They Must Have Changed Something…

One of the most common refrains I hear from folks with delivery problems is that the filters must have changed because their mail suddenly started to go to the bulk folder. A few years ago, I posted about how even when there is no change in the sender’s behavior, reputation can slowly erode until mail suddenly goes to the Gmail bulk folder. Much of that still applies – although the comments on pixel loads (what other folks call ‘open rates’) are a bit outdated due to changes in Gmail behavior.

While it is often true that reputation drives sudden delivery problems there are other reasons, too. Filters are always adjusting and changing to meet new challenges and threats. We’re seeing these changes rolling out at some of the consumer mailbox providers. Steve recently wrote about changes that Yahoo! was making related to domain existence. He also posted about Microsoft getting picker about email address format. Talking with various folks on the receiving side these changes are in direct response to active an ongoing spam techniques.

As with everything in email and filtering, though, there are other reasons that mail can suddenly start going to bulk: the filters change and mail that wasn’t being caught by the filters previously is now caught in them. There are two reasons this could happen to specific mail streams:

  1. The filter is not specific enough and catches mail that isn’t its target.
  2. The filter is specific enough and the mail is the intended target for the updated filter

A lot of senders like to assume they’re in category 1. Sometimes they’re even right. The good news is that most of the consumer mailbox providers and many of the filter companies have channels to report this kind of false positive so they can tweak their filters to stop catching unintended mail.

What about category 2 mail? Where senders think they’re doing everything right because the mail is getting into the inbox. They’re shocked to discover they’re following “all the rules” and their mail was fine and now the filters changed and suddenly their mail isn’t fine.

There are a couple things going on here, all of which contribute to the underlying shock.

First, following all the rules doesn’t mean a sender is actually doing the right things. To be honest, I don’t even know what “all the rules” are for delivery. In my experience there’s no magic checklist of rules that mean mail will be delivered. To my mind, the only real rules are: send technically correct, authenticated email to people who have asked to receive it. That’s it, that’s the rule. Things like bounce rates and complaint rates and open rates and all the metrics we user are, in essence, 2nd order metrics. They are ways we can measure whether or not we’re sending technically correct email to people who asked for it. But all of these numbers are approximations and guesses at the very best. I’ve seen senders with awesome metrics, and who have worked very hard to meet those metrics, while still sending mail that no one wants and no one cares if they don’t get it.

Second, some senders focus on whether or not their mail is getting accepted for delivery. As long as the mail is not outright blocked or they’re not listed on any of the public blocklists then they must be doing things right. This is a bad metric and the one most likely to fall afoul of updated filters. Just because your mail is accepted doesn’t mean it’s wanted by either your individual users or the ISPs. What I’ve seen is that senders’ who use “not blocked” as a metric often have poor practices. Sure, the practices are good enough to get mail through, but they aren’t actually good practices. They’re just good enough to get through the filters.

When mail is just good enough, it’s at risk when the filters get better. When talking about filters with folks I categorize it in three ways. On one side we have mail that is Good and should be delivered, on the other side we have mail that is Bad and should not be delivered. Good mail is things like messages from friends and family, the tickets that you bought or whatever. Bad mail is malware and obvious spam. Between those two extremes is a vast grey area of mail that is hard to filter.

For example, it’s hard to filter mail that some some users want and other users don’t. Using global filters on this type of mail ensures some of the recipients are going to be unhappy about filter decisions. This is impossible for global filters to solve and requires user specific filters.

In other cases, the users clearly don’t want the mail, but it’s hard to reliably identify that mailstream using software. Often in these cases the filter developers and maintainers can manually identify the mail but for various reasons, including that the senders are actively trying to avoid filters, can’t programatically identify the mail… yet. This is a type mail that the filter updates are really trying to catch. This is also the type of mail that when it does get caught and the sender asks for help they don’t usually get it. They’ll get either no response or a vague “we see no issues on our end.” That’s the sign the sender needs to step up their game and stop doing the bare minimum.

Email is a communications channel and there are real people on the other end of that email address. Mailbox providers and filtering companies center the user experience. Senders who don’t center the user in their strategy may discover that their grey mail is blocked or filtered as filters continue to become more and more discriminating.

Related Posts

All filters are not equal

Many questions about delivery problems often assume that there is one standard email filter and the rules are the same across all of them. Unfortunately, this isn’t really the case.

Read More

Their network, their rules

Much of the equipment and wires that the internet runs on is privately owned, nor is it a public utility in the traditional sense. The owners of the property have a lot of leeway to do what they like with that property. Yes, there are standards, but the standards are about interoperability. They describe things you have to do in order to exchange traffic with other entities. They do not dictate internal policies or processes.

Read More

Filters do what we tell them

In the email space we talk about filters as if they were sentient beings. “The filters decided…” “The filters said…” This is convenient shorthand, but tends to mask that filters aren’t actually deciding or saying anything. Filters are software processes that follow rules dictated by the people who create and maintain them. The rules flow from the goals set by the mailbox provider. The mailbox provider sets goals based on what their users tell them. Users communicate what they want by how they interact with email.

What we end up with is a model where a set of people make decisions about what mail should be let in. They pass that decision on to the people who write the filters. The people who write the filters create software that evaluates email based on those goals using information collected from many places, including the endusers.
What mail should be let in is an interesting question, with answers that differ depending on the environment the filter is deployed in.
Consumer ISPs typically want to keep their users happy and safe. Their goals are to stop harmful mail like phishing, or mail containing viruses or malware. They also want to deliver mail that makes their users happy. As one ISP employee put it, “We want our users to be delighted with your mail.”
Businesses have a few other goals when it comes to filters. They, too, need filters to protect their network from malicious actors. As businesses are often directly targeted by bad actors, this is even more important. They also want to get business related email, whether that be from customers or vendors. They may want to ensure that certain records are kept and laws are followed.
Governments have another set of goals. Universities and schools have yet another set of goals. And, of course, there are folks who run their own systems for their own use.
Complicating the whole thing is that some groups have different tolerances for mistakes. For instance, many of our customers are folks dealing with being blocked by commercial filters. Therefore, we don’t run commercial filters. That does mean we see a lot of viruses and malware and rely on other strategies to stop a compromise, strategies that wouldn’t be as viable in a different environment.
Filters are built to meet specific user needs. What they do isn’t random, it’s not unknowable. They are designed to accomplished certain goals and generally they’re pretty good at what they do. Understanding the underlying goals of filters can help drive solutions to poor delivery.
Use the shorthand, talk about what filters are doing. But remember that there are people behind the filters. Those filters are constantly maintained in order to keep up with ever changing mail streams. They aren’t static and they aren’t forgotten. They are updated regularly. They are fluid, just like the mail they act on.

Read More