Sharing content, sharing reputation

Over at SpamResource Al talks about how sharing content is like sharing needles.

If you’re going to share email templates with somebody else, you’re sharing in their reputation. Lots of good spam filters, like those at Cloudmark, Brightmail, Yahoo and elsewhere, they use what is commonly called “content fingerprinting.”

Content fingerprinting is something that a lot of people don’t talk about. However, it is the logical next step to deal with spammers who spend a lot of time attempting to work around IP based reputation. It is also why a number of senders with good reputation can see random poor delivery.
The moral of the story is be careful of who you allow to advertise in or generate content for your newsletters. Otherwise, you may see your delivery suffer.

Email address validation
Spamhaus rolls out anti-snowshoe filters

Related Posts

Spam that's not spam

Steve and I were talking this evening and I mentioned to him that I got “a lot of spam that wasn’t really spam. Know what I mean?”
He did. But if I tell that to you, what does it mean to you?
More on this in a couple days, but I’m onsite at a client’s for the next few days so it may take me a plane ride home to put all the thoughts down.

Read More

Beware: Phishing and Spam in Social Networks

Trend Micro warns us today about how spam and phishing can hit you even in the closed ecosystem of a social networking system such as Facebook. Malware abounds. And in the social network arena, just like anywhere else, “using your account to send spam” is a common thing for the bad guys to want to do.
In Rik Ferguson’s investigation (which I read about on CNet News), he came across a link to a URL that asked for his Facebook credentials, supposedly necessary to allow installation of a specific Facebook application. Once the credentials were handed over, the app immediately spammed all of his Facebook friends, sending them a bogus notification, attempting to draw them into visiting the phishing/malware URL, with (one assumes) the hope of spreading the infection even wider.
He’s a researcher for Trend Micro, so he knows what he’s doing. But for the rest of us, this highlights how necessary it is to be careful with who you give your usernames and passwords to. In my opinion, it’s never safe to take your username and password from one site and hand it over to another site. Some social networking make the problem even worse by blurring the lines between safe and unsafe by asking for usernames and passwords to third party accounts, but you just can never know with 100% certainty which sites are legitimate and which ones aren’t.
— Al Iverson

Read More

Compliance vs. Deliverability

Most people I know handling delivery issues for senders have some version of delivery or deliverability in their job title. But as I talk to them about what they do on a daily basis, their role is as much policy enforcement and compliance as it is delivery. Sure, what they’re telling customers and clients is how to improve delivery, but that is often in the context of making customers comply with relevant terms and conditions.
Some delivery folks also work the abuse desk, handling complaints and FBLs and actually putting blocks on customer sends.
I think the compliance part of the delivery job description that is often overlooked and severely downplayed. No one likes to be the bad guy. None of us like handling the angry customer on the phone who has had their vital email marketing program shut down by their vendor. None of us like the internal political battles to convince management to adopt stricter customer policies. All of these things, however, are vital to delivery.
Despite the lack of emphasis on compliance and enforcement they are a vital and critical part of the deliverabilty equation.

Read More