Recent Posts

Delivery and engagement

Tomorrow is the webinar Mythbusters: Deliverability vs. Engagement. This webinar brings together the ISP speakers from EEC15, plus Matt from Comcast, to expand on their comments. There’s been some confusion about the impact of engagement on delivery and whether or not senders should care about recipient engagement.
My opinion on the matter is well known: recipient engagement drives delivery to the inbox at some providers. I expect tomorrow we’ll hear a couple things from the ISPs.

thirty.years.com

Thirty years ago this Sunday, symbolics.com was registered – the first .com domain. It was followed, within a few months, by bbn.com, think.com, mcc.com and dec.com.
Symbolics made lisp machines – symbolics.com is now owned by a domain speculator.
BBN is a technology R&D company who’ve worked on everything. If I had to pick one thing they were involved with it’d be the Internet Message Processor – the router used on the very first Internet nodes. They are still around, as a division of Raytheon.
Think.com made some amazing massively parallel computers. Their hardware group was bought out by Sun, who were bought out by Oracle and think.com now redirects to a broken error page at oracle.com.
Mcc.com were the first – and for a while, the largest – computing research and development consortium in the US. They did groundbreaking work on everything from silicon to AI. Their domain is now a generic parked page owned by a domain speculator.
Dec.com were Digital Equipment Corporation – creators of the PDP, VAX, Alpha and StrongARM processors, amongst many other things. They were a huge company when I worked for them designing Alpha CPUs in the mid 90s, then they were acquired by Compaq, then HP, then split up. Their domain is now a personal website.
It took nearly three years to reach 100 registered .com domains and nearly 10 years to reach 9,000.
As of this morning there are 116,621,517 domains registered in .com, from (64 zeros).com to (64 letter z).com, out of a possible total of more than two googol – so there’s still a domain there for you.
221,848 of those domains in .com mention “mail”.

Updated M3AAWG Best Practices for Senders

M3AAWG has published a new version of the Senders Best Common Practices document and the contains a lot of new information since the original publication in 2008. The new document covers how to vet ESP customers, considerations when selecting a dedicated or share IP to send mail, and includes best practices on a number of technical processes.
The Senders Best Common Practices document is targeted at deliverability teams and email marketers. Any company that is sending marketing emails, using an Email Service Provider, or provides an email enabled platform, it’s always good to go back and periodically review your system to ensure nothing was missed and to stay up-to-date on all new recommendations.
A few of the recommendations include the use of the List-Unsubscribe header, publishing a clear WHOIS for domains used for sending mail, and how to process non-delivery report messages.
The List-Unsubscribe header provides an additional way for users to opt-out of email messages. Gmail and Outlook.com both use the presence of the list-unsubscribe header to provide a one-click button to allow the user to unsubscribe from the mailing list. Often enough, if a user cannot find an opt-out link, they’re marking the message as spam. Allowing a recipient to unsubscribe easily is critical to maintaining good delivery reputation.
A WHOIS is query to determine who is the registered user or assignee of a domain name. During a session at the most recent M3AAWG meeting, it was announced that spammers throw away 19 million domains per year. When a postmaster or abuse desk receive a complaint, they’ll often query to see who owns the domain the email was sent from or who owns the domains used in the hyperlinks. If the WHOIS record is out of date or set to private, this limits the ability for the postmaster or abuse desk to reach out to the owner of the domain.
Processing non-deliver reports is critical to maintaining a high delivery reputation. Many ESPs have an acceptable-use-policy that includes a bounce rate. Mailjet recommends a bounce rate of less than 8% and Mandrill recommends less than 5%. If a system is not in place to remove the hard bounces from your mailing list, the sender’s reputation will quickly deteriorate.
The Senders Best Common Practices document can be downloaded at M3AAWG.org.

February 2015 – The month in email

This was a short and busy month at WttW!

We attended another great M3AAWG conference, and had our usual share of interesting discussions, networking, and cocktails. I recapped our adventures here, and shared a photo of the people who keep your email safe while wearing kilts as well. We also commended Jayne Hitchcock on winning the Mary Litynski award for her work fighting abuse and cyberstalking.

Arrests in ESP data breach

The FBI announced today arrests of three people in the ESP data breaches from the compromises of various ESPs a few years ago.
Krebs on Security: Feds Indict Three in 2011 Epsilon Hack
Department of Justice: Three Defendants Charged with One of the Largest Reported Data Breaches in U.S. History
After stealing over a billion addresses from 8 ESPs, the lists were monetized through affiliate marketing. The owner of the affiliate program was one of the people arrested.
More on Monday.

Engagement, ISPs and the EEC

There’s been some controversy over some of the things said by the ISPs at the recent EEC meeting. Different people interpret what was said by the ISPs in different ways. The EEC has set up a webinar for March 17 to clarify and explain what was meant by the ISPs.

CRTC fines Compu-Finder $1.1 million for CASL violations

The Canadian Radio-television and Telecommunications Commission (CRTC) is the principle agency tasked with enforcing Canada’s anti-spam law. Today they issued a Notice of Violation to Compu-Finder including a $1.1 million dollar fine for 4 violations of CASL. The violations include sending unsolicited email and having a non-working unsubscribe link. According to the CRTC, complaints about Compu-Finder accounted for 26% of all complaints submitted about this industry sector.
This is the first major fine announced under CASL.
One of the first things that jumped out at me about this is the action was taken against B2B mail. There are a lot of senders out there who think nothing of sending unsolicited emails to business addresses. In my experience, many B2B senders think permission is much less important for them than B2C senders. I think that this enforcement action demonstrates that, at least to the CRTC, permission is required for B2B mail.
The other thing that jumped out is that given the extent of the complaints (26%) the financial penalties were only slightly more than 10% of the $10M maximum penalty. It seems the CRTC is not blindly applying the maximum penalty, but is instead actually applying some discretion to the fines.
I’ve looked for the actual notice of violation, but haven’t been able to find a copy. If I find it, I will share.

Ransomware email protected by DMARC

Virus bulletin has an interesting post about DMARC and how some criminals are protecting their emails with DMARC.

How to send better emails: engagement

Today Direct Marketing News hosted a webinar: ISP Mythbusters: How to Send Better Emails. The speakers were Matt Moleski, the Executive Director of Compliance Operations from Comcast and Autumn Tyr-Salvia, the Director Of Standards And Best Practices from Message Systems.
The webinar went through a series of myths. After Autumn introduced the myth, Matt commented on it and explained why the statement was, or was not, a myth. Throughout the webinar, Matt clearly explained what does, and does not, get mail delivered. Don’t let the Comcast after Matt’s name fool you. He is very active in different fora and discusses filtering strategies with experts across the ISP industry. His insight and knowledge is broadly applicable. In fact, many of the things Matt said today were things I’ve heard other ISPs say over and over again.
One of the very first things he said was that ISPs want to deliver mail their customers want. They want to give customers the best inbox experience possible and that means delivering mails customers want and keeping out mails customers don’t. He also pointed out that recipients complain to the ISPs when they lose wanted mail, perhaps even more than they complain about spam.
He also touched on the topic of engagement. His message was that absolutely engagement does matter for inbox delivery and that engagement is going to matter more and more as filtering continues to evolve. There has been some discussion recently about whether or not engagement is an issue, with some people claiming that some ISP representatives said engagement doesn’t matter. The reality is, that engagement does matter and Matt’s words today only reinforce and clarify that message.
Matt did say is that ISPs and senders have a bit of a disconnect when they are speaking about engagement. ISPs look at engagement on the “macro” level. They’re looking to see if users delete a mail without reading it, file it into a folder, mark it spam or mark it not spam. Senders and marketers look at engagement on a much more finite level and look at interactions with the specific emails and links in the email.
When discussing the relationship between senders and ISPs, he pointed out that both senders and ISPs have the same goal: to personalize the customer experience and to give customers a great experience. As part of this, ISPs are mostly aligned when it comes to blocking principles, but each ISP responds slightly differently. ISPs do adhere to best practices for handling incoming email, but those practices are implemented based on the individual company and handles incoming mail in ways that better supports their company specifically.
Matt talked about Comcast’s Postmaster pages and says they try to give feedback to senders before putting a block in place. He mentions that invalid recipients and poor list hygiene as the fastest way to be blocked or throttled when sending to Comcast. He also said that the core filtering rules at Comcast are static. Changes are mostly “tweaks around the edges.”
During the Q&A portion, Matt took a number of questions from the audience.

Engaging emails for better delivery

MessageSystems is sponsoring a webinar hosted by Direct Marketing discussing engagement as part of delivery.