because they’re unproductive.

What’s it all mean?

Effectively addressing delivery problems means understanding why a message isn’t reaching the inbox. Improving engagement isn’t going to help senders reach employee mailboxes if the mail is unproductive. Better targeting won’t help if the block is due to the mail being unsolicited. Using confirmed opt-in won’t magically get malware into the inbox.
It used to be that deliverability recommendations would work across the range of filters. Mail that made it to the inbox at an ISP like Gmail was likely to make it into the inbox almost anywhere. But as Gmail (and Oath and Microsoft) focus more and more on custom delivery for every recipient, recommendations that work there aren’t always going to work elsewhere.
Reaching the inbox outside of webmail providers means taking a lot more into account than just if the recipient is engaged with your mail.

April 2016: The Month in Email

We are finishing up another busy month at WttW. April was a little nutty with network glitches, server crashes, cat woes, and other disruptions, but hopefully that’s all behind us as we head into May. I’ll be very busy in May as well, speaking at Salesforce Connections in Atlanta and the Email Innovation Summit in Las Vegas. Please come say hello if you’re attending either of these great events.

Speaking of great events, I participated in two panels at EEC16 last month. We had a lot of great audience participation, and I met many wonderful colleagues. I wrote up some more thoughts about the conference here. I also had a nice conversation with the folks over at Podbox, and they’ve posted my interview on their site.
In the Podbox interview, as always, I talked about sending mail people want to receive. It always makes me roll my eyes a bit when I see articles with titles like “5 Simple Ways to Reach the Inbox”, so I wrote a bit about that here. In addition to sending mail people want to receive, senders need to make sure they are collecting addresses and building lists in thoughtful and sustainable ways. For more on this topic, check out my post on list brokers and purchased lists.
These same not-so-simple tricks came up again in my discussion of Gmail filters. Everyone wants a magic formula to reach the inbox, and — sorry to burst your bubble — there isn’t ever going to be one. And this is for a good reason: a healthy filter ecosystem helps protect all of us from malicious senders and criminal activity. The email channel is particularly vulnerable to fraud and theft. The constant evolution of filters is one way mail providers can help protect both senders and recipients — but it can be challenging for senders and systems administrators to keep up with this constant evolution. For example, companies sometimes even inadvertently filter their own mail!
I also wrote a bit about how B2B spam is different from B2C spam, and how marketers can better comply with CAN SPAM guidelines in order to reach the inbox. We also republished our much-missed friend and colleague J.D. Falk’s DKIM Primer, which is extremely useful information that was at a no-longer-active link.
One of my favorite posts this month was about “dueling data”, and how to interpret seemingly different findings around email engagement. We also got some good questions for my “Ask Laura” column, where we cover general topics on email delivery. This month we looked at “no auth/no entry” and the Microsoft Smartscreen filter, both of which are useful things to understand for optimizing delivery.
Finally, we are pleased to announce that we’ve joined the i2Coalition, an organization of internet infrastructure providers. They posted a nice introduction on their blog, and we look forward to working with them to help advocate and protect these important technical infrastructures.

AOL Changes

We’ve known for a while that AOL email infrastructure is going to be merging with Yahoo’s, but apparently it’s happening sooner than anyone expected.
The MXes for aol.com will be migrated to Yahoo infrastructure around February 1st. Reading between the lines I expect that this isn’t a flag day, and much of the rest of the AOL email infrastructure will be in use for a while yet, but primary delivery decisions will be made on Yahoo infrastructure.
The AOL and Yahoo postmaster teams are pretty smart so I assume they’ll have made sure that their reputation data is consistent, and be doing everything else they can do to make the migration as painless as possible. But it’s a major change affecting a lot of email, and I wouldn’t be surprised to see some bumpiness.
If you’ve done anything … unwise … with delivery to AOL addresses, such as hard-wiring MXes for delivery to aol.com, you should probably look at undoing that in the next week or so. I’m guessing the changeover will happen at the DNS level, so if you’ve nailed down delivery IPs for aol.com you might end up trying – and probably failing – to deliver to the old AOL infrastructure.

July 2017: The month in email

August is here, and as usual, we’re discussing spam, permissions, bots, filters, delivery challenges, and best practices.

One of the things we see over and over again, both with marketers and with companies that send us email, is that permission is rarely binary — companies want a fair amount of wiggle room, or “implied permission” to send. There are plenty of examples of how companies try to dance around clear permissions, such as this opt form from a company we used to do business with. But there are lots of questions here: can you legitimately mail to addresses you haven’t interacted with in 5 years? 10 years? What’s the best way to re-engage, if at all?
We frequently get questions about how to address deliverability challenges, and I wrote up a post about some of the steps we take as we help our clients with this. These are short-term fixes; for long-term success, the most effective strategy is sending email that people want and expect. Engagement is always at the core of a sustainable email program.
We’ve also discussed the rise of B2B spam, and the ways in which marketing technologies contribute to the problem. B2B marketers struggle to use social and email channels appropriately to reach customers and prospects, but still need to be thoughtful about how they do it. I also wrote about some of the ways that marketing automation plugins facilitate spam and how companies should step up to address the problem. Here’s an example of what happens when the automation plugins go awry.
I wrote a few posts about domain management and the implications for security and fraud. The first was about how cousin domain names can set users up for phishing and fraud, and the second was a useful checklist for looking at your company’s domain management. We also looked at abuse across online communities, which is an increasing problem and one we’re very committed to fighting.
I also highlighted a few best practices this month: guidelines for choosing a new ESP and active buttons in the subject line for Gmail.
And finally, we celebrated the 80th birthday of the original SPAM. If you’re a regular reader of this blog, you probably already know why unwanted email is called SPAM, but just in case, here’s a refresher….