Recent Posts

Authentication and phishing

Yahoo announced today that they are releasing the Yahoo! Mail Anti-Phishing Platform (YMAP) that will help protect their users from phishing. They have a similar project in place for eBay and PayPal mail, but this will extend to a broader range of companies.

Read More

Does your unsubscribe process work? Are you sure?

I stumbled across an interesting problem today.
A company I bought something from a while back added me to their newsletter. They seem to be having trouble making sales this quarter, as they’ve gone from an occasional email every few weeks to bombarding me with increasingly desperate offers in the past week or two. So I do what most recipients do in that situation (well, the ones who don’t just mark the mail as spam, anyway). I click the unsubscribe link.
I get a perfectly normal, standard unsubscription page, with a nice, prominent “Unsubscribe from all” button with good text explaining that that will remove me from all of the companies mailing lists. No requirements to log in, set dozens of checkboxes or provide a password I don’t have. So far this is a textbook example of a good unsubscription process.
I click the button. Nothing happens. That’s not good.
So I grab one of the people I know over at that ESP and we start looking at it. He clicks the button, and it loads a new page saying that I’ve been unsubscribed from all of the companies mailing lists.
A bit more testing shows that the unsubscription works if you use Internet Explorer or Firefox, but not if you use Safari. The cause of the bug was threefold:

Read More

Just give it up already

I have a mail system totally separate from my inbox to use when I’m testing signup forms. Some of them are client, some of them are vendors my clients are thinking about using. In any case, it’s mail I’m seriously concerned won’t stop just by me opting out of it.
The server hosting that mail system has been flakey lately, and needs to be hard power cycled to make it come back. We had a major power glitch this morning and so ended up down at the colo and power cycled that box while we were there.
This box was last working February 4th. It’s been off the internet for almost 2 months now. It wasn’t answering on port 25. It was dead. No mail here. And, yet, a bunch of legitimate email marketers are still attempting to send those addresses mail.
Really. Dead for 2 months and the senders keep trying to mail to those addresses. The server came back about 2 1/2 hours ago. I already have 6 emails from two different senders.
Seriously. If you can’t deliver a mail to someone for TWO MONTHS just give it up already. I am sad that even companies that get the best advice I can give them still can’t get the simple things right.
And, really, don’t argue “but it came back! Clearly we should keep trying!” Yes, it came back. But in all the years I’ve had this disposable email system I have not opened a single image. I’ve not purchased a single thing. I’ve never shown any sign of life on any of those addresses. The mailserver has been down for months at a time. There is no value to continuing to send mail to those addresses. And, yet, people still do it.
Why? WHY!?

Read More

News about the Rustock takedown

Spam levels plummeted 2 weeks ago as the Rustock botnet was beheaded. Reports have been trickling out in the press about the takedown, about the botnet and about the team responsible.
Rustock Takedown Analysis at The Register
Brian Krebs’ intitial report of the takedown
Taking down botnets from a Microsoft attorney
Spam Network Shut Down at the Wall Street Journal
Global Spam Levels Graph from Symantec
 

Read More

Spammers, eh?

From my inbox, missed by the spamfilter:

Do you know people who have worked a lot or could not find a job for a long time and suddenly began to earn well, gain valuable items and look better?
We can reveal to you their secret.
Anyone who bought a diploma from us raised their standard of living in half!
Our diplomas are verified and credible. We offer expert help in selection of the right option and a short waiting time.
Don’t look at other – DO YOUR OWN SUCCESS!
—–
+ 1 – 646 – 555 – 1212
—–
We need your infarmation:
1) Your Name
2) Your Country
3) Telephone No. with a code of country if you are outside USA
Do Not Reply to this Email.
We do not reply to text inquiries, and our server will reject all response traffic.
We apologize for any inconvenience this may have caused you.
This is not a spam
If you don’t want to receive this message to your e-mail, call this number and refuse it – spell your e-mail

Read More

Holomaxx v. MSFT and Yahoo

I mentioned way back in January that Yahoo had filed a motion to dismiss the case against Holomaxx. Microsoft filed a motion to dismiss around that time, although I didn’t mention it here.
And, of course, Holomaxx filed a motion in opposition in both the Microsoft case and the Yahoo case. Nothing terribly interesting here, about what you’d expect to read.
On March 11 the judge ruled on both motions to dismiss and in both cases ruled that the case was dismissed.  He did, however, give leave for the complaints to be amended in the future.
As I expected the Judge agreed that MSFT and Yahoo have protection under the CDA. First, the court made it clear that providers are allowed wide leeway in determining what is objectionable to their customers.

Read More

Letters to the abuse desk

Ben over at Mailchimp has shared some of the mail that comes into the mailchimp abuse desk. It’s a post well worth a read.
One of the things that leaped out at me during that post is that the positive emails highlight how much the Mailchimp delivery and compliance people help their users get good delivery. They’re not just saying “you can’t do that” because they’re mean or they want to make life more difficult for their users. They are saying no because what the user wants to do is a bad idea.
I also appreciated the letter from the customer who had to tell Mailchimp that management had decided to not take Mailchimp’s advice. This is something that happens to me sometimes. Clients agree with my recommendations but management decides that they’re not going to implement them. It can be difficult to watch, particularly when I then see how much that company is struggling with blocks or see them show up on some of the big spam lists. But, it’s also part and parcel of the job. Not everyone, no matter how effectively I make my cases, will take my advice.
 
 

Read More

Getting it so wrong

One of the things I notice is when vendors send me badly formatted emails. There’s one vendor of ours that gets it so wrong I find it offensive to receive their mails. Not only have they not managed to invoice or process payments correctly for months, but their billing emails come to me with one of the ugliest From: lines I’ve ever seen.
Now, I’ve seen Dave Crocker’s lectures on email address. I believe that technically this is a legal From: address. But, seriously? I’m amazed they ever get mail delivered.
“COMPANY <Firstname.Lastname”@company.com
Yes, I changed the name to protect the stupid.
I tried to reply to the email address and my mail client tells me “this does not appear to be a valid email address.” Well, no. No it doesn’t. But let’s try anyway.
And there’s the bounce. “Invalid address!!!”.
This vendor is sending out invoices with totally broken From: address. I wonder how many of their customers are not getting an actual invoice from them?
But, being the helpful person I am, I actually mailed the person and pointed out that their From: address was horribly broken and may be negatively impacting their delivery. I’m not expecting an answer, but at least I have done my good deed for the day.
As part of the deployment process of any new email system you should check to make sure the address is correct and people can reply to it. That single test “reply to mail” would have identified this problem 5 months ago and not taken one of their recipients to point it out to them.

Read More

Thank you, Fred!

I am honored and humbled to be called out as a Goddess of Email Deliverability by Fred Tabsharani in his recent deliverability.com post. He has named and lauded people I am proud to call colleagues and friends. Thank you, Fred.

Read More

SORBS Progress

A little bird tells me that GFI have resolved their primary blocking issue on SORBS problems. If all goes well I’d expect their infrastructure and policies to improve significantly over the next few months. We’ll wait and see whether the data quality begins to improve after that.

Read More
Categories
Tags