Recent Posts

Target, Epsilon, Spam

If you enter “bfi0” into the Google search box, it’s suggestions are:

Target acquires email addresses, exposing more customers to data breaches

As most folks now know hackers broke into Target systems last December and stole financial and other data from 110 million customers. Target has been responding to this breach reasonably well. They’ve been notifying customers that were affected and they’re providing credit monitoring for affected individuals. They seem to be totally on top of protecting their customer’s data and privacy.
Mostly.
They seem to be purchasing or otherwise acquiring email addresses from at least one major retailer in order to send out notifications about the breach to customers that never gave them email addresses. Yes, even those of us who chose not to give Target email addresses are receiving email from them.
I understand Target’s drive to contact affected users. I even appreciate that. What I don’t appreciate is that Target appears to be compromising my security in order to notify me my security was compromised. The data of mine that was compromised at Target would be credit card and possibly address information. My email address was not part of the compromise. So what does Target do? They go and acquire my email address from a third party.
Their solution to the compromise is collecting more data that is vulnerable to compromise from unrelated third parties? I’m not sure this is the most consumer friendly thing Target could do. In my case, Target sent mail to an address I’ve only given to Amazon. That means I now need to worry about my Amazon account security, on top of everything else.
Ironically, the email sent by Target tells me that I can click a link and get free credit monitoring. Then the email goes on to tell me the following:

Never share information with anyone over the phone, email or text, even if they claim to be someone you know or do business with. Instead, ask for a call-back number.
Delete texts immediately from numbers or names you don’t recognize.
Be wary of emails that ask for money or send you to suspicious websites. Don’t click links within emails you don’t recognize.

Don’t click links within emails I don’t recognize? You mean like the one you just sent me? With a link to a credit monitoring website?
I appreciate the notice. I don’t appreciate is that Target went out of their way to collect more information about me than I actually gave them. I am now worried about Amazon’s security as well. How did Target get an address only provided to Amazon? I don’t appreciate that my efforts to keep my information secure (not providing email address to Target) was undermined by Target themselves.
The full text of the email, with the relevant headers (munged slightly for privacy) is under the cut, if anyone is interested.

Transcript of Google hearing

I’ve not had a chance to read it, yet, but the transcript of the September hearing for the wiretapping case against Google is available. (pdf download)

Thoughts on "ISP relations"

I’ve been thinking a lot about the field of ISP relations and what it means and what it actually is. A few years ago the answer was pretty simple. ISP relations is about knowing the right people at ISPs in order to get blocks lifted.
The fact that ISPs had staff just to deal with senders was actually a side effect of their anti-spam efforts. In many places blocking was at least partially manual, so there had to be smart, technical, talented people to handle both the blocking and unblocking. That meant there were people to handle sender requests for unblocking.
Spam filters have gotten better and more sophisticated. Thus, the ISPs don’t need smart, technical, talented and expensive people in the loop. Most ISPs have greatly scaled back their postmaster desks and rely on software to handle much of the blocking.
Another issue is that some people on the sender side rely too heavily on the ISPs for their data. This makes the ISP reps, and even some spam filtering company reps, reluctant to provide to much help to senders. I’ve had at least 3 cases in the last 6 months where a sender contacted me to tell me they had spoken with someone at an ISP or filtering company and were told they would get no more help on a particular issue. In talking with those reps it was usually because they were drowning under sender requests and had to put some limits on senders.
All of this means ISP Relations is totally different today than it was 5 years ago. It’s no longer about knowing the exact right person to contact. Rather it’s about being able to identify problems without ISP help. Instead of being able to ask someone for information, ISP Relations specialists need to know how to find data from different sources and use that data to identify blocking problems. Sure, knowing the right person does help in some cases when there’s an obscure and unusual issue. But mostly it’s about putting together any available evidence and then creating a solution.
We still call it “ISP Relations” but at a lot of ISPs there is no one to contact these days. I think the term is a little misleading, but it seems to be what we’re stuck with.

First BACN, now SCRAPPLE

There is a lot of mail that goes out to recipients that’s not really spam, but isn’t fully wanted. To describe these different kinds of mail, people have invented pork-product related terminology. Ham and bacn are both used to describe wanted mail, although possibly not wanted right now.
Now we have SCRAPPLE. It seems over the weekend a number of members of the Science Fiction Writers Association received email from someone asking them to consider one of his writings for an award. Reading through the tweets, this person typed hundreds of email addresses out of the SFWA directory into their mail client. And then sent mail to that list.
Recipients of that mail then went to twitter to complain about abuse of their email addresses in this way. Being writers, they discussed what word that would describe “something like spam, but not really.”
@talkwordy came up with Scrapple. Now, for those of you who don’t live in a very small part of the mid-Atlantic region, you may not know what scrapple is. Scrapple is a loaf pork product made from, well, scraps of pig. It often has a weird greenish tinge to it, presumably from the liver. My grandmother, having grown up in that small part of the mid-Atlantic region, used to eat it when she could find it. Usually it was in small, country diners where the waitresses call you darlin’ or hun.
By the end of the discussion the definition of scrapple was: Unwanted email from a person you know, which is annoying but not completely irrelevant to your interests, often manual address list creation.
There you have it. Scrapple joins bacn, ham, spam, and spim to describe different kinds of email.

iMessage Spam

iMessage is the Apple messaging system that lets folks send short messages to one another over WiFi. In December I received my first iMessage spam.
I’m not even really sure how to report it or how to report it to.
Mobile spam is a hot button issue right now, but the tools just aren’t around to control SMS, iMessage and TXT spam like there is with email. And even though sending unsolicited messages to a mobile device is against several laws here in the US, there does seem to be a core of spammers that continue to send.

Images, again

It’s a new year, but an old problem. Email with unloaded images.
Sure, you should be including critical content as text, and/or including alt-text as a normal part of your creative design process, but at the bare minimum you should look at what your mail looks like without images.
The last thing you want to do is send out email with just one strong call to action – the unsubscribe link.

CASL and existing opt-in addresses

The Canadian Anti-Spam law takes effect this summer. EmailKarma has a guest post by Shaun Brown that talks about how to handle current opt-in subscribers under the law.

And we're back

Happy New Year!
I am back and ready to talk email with folks.
December is always a busy time, both between the holidays and all associated personal stuff, but also for delivery consulting. There are senders that suddenly discover their email going to the bulk folder and needing help and assistance. But now it’s January and email marketing gets a brief break.
The beginning of the new year and the lull after the Christmas season marketing storm is a good place for folks to think about marketing and email goals for the upcoming years. Many senders get so wrapped up in the day to day details of email that they fail to think strategically about email and their business.
It works much that way for me, as well. I hate it when my clients have bad delivery and do everything I can to fix their problems. If their mail isn’t getting to the inbox, then it’s as much my problem as theirs. I’m thinking and working to get to the root of their problem and come up with solutions to get their mail sent. This sometimes means my own strategic planning gets pushed aside while I focus on client needs. January is a fun time of year for me, because it’s all a little more relaxed and I can look at the new year and how to improve services and share more of my knowledge with folks.
You’ll start to see some of those improvements in the upcoming months. I’ll also be blogging regularly. We should be getting some research and white papers out over the next few months. I’ll be catching up on the Google privacy cases and updating on some other email related lawsuits.
2014 is looking like a year of growth and excitement.

Responsys bought by Oracle

Being on the west coast, I’m usually not yet awake when the 9am eastern press releases go out. So I’m often late on BREAKING NEWS!! in the email industry.
This morning it was the news that Oracle bought Responsys. Most news reports seem to agree that the purchase price was $1.5B, although a couple places are putting that at a lower figure of “about $1.39B.”
In any case, congrats to Responsys shareholders for getting a premium on their stock price.