Recent Posts

Training recipients

Want to see a WWF style smackdown? Put a marketer and a delivery expert in a room and ask them to discuss frequency and whether or not more mail is better.
The marketer will point to the bottom line and how much more money they make when they increase frequency. The delivery expert will point to inbox rates and user engagement and point out that too much mail drives users to ignore the mail.
This isn’t actually unique to marketing mail. Send a lot of mail that doesn’t engage recipients and recipients are trained that they don’t have to actually pay attention to the mail. Some of them hit delete. Some may even report the mail as spam.
According to Cloudmark, this is exactly what happened when LinkedIn informed users of the recent data breach. They estimate that up to 4% of users who received the fully DKIM authenticated mail about the data breach deleted it immediately without reading it. This is higher than notification emails from other social networks.

Cloudmark suggests that part of the problem is that LinkedIn has an unclear opt-in process. Instead of asking users for preferences, LinkedIn assumes that all users want all the mail LinkedIn cares to send them. Then LinkedIn makes it difficult to find the page to change mail settings. This means recipients are very trained to ignore mail from LinkedIn. I know I ignore most of it. Anything that’s not a “want to connect” gets filed in the “I’ll read it when I’m bored” mailbox. So far I’ve not been bored enough to read any of it.
But I’m not sure it’s just about too much email. LinkedIn is a company that is heavily forged in phishing mail. Since May 1, just one of my email addresses has received over 50 messages purporting to be from LinkedIn.

New Spamhaus lists

Spamhaus announced today they are publishing two new BGP feeds: Extended DROP and the Botnet C&C list. These lists are intended for use inside routers in order to stop all traffic to or from listed IP addresses. This is a great way to impact botnet traffic and hopefully will have a significant impact on virus infections and botnet traffic.
In other news I’ve been hearing rumbling about changes at Yahoo. It looks like they have changed their filters and some senders are feeling lots of pain because of it. It looks like senders with low to mid range reputations are most affected and are seeing more and more of their mail hit the bulk folder. This afternoon I’m hearing that some folks are seeing delivery improvements as Yahoo tweaks the changes.

Crowdsourced Investing and Spam

Kickstarter’s success has made a lot of people pay attention to the concept of crowdfunding. At it’s best, crowdfunding investment allows fans of an artist to send her money to directly support her work, and get something special out of it. At it’s worst, it’s photoshopped fake products, dubious consumer electronics and videogame projects from the implausible to outright scams.
Crowdfunding sites provide a fairly simple service: they allow people to list products on their website, provide a discussion forum and allow people interested in the project to pay money (after the crowdfunding site skims 5-10% off the top) to the project backers. The project backers promise something in return for the payment – from one or more of the actual product being developed, if it’s every released, down to a simple “thanks!’ on a website. That’s something that makes perfect sense in the original KickStarter artist fan-club world, but also allows attempts to fund tech startups to avoid SEC requirements on both the startup and the crowdfunding company. Those SEC requirements were put in place many years ago to make it more difficult for scam-artists to swindle people in the guise of investing in a worthless company…
What does this have to do with spam? Well, if you’re going to set up a spam campaign of some sort – whether it’s for a real product, or an outright scam – there are several things that are very useful to have: A website that looks plausible, and won’t be taken down by the webhost. A way to accept money, ideally via online credit card payments. And a way to control discussion about your product, so that you can maintain an appearance of legitimacy and build buzz, while keeping naysayers from dissuading potential customers would be perfect.
That’s exactly what the crowdfunding sites offer. Some of them – KickStarter, for one – are very aware of the potential for abuse. Not only do they do some basic checks potential projects for legitimacy, but they have – and enforce – acceptable use policies to deter bad behaviour. Others, like IndieGoGo, don’t.
I got this spam out of the blue:

Why does it take two weeks to process an unsubscribe?

Why does it take “10 business days” to process an unsubscription request?
It almost never does. An unsubscription request will often take effect instantly and it would be rare that it would take more than a few business days.
So why do some businesses say your email address will be removed “within 10 business days” when they know it’ll be almost immediate?
It’s better to underpromise and overdeliver. No recipient is going to be annoyed if they stop getting mail sooner than they were promised. But tell them they’ve been unsubscribed and will receive no more email, then have mail from you end up in their inbox the following morning and they may get mad.
Why “10 business days” in particular?
The US CAN-SPAM act says you have to honor unsubscription requests by then, so that’s the upper limit to what’s legal:

Leads, leads, leads!

There are a number of places that will sell business leads from data they’ve compiled, crawled or crowd-sourced. How great is that? Anyone can buy a list of targeted business information to use to further their business goals! Awesome! Great! Step right up and get your lead here!
But how accurate is that information really?
One of the bigger companies, which allows for public searches, is Zoominfo. I did some lookups recently just to see what their data is like. My conclusion? If the data they have on me is any indication of the overall accuracy of their data, companies are way better off just setting light to a pile of money in their parking lot instead of giving it to Zoominfo.
Let’s look at the data they have on me. When you go to their homepage and enter my name in, you get about 2 dozen profiles. Looking through them, there are a number that describe me.
Laura Atkins; MCRS rep. Fair enough, I do mention MCRS on a few of my webpages and was recently on their board of directors. What I can’t figure out is why they think the Minnesota Companion Rabbit Society is run out the Chesterfield County Business Development office. The MCRS is neither a business nor is it located in the state of Virginia. It’s not even located in the same time zone as Virginia. Strike 1 for Zoominfo.
Laura T. Atkins; Founding Partner. This one is the reference that is most clearly me. Zoominfo claims this information was “community contributed.” OK, so someone uploaded their address book and my name and contact info was in it. But they have my company listed as simply “Word.” Sure, Zoominfo went and scraped a bunch of info off our website, but that isn’t reflected in the actual listing. Strike 2 for Zoominfo.
Laura Atkins; Spamtacular. This one is one of my favorites. I’m listed as associated with Spamtacular. Spamtacular is a blog run by my former co-worker Mickey Chandler. Mickey’s currently working for a major ESP, but he blogs about email, spam and delivery under the Spamtacular.com domain. And, in fact, the “association” is that he lists me as part of the Spamtacular blogroll. But Zoominfo claims they have an email address and phone number for me associated with Spamtacular. According to Mickey, Zoominfo have repeatedly attempted to mail laura at spamtacular. It’s not just my email address they’ve pulled out of nether orifices, though. The Spamtacular corporate information is, if anything, more inaccurate than the MCRS data. Spamtacular is not and has never been registered anywhere near the state of California. Strike 3 for Zoominfo.
But wait! Just because they’ve struck out doesn’t mean they’re going to stop swinging or walk off the field.
Laura Atkins; Context Magazine. I did an interview with Context Magazine back in 2002, and Zoominfo claims they have a phone number for me. I suspect this is not my phone number, but, rather, is the main number for Context Magazine.
There are a couple of other, less interesting profiles for me: Spamcon Foundation, Deliverability.com. All are demonstrably me, but with no real contact information it’s not going to help anyone get in touch with me.
I have to admit, I’m actually surprised at just how totally inaccurate the data about me is. I’m not that hard to find. Zoominfo has 6 listings I can clearly identify as me. In those 6 listings:

World IPv6 launch day

Today is world IPv6 launch day. A group of ISPs, network hardware manufacturers and web companies permanently enabled IPv6 for their products and services.
What’s this got to do with email? According to a post on the NANOG mailing list the very first email to arrive at the Comcast IPv6 mailserver was received a minute after the server was turned on. This email was spam and was caught by Cloudmark’s filters.
Comcast goes on to assure readers that more mail came in and not all of it was spam.
But, yes, the first email sent to Comcast over IPv6 was spam. Welcome to the future.

Things people hate about your email marketing

I found this article over on Hubspot, and I think it covers a lot of why people hate email marketing quite well.

Spamtraps are not the problem

Often clients come to me looking for help “removing spamtraps from their list.” They approach me because they’ve found my blog posts, or because they’ve been recommended by their ISP or ESP or because they found my name on Spamhaus’ website. Generally, their first question is: can you tell us the spamtrap addresses on our lists so we can remove them?
My answer is always the same. I cannot provide a list of spamtrap addresses or tell you what addresses to remove. Instead what I do is help clients work through their email address lists to identify addresses that do not and will not respond to offers. I also will help them identify how those bad addresses were added to the list in the first place.
Spamtraps on a list are not the problem, they’re simply a symptom of the underlying data hygiene problems. Spamtraps are a sign that somehow addresses are getting onto a list without the permission of the address owner. Removing the spamtrap addresses without addressing the underlying flaws in data handling may mean resolving immediate delivery issues, but won’t prevent future problems.
Improving data hygiene, particularly for senders who are having blocking problems due to spam traps, fixes a lot of the delivery issues. Sure, cleaning out the traps removes the immediate blocking issue, but it does nothing to address any other addresses on the list that were added without permission. In fact, many of my clients have discovered an overall improvement in delivery after addressing the underlying issues resulting in spamtraps on their lists.
Focusing on removing spamtraps, rather than looking at improving the overall integrity of data, misses the signal that spamtraps are sending.

Congrats!

Congratulations go out to Matt Blumberg for being named one of the top entrepreneurs for 2012 by Crain’s New York Business!

AOL update

A reader has been talking with AOL about the mtain* responses that people were receiving. AOL has said both responses mentioning mtain-*.r1000.mx.aol.com are actually DNY:T1 bounces that are being presented incorrectly. Both responses should be treated the same as 421 DYN:T1.