How to hire an affiliate

laura
Industry
May 3, 2018

Yesterday I talked about all the reasons that using affiliate email can hurt overall delivery. In some cases, though, marketing departments and the savvy email marketer don’t have a choice in the matter. Someone in management makes a decision and employees are expected to implement it.
If you’re stuck in a place where you have to hire an affiliate, how can you protect the opt-in marketing program you’ve so painstakingly built? Nothing is foolproof, but there are some ways you can screen affiliates.

Who are they?

First step is to ask them for a bunch of information about their company.

What is their full corporate information: company name, address, phone number and online URL.
Where do people sign up for mail?
What domains and IPs they use to send email?
Do they use ESPs or manage their own servers?
Will they contract out your send to other parties?

Trust but verify

Next step is to visit the websites they shared with you.

Does their corporate site have any person’s name on it anywhere?
Does the corporate site mention any of their brands? Again, if they’re hiding something why are they hiding it?
Does the signup site link back to the parent company?
Is there any information about the corporate structure on the signup site?
Is there a privacy policy on the site?

?When should you worry?

Signs that all may not be as it seems.

When the vendor can’t or won’t tell you the websites where they collect email addresses.
When you visit the website they told you about, but there isn’t a clear way to opt-in to any mail.
When the privacy policy of the signup site mentions a completely different site somewhere in the text.
When they won’t tell you what domains they use in email.

Any one of these things signals something might not be right. But any combination of them should set off alarm bells.

Other investigative routes

Check the company and your contacts through LinkedIn. Do they have a profile and if so, how does it match with what they’ve told you? And, really, what sales person doesn’t have a LinkedIn page?
Sign up for their mail. I suggest you don’t do it through your regular mailbox, setup a freemail account on each of the major services and use that. See what happens. Monitor them for a while. The mailbox I shared in my earlier affiliate post was almost 2 years after I first signed up at a job site. It took about 6 weeks to start getting stuff that wasn’t job offers. Then it took another few months before I started getting actual spam. For that mailbox I initially signed up June 6; the first unauthetnicated and non-job email showed up September 16 (Quick Loans eLoanPersonal). The address got a mix of requested mail and spam through October 6 and then the spam floodgates opened.
One of the biggest red flags is not telling you what domains and IPs they send from. If you sign up for their mail you’ll get it. I once had a customer tell me their brands, domains and IPs were proprietary information. That’s just silly. And it reeks of the sender being a spammer and not wanting you to know they are using botnets.
Ask them how they monitor for and deal with delivery problems.
These questions and investigative techniques aren’t fool proof. But they’ll open up a discussion with the vendor. I pointed out some of the red flags here, but the crux of the matter is this is a company you are hiring to do work for you. If they do it badly you’re not just wasting money, you’re risking having to clean up a deliverability mess. Can you trust this company to value your mail and your company reputation the same way you do? If the answer is no, maybe this isn’t the vendor for you.

Let's talk CAN SPAM

Earlier this week I posted about the increased amount of B2B spam I’m receiving. One message is not a huge deal and I just delete and move on. But many folks are using marketing automation to send a series of emails. These emails often violate CAN SPAM in one way or another.
This has been the law for 13 years now, I find it difficult to believe marketers are still unaware of what it says. But, for the sake of argument, let’s talk about CAN SPAM.

The Blighty Flag

Back in the dark ages (the late ’90s) most people used dialup to connect to the internet. Those people who had broadband could run all sorts of services off them, including websites and mail servers and such. We had a cable modem for a while handling mail for blighty.com.
At that time blighty.com had an actual website. This site hosted some of the very first online tools for fighting abuse and tracking spam. At the same time, both of us were fairly active on USENET and in other anti-spam fora. This meant there were more than a few spammers who went out of their way to make our lives difficult. Sometimes by filing false complaints, other times by actually causing problems through the website.
At one point, they managed to get a complaint to our cable provider and we were shut off. Steve contacted their postmaster, someone we knew and who knew us, who realized the complaint was bogus and got us turned back on. Postmaster also said he was flagging our account with “the blighty flag” that meant he had to review the account before it would be turned off in the future.
I keep imagining the blighty flag looking like this in somebody’s database.

That is to say, sometimes folks disable accounts they really shouldn’t be disabling. Say, for instance:

This was an accident by a twitter employee, according to a post by @TwitterGov

Do you have an abuse@ address?

I’ve mentioned multiple times before that I really don’t like using personal contacts until and unless the published or official channels fail. I don’t hold this opinion just about resolving delivery issues, but also use official channels when reporting spam to one of my addresses or spam traps.
My usual complaints contain a plain text copy of the mail, including full headers and a short summary of the email address it was sent to. “This is an address that was part of a leak from…” or “This is an address scraped off my website. It’s been removed from the website since 2004” or “This address isn’t used to sign up for any mail.”
Sadly, there are a number of “legitimate” ESPs that don’t have or don’t monitor their abuse address. In some cases it’s an oversight or a break down of internal mail handling. But in most cases, it’s a sign that the ESP doesn’t actually handle abuse.
It’s frustrating to watch an ESP post long blog posts about “best practices” and “effective delivery” and “not spamming” and yet not be able to actually stop their own customers from spamming. It’s not even that I necessarily want them to disconnect their spamming customers (although that would be nice) but suppressing the address that I’ve told them was a spamtrap seems trivial. And yet, a month after my first complaint and weeks after escalating to a personal contact, I’m still getting spam.
The 5 things every ESP should do to handle spam complaints.