Recent Posts

Engagement, it's not what you might think

Most delivery experts will tell you that ISPs measure recipient engagement as a part of their delivery. That’s absolutely true, but I think there’s a language difference that makes it hard for senders to understand what we mean by engagement.
ISPs, and other filtering companies, profile their user base. They know, for instance, who logs in and checks mail every day. They know who checks mail every 20 seconds. They know who gets a lot of spam. They know who hasn’t logged in for months. They know who accurately marks mail as spam and who is sloppy with the this-is-spam button. They know if certain recipients get the same mail, it’s likely to be spam.
Engagement at the ISPs is more about the recipient engaging with their email address and the mail in their mailbox then it is about the recipient engaging with specific emails.
 

Read More

More on Newsmax and spam to political lists

Things are getting stranger and stranger with Newsmax and the politicians they’re managing lists for.  Earlier this week, recipients on Scott Brown’s list received emails with the subject line “5 Signs You’ll Get Alzheimer’s Disease.” The advertisement was for products and information from Dr. Blaylock, a contributor to Newsmax Health. Scott Brown told the political reporter at WMUR in New Hampshire that he did not authorize this email was cutting ties with Newsmax
Newsmax contacted me after I posted about unexpected email to the Herman Cain mailing list. They wanted to make it clear to me that their mailings were all double opt-in and that they adhered to all best practices. They also said that select advertisers were allowed to put ads in the body of messages from the politician to their supporters.
It seems, though, that may not be the whole truth. After I received the message from Newsmax, I signed up on caintv.com to see if they really were using double opt-in. While it is very possible that Mr. Cain was using double opt-in during the campaign, he isn’t any longer. I started receiving emails immediately, with neither a welcome message or a confirmation message.
In the case of Scott Brown’s list, the advertisement wasn’t from an outside advertiser, the advertisement was for a Newsmax columnist. And the ad wasn’t in the body of a message to supporters, it was the message to supporters. Mr. Brown has this to say about his likeness and mailing list being used by Newsmax.

Read More

Contacting an ISP that doesn't have a postmaster page

How do you contact an ISP about a block that doesn’t have a postmaster page? While there’s no one answer, I do have some suggestions.
Start by contacting the postmaster@ or abuse@ addresses. For smaller ISPs, the same people handling outbound abuse are the people handling inbound filtering.
When you contact them have the following:

Read More

Problems with Yahoo FBL

There are a couple problems I’ve been alerted to with the Yahoo FBL today.
The first comes from Michael Ellis and is about broken FBL reporting at Yahoo.

Read More

Cloudmark posted their Global Spam Threat Report for 2013.

Cloudmark Annual Global Messaging Threat Report. Nothing too surprising here, but useful for anyone in the email space to check out.

Read More

Update on Herman Cain advertising male enhancement drugs

Shawn Studer from newsmax.com contacted me today with a statement about the Herman Cain mailing list.

Read More

Does email have a guarantee of delivery?

A client asked me earlier this week what SLAs ISPs provided for email delivery. The short answer is that there isn’t a SLA and that the only guarantee is that the email will get there when it gets there.
But as I was mentioning this to Steve, he pointed out that there was a recent change in the RFCs for email. In both RFC 821/2 and RFC 2821/2 (the original email related RFCs and the update in the early 2000’s) the RFCs stated that once a receiving MTA accepted an email that that MTA was required to either delivery the mail or generate an asynchronous bounce. While this isn’t a standard SLA, it does mean that a 2xy response after DATA meant the email would either be delivered to the user or be sent back to the sender. Despite the RFC requirements some receivers would still drop mail on the floor for various reasons, sometimes intentionally and sometimes not.
RFC 5321/2, the current SMTP standard, still says that once a server accepts the mail it must not lose that mail ‘for frivolous reasons.’ The RFC goes on to admit, though, that in recent years, SMTP servers are under a range of attacks and dropping mail on the floor is not frivolous in those cases.
 

Read More

Repurposing addresses

Multiple news sources are reporting that Herman Cain, republican presidential hopeful from 2012. Maddow on Herman Cain’s new business model. Apparently, his email address list is for rent by just about anyone, including companies selling cures for erectile dysfunction.

Read More

Where did you get my address?

Both Steve and I are trying to get answers from Amazon, Target and Epsilon about how Target acquired our Amazon specific email addresses. Target phone reps told us the mail we got was a phish, Epsilon is refusing to acknowledge Target is a customer and Amazon has promised us “they’re looking into it.”
Meanwhile, an address of mine was transferred from one customer of an ESP to another customer of the same ESP. At first I was told I must have signed up for the mail; as proof I was provided with the data I supposedly signed up. When I explained no that wasn’t true, the abuse desk told me they had discovered there was a mistake and that “These two clients use the same 3rd party ESP and they had mixed the files.” I’m not actually sure who “they” refers to, but as long as they’ve untangled the files I am not going to argue. The sad part is that it took an escalation to Return Path (the IP sending the mail is certified) to get anyone to actually respond to my report of an address given to Company A being mailed by Company B.
On the flip side, mail showed up today that actually had a link for “how was I added?”
Atari_Optout
When you click on the link it shows exactly where the address came from and when it was added to the list.
How_was_I_added_to_this_list_
It would be great if more companies provided this information to their recipients. I think it would probably decrease spam reports and make consumers feel more comfortable about how companies are collecting and using information.

Read More

Spamhaus on ESPs

Promoted from yesterday’s comments, Spamhaus comments on my discussion of filtering companies getting tired of ESPs.
You hit the nail square on, Laura.
As Laura knows but many here might not, I am with the Spamhaus project. At one time I was leading efforts to clean up ESP spam. I am not deeply involved with ESP listings any longer. I can however testify that ESPs ask Spamhaus volunteers for a great deal of information about their SBL listings, considerably more than most ISPs or web hosting companies. Certain team members avoid ESP listings except in extreme cases because they don’t want to spend that much time on one SBL.
Whilst I was doing many ESP listings, I attempted to provide requested information, often at great length, with mixed results. In one notable case, an ESP that I provided with a report on hits from that ESP’s IPs on our spamtraps took that report and turned around their entire business. They had been an average ESP: not worse than most ESPs, but not better either. It’s been about three years now. This ESP is now in any list of the least spam-friendly two or three ESPs in the business. I’m honored to have been able to contribute to that change, am delighted at the results, and have learned a great deal from that ESP’s abuse team, which is superb.
That hasn’t happened often, though. I’ve provided similar reports to a number of other ESPs; I try not to play favorites. It is Spamhaus policy not to treat ISPs, ESPs, web hosts, and others whose IPs are listed for spamming differently except based upon our observations of which responds to spam issues effectively and which do not. I would also rather see a spam problem fixed than a spammer terminated just to move somewhere else and continue to spam.
The spam flow from many ESP customers that I reported to the ESP dropped, then slowly rose to previous and often higher levels. There are strings of SBL listings as a spam problem is mitigated, then inexplicably (according to the ESP) comes back. I do not find most of those recurrences inexplicable. I conclude, in many cases, that the ESP is unwilling to do the proactive work necessary to catch most spam before it leaves their IPs, even when they know what needs to be done.
To make matters clear, the ESP representatives that I communicate with are not usually to blame for this problem. Their managers and the policymakers at the ESP are to blame. The decisionmakers at the ESP are not willing to require paying customers to adhere to proper bulk email practices and standards and enforce permanent sanctions against most who fail to do so.
Granted, some customers resist not because they are deliberately spamming non-opt-in email addresses, but because they think that quantity (of email) is more important than quality. Such customers don’t want to see lists shrink even when those lists are comprised largely of non-responsive deadwood email addresses. Such customers send a great deal of spam and annoy a great many of our users, who really do not care whether the spam problem is due to carelessness or deliberate action.
In other cases, of course, ESP customers resist following best practices because they cannot. They are mailing email appended and purchased lists. If they don’t maintain some sort of plausible deniability about the sources of those lists, they know that we will list their IPs (at the ESP and elsewhere) and refuse to remove those listings til they do.
In either case, an ESP that is unwilling to impose sanctions on customers whose lists persist in hitting large numbers of spamtraps after repeated mitigation attempts needs to fire those customers. Otherwise it is failing to act as a legitimate bulk emailer. Such ESPs must expect to see their IPs blocked or filtered heavily because they deliver such large quantities of spam compared to solicited email.

Read More
Categories
Tags