Recent Posts

Reddit and email

Ben over at Mailchimp writes about Reddit discovering a lot of their mail was being blocked because they were sending from the Amazon EC2 cloud.

It used to be that every potential client that called me up to ask me to help them with their delivery issues would tell me they weren’t a spammer. Over the last year or so that’s changed to telling me that they have a good reputation and don’t understand why they’re having delivery problems.
This leads me to believe that there is some confusion about what reputation is and what reputation is not.
Reputation is a shorthand term for a complex formula measuring the history of email from an IP address. Some reputation schemes measure the history of email containing a particular URL or domain.
Recipient domains measure a lot of things and use them at various points during the email transaction. Some measurements are integrated into a single value that is queried during the SMTP transaction. If the measurement is too bad, the email is rejected or rate limited. Other measurements are queried after the email is accepted by the ISP, and those values determine if an email is delivered to the inbox or the bulk folder.
There are a couple important things to remember about reputation.

Vacation

After 9 years of running Word to the Wise, we’re taking a vacation. A really-o, truly-o vacation that doesn’t involve stealing a couple days before a conference or business meeting or visiting family. Also no internet and no email. I’m not even taking my laptop (I am taking my iPad, but it’s an awesome game machine).
I’ll be back to posting when I get back into the office mid-May.
Aloha!

Recent email marketing news

Apparently mentioning “affiliate” in a blog post brings out the blog spammers. I’ve had dozens of trackbacks on yesterday’s how to avoid affiliate spam. Oh, the irony.
A bucket of announcements came out over the last week.
The uber smart folks at Mailchimp have a new iPad app called Chimpadeedoo. This app lets merchants collect email addresses at the point of sale, on an iPad sitting next to the register. Given the troubles my clients have run into when trying to collect addresses in their brick and mortars, this is definitely a product whose time has come.
Venkat talks about a few anti-spam cases making their way through California courts and how the courts seem to be siding with the plaintiffs recently.
On the lawsuit front, John Levine posts about peacefire.org losing an anti-spam case due to the Gordon v. Virtumundo case.
ReturnPath and Liveclicker have partnered to bring video to email. I know marketers are all for video in email, but I can’t get excited about it. I read fast and videos always seem to take to long to watch. I don’t have a feel, though, for how much the average email recipient wants video in their mailbox.
Stephanie Miller from ReturnPath has a summary of a talk given by representatives from Hotmail and Yahoo at the Email Insider’s Summit sponsored by Mediapost. Both ISPs emphasized the need for senders to engage their recipients.

Avoiding spammers in affiliate programs

How can companies avoid paying spammers and having their brand associated with spammers?
One of the easiest ways to avoid spam is to not pay for acquisition email. Simply don’t set up an affiliate email marketing program. There are a lot of folks who don’t like me saying that, and who have argued vociferously with me over the years. But email is not a good medium for acquiring new customers if you don’t intend to spam. Email is a great medium for talking with current customers who are engaged with a brand and a company, but currently it is a poor way to acquire customers without spamming.
There are ways companies have successfully used email to acquire customers. There are actually newsletters that contain content but also sell advertising in the newsletter. Look at the newsletters you are receiving, that are relevant to your business space. One example of a newsletter that did this successfully is Magilla Marketing published by DirectMag. Every week there were 4 new articles from Ken Magill, supported by advertising in the newsletter and on the website. These kind of ads will let you reach your target market without spamming.
Now, I know that there are a lot of marketing departments out there that are going to insist that there aren’t useful newsletters or advertising venues for their field and the only way they can acquire customers is to use affiliate programs. I’ve had clients tell me the exact same things. Often they came to me as clients because their own email marketing was blocked by a blocklist or a spam filtering company due to their hiring of spammers. They wanted to police and clean up their affiliate program without having to give it up.
Policing affiliate programs can be done, if the company invests the time and energy into screening the program.
For every company that wants to send email advertising your company ask them to provide information about their company and their email program.

Mainstream spam wrap-up

Over the last week Steve and I have posted about the AARP hiring affiliates to send spam on their behalf: starting with the poorly done email message, moving through the process of identifying the responsible entity and then walking through the details of how we tracked the spammer.
Why spend a week writing about the AARP spamming? I initially posted about the AARP spam because it was such a horrible example of email marketing. Not just that it was spam but it was careless spam. Plus, in a lot of my interactions with marketers, clients and delivery experts I hear a lot about how “real” companies don’t spam, don’t support spam and wouldn’t ever let someone spam on their behalf. This isn’t true, not even a little bit.
The post actually came to the attention of the AARP and someone from their national headquarters commented that it was “just spam” and had nothing to do with AARP. I’ll be honest, I was annoyed with their reaction. I did my homework before calling the AARP out and was convinced this mailing was authorized by them.
Over the next 2 days Steve investigated the spam and reported on his findings. He only documented the full investigation on one of the emails I received (yes, there were multiple emails sent to the same address, most of them coming from different domains owned by the spammer). We did this to document that yes, mainstream companies do hire spammers and that trail can sometimes be tracked. We also wanted to show the lengths spammers and their customers will go to in order to get through filters and spam blocks.
A lot of mainstream groups do support spam and hire other people to send it on their behalf. Many of these same companies expect ISPs to hurry up and let mail through because “we’re a legitimate company” when their mail is blocked.
To be fair, some companies may not initially intend to support spam, but when they see the money rolling in they can’t stop. Some may pay lip service to no-spam policies, but deliberately turn a blind eye to spam advertising their company. Some hire spammers, but with enough distance between themselves and the spammer that they can deny they knew about the spam.
Every company using email for acquisition without actively managing the email program is at risk of spammers being hired on their behalf. There are some things that can be done to lower the risk of spammers being used to send spam, but the spammers are clever and if the payouts are high enough they will spam on your behalf.
There are things a company can do to minimize the chances that an affiliate program will attract spammers. Check back tomorrow for some processes that have proven effective for my clients.

What Happens Next…

or Why All Of This Is Meaningless:
Guest post by Huey Callison
The analysis of the AARP spam was nice, but looking at the Mainsleaze Spammer Playbook, I can make a few educated guesses at what happens next: absolutely nothing of consequence.
AARP, if they acknowledge this publicly (I bet not) has plausible deniability and can say “It wasn’t us, it was an unscrupulous lead-gen contractor”. They probably send a strongly-worded letter to SureClick that says “Don’t do that again”.
SureClick, if they acknowledge this publicly (I bet not) has plausible deniability and can say ‘It wasn’t us, it was an unscrupulous affiliate”. They probably send a strongly-worded letter to OfferWeb that says “Don’t do that again”.
OfferWeb, if they acknowledge this publicly (I bet not) has plausible deniability and can say ‘It wasn’t us, it was an unscrupulous affiliate”. And maybe they DO fire ‘Andrew Talbot’, but that’s not any kind of victory, because he probably already has accounts with OTHER lead-gen outfits, which might even include those who also have AARP as
a client, or a client-of-a-client.
So the best-case result of this analysis being made public is that two strongly-worded letters get sent, the URLs in the spam and the trail of redirects change slightly, but the spam continues at the same volume and with the same results, and AARP continues to benefit from the millions of spams sent on their behalf.
I’m not a lawyer, but I was under the impression that CAN-SPAM imposed liability on the organization that was ultimately responsible for the spam being sent, but until the FTC pursues action against someone like this, or Gevalia, corporations and organizations will continue to get away with supporting, and benefiting from, millions and millions of spams.
As JD pointed out in a comment to a previous post: sorry, AARP, but none of us are going to be able to retire any time soon.

Analysing lead-gen spam

Yesterday I showed how major companies hire hard core spammers.
Today I’m going to show you some of the technical details as to how I found that data. This is a fairly quick and shallow analysis, the sort of thing I’d typically do for a client to help them decide whether the case was worth pursuing before expending too much money and time on investigation and legal paperwork. I’ve also done it using standard command line tools that are available on pretty much any unix command line (and windows, with a little effort).
There are several questions to answer about the email in question.

AARP, SureClick, Offerweb and Spam

On Tuesday Laura wrote about receiving spam sent on behalf of the AARP. The point she was discussing was mostly just how incompetent the spammer was, and how badly they’d mangled the spam such that it was hardly legible.
One of AARPs interactive advertising managers posted in response denying that it was anything to do with the AARP.

Spam from mainstream companies

Yesterday I wrote about spam I received advertising AARP and used it as an example of a mainstream group supporting spammers by hiring them (or hiring them through proxies) to send mail on their behalf.
My statement appears to have upset someone, though. There is one comment on the post, coming from an IP address allocated to the AARP.