Recent Posts

3 new CAN SPAM cases

Xmission, a Utah ISP, has filed suit against 3 companies alleging violations of CAN SPAM. The cases were filed in the Utah District Court in April and June. I’ve downloaded some of the documents and complaints and they are now in RECAP. I’ve also included the complaints here (and the links from here on out are almost all .pdfs of the court documents).
Xmission v. Adknowledge (Case 2:15-cv-00277).
Xmission v. Clickbooth (Case 2:15-cv-00420).
Xmission v. Thompson and Company (Case 2:15-cv-00385).
In all the cases Xmission is alleging similar violations of CAN SPAM.
Falsified header information: part 1
Xmission asserts that the domains in the headers were spoofed, unregistered or belonged to an unrelated 3rd party. One of the complaints listed subject lines of the emails sent, so I dug through my spam folder for similar emails. I found a few examples of what I suspect are the spams mentioned in the suit.

Whois privacy protection

I’ve talked about using privacy protection on domains in the past (here, here, here, here, and here). Short version (if you don’t want to check all the old links) is that privacy protection for commercial domains is bad, that’s what spammers do and legitimate email marketers should not hide domains behind privacy protection services. I still believe all of these things.
What I’ve never really addressed is that I think privacy protection services are appropriate in some cases and are a reasonable protective measure for individuals. Over on Spamresource, Al wrote up a great post today about whois privacy protection.
Sometimes people do need anonymity and privacy online. Trusting a registrar’s privacy protection service is probably not your best bet for that. Like Al, we’ve stood in as a “privacy service” for friends and colleagues. It was our name on the domain registrations, and we could contact the appropriate people as needed. They trusted us to forward only the important stuff and we trusted them not to do bad things. This trust doesn’t scale.
Privacy protection services are used by a lot of bad actors to hide their involvement. Companies and commercial entities are tarring their own reputations using privacy protection services.
No real pull quote here, all of Al’s points are too good. So go read the whole thing.

AOL starts using Sender Score Certification

Good news for Sender Score Certified IPs. Return Path recently announced that AOL has joined the list of ISPs offering preferential treatment to certified IPs.

Filtering more than spam

The obvious application of machine learning for email is to send spam to the junk/bulk folder. Most services use some level of machine learning for filters. Places like Gmail have extensive machine learning filters to filter spam and unwanted mail away from their users.
Some organizations are taking the filtering process a step further. Almost every mail client more advanced than PINE has the ability for users to create rules to sort mail into folders. Late last year, Office 365 rolled out a feature, Clutter that tracks how a user interacts with mail and filters unimportant mail. This allows each user to have their own filters, but without the overhead of having to create the filters.
The Clutter engine looks at both how the user interacts with mail and things it knows about the organization. For example, if Exchange is tied into Active Directory, then mail from a manager will be prioritized while mail from a co-worker may end up in the clutter folder.
Email is a critical business tool. A significant number of companies rely on email for internal and external communication. Many users treat their inbox as a todo list, prioritizing what they work on based on what’s in their mail box. Despite the needs of users, the mail client hasn’t really changed.
Over the last few years, we’ve seen different online services attempt to build a more effective email client. Some of these features were things like tabs and priority inbox at Gmail. Microsoft created the “sweep” feature for Outlook/Hotmail users to manage inbox clutter. Third parties have created services to try and improve the mailbox experience for their users.
Many of the email filters, up to this point, have really been focused on protecting users from spam and malicious emails. Applying that filtering knowledge to more than just spam, but to the different kinds of emails makes sense to me. I’ve always had a fairly extensive set of filters, initially procmail but now sieve, to process and organize incoming mail. But I kinda like the idea that my mail client learns how I filter messages and do the right thing on its own.
I’d love to see some improvements in the mail client, that make it easier to manage and organize incoming email. It remains to be seen if this is a feature that takes off and makes its way to other clients or not.

Testing your opt-out process

When was the last time you tested your opt-out process? Did you just click the unsubscribe link to see if the page loaded? How did you confirm the email address was unsubscribed?
If you have a Gmail account, Gmail allows you to use unlimited aliases. For example, if your Gmail email address is josh@gmail.com, you can add the + symbol to your email address to create an alias. An example of an alias would be josh+test1@gmail.com. Sending an email to josh+test1@gmail.com gets delivered to the mailbox for josh@gmail.com.
On your next mailing add a Gmail alias email address like josh+unsubtest06192015@gmail.com to be included with the mailing. After sending the mailing, find the email sent to the alias address and go through the unsubscribe process. After unsubscribing, log into your ESP or mailing software to confirm that the alias email address was successfully unsubscribed. Testing the unsubscribe process ensures that the landing page for the unsubscribe is working and that your ESP is registering the unsubscribe request.
A few reminders about your unsubscribe page:

On Father's Day

always be batman
I’m on quite a few mailing lists for companies whose main product is sending gifts: food hampers, jewelry, flowers, overpriced desk toys and so on. They tend to ramp up their volume before appropriate holidays such as Christmas, Mother’s Day, Thanksgiving, Valentine’s Day or Father’s Day and target their promotions to those particular holidays.
One recipient may have a toxic relationship with their Mother and not want to be reminded of Mother’s Day, another may have recently lost their Father and not want to revisit that distress every time they open their mail client in June, yet another may be recently divorced and really not want to see diamonds and roses in their inbox right now.
You should try and avoid sending mail that will distress your recipients. You should do that because you’re a compassionate human and you want to treat your recipients as humans. But if you need an ROI argument to justify the effort needed to do so… those recipients will associate your brand with that distress and then they’ll buy less or they’ll unsubscribe and you’ll lose their business entirely – even if they are interested in and responsive to your offers for the rest of the year.
How do you identify those recipients? Maybe just ask them. Or add an “Unsubscribe from Father’s Day promotions” link next to the “Unsubscribe” link – it’s not hard to do. Help your customers segment your list for you.

Google Apps for ISPs is gone

Google Apps for ISPs is being shut down. While this was a scheduled end of life, apparently some users weren’t notified (always keep the contact email address up to date at your vendor!) and other users were told that it would be discontinued in July and were surprised when their service was turned off a month earlier than they expected.
I’ve not seen any reports of mail bouncing due to this yet, but it’s likely that some consumer ISPs will be scrambling to migrate to new email providers and their inbound mail may be a mess for a while. If you see domain-wide problems at consumer domains, check to see if their MXes point at the google aspmx cluster.
It seems to be a rolling shutdown, and some ISPs have apparently had their service extended by a few days or weeks, so issues may start with some domains throughout the month.

Yahoo Feedback Loop

If you are utilizing the Yahoo Complaint Feedback Loop, you should have received an email today about an upcoming change to the CFL.
The message received was:
“On June 29, 2015, we will transition Yahoo Complaint Feedback Loop (CFL) administration from Return Path to Yahoo Customer Care.
We will continue sending spam reports during this transition. However, you will need to save existing CFL information as it will not be available after the transition.
To save the existing CFL information:

ROKSO lawsuit settled

Earlier this year Ken Magill reported that a judge in the UK was allowing a libel case against Spamhaus to go forward. I thought for sure I’d blogged about the case at the time, but apparently I didn’t.
The short version is that today Spamhaus announced the lawsuit was settled and the complainants paid for Spamhaus’ legal fees.
As with most legal cases the details are complex and convoluted. Let me try to sum up.

Image Blocking

I received this email earlier this week, an email that I wanted but this is how it arrived.
email example 1
The email contained a single image link, a text line of who the message was sent to, the senders name, address, and finally an unsubscribe link.
Good news, the email is CAN-SPAM compliant! Bad news, I have no idea what the content of the message is and it looks somewhat spammy. The email was sent to my Junk Folder and all images were blocked. As a good netcitizen, we’re trained not to click links if we’re not sure what they are.
Here is another message I received around that same time and also had the images blocked. I immediately recognize the domain name, bowling.com and there is text that mentions bowling shoes, balls, and bags. Being an avid bowler, I wanted this message and I will be adding them to my safe senders list in Outlook.
email example 2
The good news for marketers who rely on image based emails is Gmail and many mobile mail clients will auto-load images but there are still many clients that will only display images if the user sets the sender as a trusted sender. If you are sending a Welcome Message, it’s best to include text along with your images so the recipient can recognize your email and will then add you as a trusted sender. You can also segment your list by users who are opening the images. The recipients who have not loaded the images would get a different version of the message that includes more text.