Links for 9/2/09

People are still talking about the White House spamming. At Al Iverson’s Spam Resource there are two posts, one from Jaren Angerbauer titled Guest Post: Email and the White House and another from Al himself titled White House Spam, Signup Forgery, and GovDelivery. Both are insightful discussions of the spam that the White House has been sending. Over at ReturnPath, Stephanie Miller talks about how the publicity surrounding the spam is great PR for permission.
Stefan Pollard has an article at ClickZ looking at how an apology email in response to a recipient visible email mistake can actually make the fallout worse.
Web Ink Now documents one recipient’s experience with a bad, but all too common, subscription practice.
==
Don’t forget to participate in the DKIM implementation survey. For ESPs. For ISPs. Check back next week for results.

DKIM implementation survey
Maine backs away from new marketing restrictions

Related Posts

Unsubscribe rates as a measure of engagement.

Over at Spamtacular Mickey talks about the email marketers’ syllogism.

  1. Anyone who doesn’t want our mail will opt-out.
  2. Most people don’t opt-out.
  3. Therefore, most people want our mail.

This clearly fallacious reasoning is something I deal with frequently with my clients, particularly those who come to me for reputation repair. They can’t understand why people are calling them spammers, because their unsubscribe rates and complaint rates are very low. The low complaints and unsubscribes must mean their mail is wanted. Unfortunately, the email marketers’ syllogism leads them to faulty conclusions.
There are many reasons people don’t opt-out of mail they don’t want. Some of it may be practical, the mail never hits their inbox, either due to ISP level filters or their own personal filters. Some people take a stance that they do not opt out of mail they did not opt-in to and if they don’t recognize the company, they won’t opt-out.
In any case, low levels of opt-outs or even this-is-spam hits does not mean that recipients want that mail. The sooner marketers figure this out, the better for them and their delivery.

Read More

White House sending spam?

There has been some press about political spam recently. People are receiving email from the White House that they have not opted into. At a recent press conference a reporter challenged the press secretary to defend the practice.
Chris Wheeler over at Bronto blog points out that CAN SPAM doesn’t apply as this is political mail, and CAN SPAM only covers commercial email. He also notes that most of the mail came from “forward to a friend” links which the sender has little to no control over.
Gawker has a post up “Everything you need to know about Obama’s Spam-Gate.”
There are a lot of issues here. Chris asks a number of questions on his blog, that I encourage people to think about.

Read More

Beware: Phishing and Spam in Social Networks

Trend Micro warns us today about how spam and phishing can hit you even in the closed ecosystem of a social networking system such as Facebook. Malware abounds. And in the social network arena, just like anywhere else, “using your account to send spam” is a common thing for the bad guys to want to do.
In Rik Ferguson’s investigation (which I read about on CNet News), he came across a link to a URL that asked for his Facebook credentials, supposedly necessary to allow installation of a specific Facebook application. Once the credentials were handed over, the app immediately spammed all of his Facebook friends, sending them a bogus notification, attempting to draw them into visiting the phishing/malware URL, with (one assumes) the hope of spreading the infection even wider.
He’s a researcher for Trend Micro, so he knows what he’s doing. But for the rest of us, this highlights how necessary it is to be careful with who you give your usernames and passwords to. In my opinion, it’s never safe to take your username and password from one site and hand it over to another site. Some social networking make the problem even worse by blurring the lines between safe and unsafe by asking for usernames and passwords to third party accounts, but you just can never know with 100% certainty which sites are legitimate and which ones aren’t.
— Al Iverson

Read More