DKIM implementation survey: prelim results

First off, I want to thank everyone who participated in the DKIM implementation survey. This week has been pretty hectic so far, so I haven’t had a chance to actually dig down into the data from the survey, but I thought I’d post some preliminary results.
The ESP survey had 45 respondents. 30% of those sent more than 15 million emails a month.
Of all the respondents: 40% are signing with Domain Keys, 51.1% are signing with DKIM.
Of all respondents: 79.5% are signing with Domain Keys and 78.8% are signing with DKIM to access services (whitelists or FBLs) provided by the ISPs.
50% of those not signing with Domain Keys are not doing so because customers have not requested it.  61% of those not signing with DKIM are not doing it because of technical difficulties with deployment.
The ISP survey had 16 respondents, with 37.5% handling less than 500,000 mailboxes and 18.8% handling more than 15 million mailboxes. 75% of respondents said they are not checking Domain Keys on inbound mail. 56% said they are not currently checking DKIM on inbound mail.
Only 10 ISPs answered the question if they plan to check either Domain Keys or DKIM.

  • 1 said they planned to check Domain Keys only
  • 3 said they plan to check DKIM only
  • 3 said they plan to check both
  • 3 said they plan to check neither

On a first pass it appears the ESPs are adopting domain authentication more aggressively than ISPs. It also appears one of the major driving factors in adoption was the Yahoo FBL being tied to DK/DKIM signed email.
Again, thank all of you for participating. I’ll have a more comprehensive analysis soon.

Related Posts

How not to handle unsubscribes

On the heels of my unsubscribe experience last week where an ESP overreacted and unsubscribed addresses that did not belong to me, I encountered another deeply broken unsubscribe process. This one is the opposite, there is no way to unsubscribe from marketing mail at all. Representatives of PayPal have only been able to suggest that if I do not want their mail, that I block PayPal in my email client.
I had a PayPal account years and years ago. They made some extensive privacy policy changes back in 2003 and when I did not actively agree to the new policies, they closed the account. That account closure seemed to take, I heard nothing from PayPal. In early 2008, I made a purchase at a vendor that only accepted credit cards through PayPal. Normally, I do not do business with vendors who only accept payment through PayPal, but there appeared to be a way to make the payment without establishing a PayPal account, so I went ahead and made the purchase.
The receipt from that purchase came from PayPal, and mentioned that I had an existing PayPal account. I figured that because the address was the same as the 2003 account that the boilerplate did not understand ‘closed accounts’. I brushed off the notice and did not worry about it.
On June 23, I received marketing email from PayPal. The mail offered 10% off my first eBay purchase, if I set up an eBay account using the same address on my PayPal account. Yay. Spam. Oh, well, no big deal, there was an unsub link at the bottom of the email. It is PayPal, they are a legitimate company, they will honor an unsubscribe. It will all be fine.
Or. Not.
Clicking on the unsubscribe link in the email takes me to a webpage that tells me I had to login to my account to unsubscribe. But I do not have an account!
They clearly think I have an account linked to the email address they mailed. I decide to see if I can recover the account and then unsubscribe. I put in the email address they sent the marketing email to, the password I probably would have used had I actually set up this account and hit “submit.” PayPal now asks me to set up 3 questions to use to recover my account in case I forget the login in the future. Uh. What? No. I do not want to set up an account, I want them to stop sending me email. I abandon that webpage.
I then attempt to recover the password to the account. Put in the email address that PayPal is sending email to and hit “forgot password”. PayPal, as expected, sends me an email. Click this magic link to recover your account. PayPal then asks me to input the full number of the credit card associated with the account – the credit card number I do not have. What account? What credit card number? Is this from my 2003 subscription that was closed? Is this from the purchase I made in February? I abandon that webpage.
The recover password email helpfully lists a phone number I can call for assistance so I call. In order to be able to talk to someone I have to enter my phone number. And the credit card number associated with my account. I resorted to randomly pounding on “0” and telling the voice recognition software I wanted help. Eventually, it got so confused it transfered me to a real human.
Tragically, the voicemail system was actually more helpful than the real human on the other end. Distilling down hours of sitting on the phone with them, I am told the following:

Read More

Customer support surveys

I have seen a lot of companies attempt to send out customer support surveys by email, only to fail dismally. Generally, the intentions of the companies who do this are good, but the executions are appalling. Companies have found any number of ways to invite epic fail to call, including mailing to non-customers, mailing to the wrong person at a customer company and mailing to former customers.
Mailing to non-customers generally happens when companies sort abuse and support mail through the same ticketing system. Good customer support (tell us how we did) turns out to be rotten complaint support. The failure here is multifactorial, but revolves around not understanding the difference between customer support mail and abuse complaints. Abuse is not, usually, mail from your customers. More often mail to abuse is from non-customers. While it may seem like a good thing to follow up with abuse complaints to find out if the person is satisfied, generally someone who complains about spam does not want more mail from a company. The fix it to change the selection process for surveys. Survey customers not complainers.
The second failure is more common with enterprise vendors. Generally the vendor will have multiple contacts at company but send a single survey out to all contacts at the customer. Take an average website that provides statistics about web or email performance. A company establishes an account there, and then provides a logins for customer support people, a manager or two and maybe an outside consultant. These people are all using the same site, but are possibly using different parts of it. The consultant can give some feedback on the API and data access, but is not the right person to ask about pricing, packages or overall usefulness and value for money. Management can provide feedback on pricing and value for money but probably has never logged into the website, despite having a working account. Customer support can provide feedback on the user interface and overall usefulness of the site. Knowing who is who at the customer and who is the right contact for different surveys can be tricky, but it is always better a company to appear to be acting purposely.
Finally, some companies send out surveys to anyone who has ever registered for a website, or game or product no matter how long ago that registration was. They send mail to the person who registered for a website but has not logged in for 6 months, or 12 months or even longer. The recipient may have even taken positive action to close an account, such as discontinuing payments. And, yet, the company still mails them a customer satisfaction survey. If the recipient is not paying for the product, if the recipient is not logging into the website then they are no longer a customer. Sure, there are times to reconnect with old customers, and it can be done well. However, what I am talking about is the survey that is clearly designed to be answered by current users and customers.
The sad thing is, I have received customer satisfaction surveys in all of the above categories in the last 6 months.
If you as a sender, are going to use customer satisfaction surveys, do it in a thoughtful and purposeful manner. Do it in a way that brings value to your company and to the people you are surveying. If you do not, you risk higher complaint rates. Remember, people who are not your customer or who are a former customer are probably more likely to hit “this is spam” then to answer your survey. Like any mail you send, make sure you know who your audience is and have a mental model for how they will treat your mail. Do not just grab all available addresses and mail them. Do some analysis of your customer base before you mail and mail them surveys that apply to them. You will get fewer spam complaints and probably more and more accurate survey responses.

Read More

Links for 9/2/09

People are still talking about the White House spamming. At Al Iverson’s Spam Resource there are two posts, one from Jaren Angerbauer titled Guest Post: Email and the White House and another from Al himself titled White House Spam, Signup Forgery, and GovDelivery. Both are insightful discussions of the spam that the White House has been sending. Over at ReturnPath, Stephanie Miller talks about how the publicity surrounding the spam is great PR for permission.
Stefan Pollard has an article at ClickZ looking at how an apology email in response to a recipient visible email mistake can actually make the fallout worse.
Web Ink Now documents one recipient’s experience with a bad, but all too common, subscription practice.
==
Don’t forget to participate in the DKIM implementation survey. For ESPs. For ISPs. Check back next week for results.

Read More