Recent Posts

Non marketing uses of email

tired of marketers calling their conferences and cliques “email whatever” as if marketing is the only thing email is for
Read More

I need IP addresses to handle the volume

Number two of seven in our occasional series on why ESPs need, or don’t need, lots of IP addresses to send mail properly.

Senders need to take responsibility

Having just returned home from another conference, my head is full of new ideas, new thoughts and new projects. I enjoy seeing old friends, making new contacts and sharing ideas. One thing I don’t enjoy, though, is listening to senders and marketers complaining about how hard it is to be a sender because the ISPs will not tell them what standards they need to meet.
If the ISPs would just tell us what they want us to do, we’ll do it.

The ISPs have told senders what they want them to do. They want senders to stop sending mail that their users don’t want. It is a very simple statement.
Stop sending spam.

For many senders, however, it’s not enough. “Tell us exactly what we need to do to stop sending spam. What complaint rates must we be under? What bounce rates do we have to be under? How do you want us to do this?” By this point in the conversation the ISP person is mentally rolling their eyes and looking for a way to escape the conversation.
The ISPs don’t want to tell senders how to behave, they want senders to start behaving. Stop sending spam should be all they need to tell senders.
Senders who ask for ISPs to tell them how to stop sending mail recipients think is spam are looking for specific thresholds they can stay under. They’re not really interested in actually sending wanted mail, they’re interested in sending good-enough mail, where good-enough mail is simply mail that gets to the inbox.
Want to know why ISPs don’t think much of many senders? Because the senders are not visibly taking any stand against abuse. I know there are a lot of senders out there who stop a lot of spam from ever leaving their systems, but there’s also a lot of unwanted mail that goes out, too. Some of that mail is even spam by any definition of the word. All the ISPs can see is the spam that gets through, and then they hear just tell us what to do and we’ll do it. From an ISP perspective, this means the senders only care about the thresholds and getting in under the ISPs’ radars.
Senders need to take more responsibility for the mail that goes out over their networks.
What do I mean by this? I mean senders need to stop waiting for the ISPs to define good practices. Senders need to implement standards and good practices just because they’re good practices, not because the ISPs are dictating the practices. Senders need to stop customers from doing bad things, and dump them if they won’t stop. Senders need to stop relying on ISPs for specific answers to why mail is being blocked. Senders need to take responsibility for the mail going across their networks.
It’s time for senders to grow up and stop relying on others for guidance. They shouldn’t implement good practices just because the ISPs tell them to, but instead should implement good practices because they are good practices.

The legitimate email marketer

I cannot tell you how many times over the last 10 years I’ve been talking to someone with a problem and had them tell me “but I’m a legitimate email marketer.” Most of them have at least one serious problem, from upstreams that are ready to terminate them for spamming through widespread blocking. In fact, the practices of most companies who proclaim “we’re legitimate email marketers” are so bad that the phrase has entered the lexicon as a sign that the company is attempting to surf the gray area between commercial email and spam as close to the spam side of that territory as possible.
What do I mean by that? I mean that the address collection practices and the mailing processes used by self-proclaimed legitimate email marketers are sloppy. They don’t really care about individual recipients, they just care about the numbers. They buy addresses, they use affiliates, they dip whole limbs in the co-reg pool; all told their subscription practices are very sloppy. Because they didn’t scrape or harvest the email address, they feel justified in claiming the recipient asked for it and that they are legitimate.
They don’t really care that they’re mailing people who don’t want their mail and really never asked to receive it. What kinds of practices am I talking about?
Buying co-reg lists. “But the customer signed up, made a purchase, took an online quiz and the privacy policy says their address can be shared.” The recipient doesn’t care that they agreed to have their email address handed out to all and sundry, they don’t want that mail.
Arguing with subscribers. “But all those people who labeled my mail as spam actually subscribed!!!” Any time a mailer has to argue with a subscriber about the validity of the subscription, there is a problem with the subscription process. If the sender and the receiver disagree on whether there was really an opt-in, the senders are rarely given the benefit of the doubt.
Using affiliates to hide their involvement in spam. A number of companies use advertising agencies that outsource acquisition mailings that end up being sent by spammers. These acquisition mailings are sent by the same spammers sending enlargement spam. The advertiser gets all the benefits of spam without any of the consequences.
Knowing that their signup forms are abused but failing to stop the abuse. A few years back I was talking with a large political mailer. They were insisting they were legitimate email marketers but were finding a lot of mail blocked. I mentioned that they were a large target for people forging addresses in their signup form. I explained that mailing people who never asked for mail was probably the source of their delivery problems. They admitted they were probably mailing people who never signed up, but weren’t going to do anything about it as it was good for their bottom line to have so many subscribers.
Self described legitimate email marketers do the bare minimum possible to meet standards. They talk the talk to convince their customers they’re legitimate:

I need IP addresses for reputation

Number one of seven in our occasional series on why ESPs need, or don’t need, lots of IP addresses to send mail properly.

Canadian Law

A anti-spam bill was passed out of committee Monday in Canada. Other than chatting over drinks with a large contingent of Canadians, I haven’t followed the story too closely. However, Matt V. has a detailed summary of the bill at EmailKarma.
Have a great weekend.

A blast from the past

I’m sitting here watching Iron Chef (the real one, not the American version) and surfing around on SFGate.com. It’s a slow night catching up on all the news I’ve missed this week while off traveling. I see a link on the front page: “Web marketer ordered to pay Facebook $711M.” As I click I wonder if I know the web marketer in question. A former client? A name I recognize?

Problems at Cox: Resolved

People mailing to Cox in the wee hours of this morning may have received a rejection message citing the Invaluement DNSBL.
554 IMP a.b.c.d blocked. IPBL100 – Refer to Error Codes section at http://postmaster.cox.net for more information.
I spoke with one of the folks at Cox and they said there was an error in the implementation causing non-listed IPs to be rejected erroneously between about 4am to 8am (Eastern) this morning. The problem has been resolved as of 8am, and all traffic is flowing normally. The also stated that attempts to resend any blocked messages will succeed. They do apologize for any problems this may have caused.
For those of you with aggressive bounce handling, removing addresses after a single 550 bounce, you will also want to re-enable any cox.net subscribers that bounced off during this configuration problem.

Why do you need so many IP addresses (part 2)?

In my last post I discussed the background as to why an ISP will require their users to use their IP address allocation efficiently. I also mentioned in passing that I’d discussed ESP address allocation with both ESPs and ISPs recently.
The ESP was talking about assigning a couple of dozen IP addresses to each customer, because they might be useful for spreading load and it would provide some flexibility for moving from one IP address to another if one should get blocked. And IP addresses are pretty much free. They were wrong.
The ISP was considering an application for 750 IP addresses from a new ESP customer. They assumed that there was no possible reason other than snowshoe spam for an email related customer to need that many IP addresses. While I suspect they may have been right about the specific potential customer, the general assumption was wrong.
I’ve seen a lot of reasons given by ESPs for why they need so many IP addresses:

Why do you need so many IP addresses?

IP addresses aren’t an unlimited resource, not on the current version of the Internet anyway. There are only a limited number of them and, while some of the doom and gloom proclamations about us running out in the next year or two may be exaggerated, we are running low on them and should be conserving them where we can.
An ISP can’t create new IP addresses from whole cloth. Instead, when they need more IP addresses they must petition one of the regional internet registries (RIRs) for a new set of addresses which they can then parcel out to their customers. There’s a RIR for each part of the world. ARIN distributes IP addresses for use in North America, RIPE handles IP addresses for Europe, APNIC handles them for the Asia-Pacific region and LACNIC for Latin America.
Each RIR enforces a fairly complex set of rules on the ISPs to ensure that the distribution of IP addresses is somewhat fair and reasonably parsimonious. The rules vary slightly from RIR to RIR in the details, but are fairly consistent in the general meaning. Unless you’re petitioning your local RIR for your own chunk of addresses for some reason (which you aren’t, unless you have a genuine need for more than 2000 IP addresses, or a legitimate need for more than 500 addresses and a complex redundant network setup) you only need to care about the rules that each RIR asks the ISP to enforce on their customers.
When an ISP asks, for example, ARIN for a new block of IP addresses they may be asked to demonstrate efficient usage of the IP addresses they’ve received previously. If they can’t do that, they may not be able to get the new IP addresses. This is, obviously, a Big Deal so ISP network engineers do their best to use address space efficiently, and try and stop their sales reps from handing address space out like candy at Halloween. The end result is that an ISP really does need to have you justify your IP usage – they’re not just being mean or trying to gouge you for more money.
There are several rules that an ISP might follow. One is that an initial allocation of more than, perhaps, 16 addresses will need some justification of how a quarter of those will be efficiently used immediately and how half of them will be used within six months. Another is that if you’re asking for additional IP addresses you’ll need to demonstrate that you’re efficiently using perhaps 80% of the addresses you’ve been assigned previously. The details may vary, and you can probably negotiate with the ISP, but eventually the ISP will need to justify themselves to ARIN, so they’re going to enforce something like this on their customers – or make you pay through the nose to cover the risks they take by bending the rules.
So what does efficient usage mean? That’s very simple in some cases, fuzzier in others. If you have 50 physical machines providing services on the internet, that’s a good justification for 50 IP addresses. If you’re providing internet access to end users (cable modems, DSL, dial-up) then one IP address per user is easy to justify. Virtual webhosting doesn’t justify one IP address per user, but virtual webhosting using SSL does. This is one of those rare cases where you really do have to explain your business model, showing that you’re making efficient use of the addresses you have, and that you have some room for expected growth but aren’t wasting address space by leaving too many addresses idle.
How about ESPs and other bulk mail senders – what does efficient address space usage mean for them? That’s something that seems, from recent conversations I’ve had, to be poorly understood by either ISPs or ESPs. And it’s fairly complex, that’s for sure. So I’ll save that for my next post.