The coming changes

Yesterday I talked about how I’m hearing warnings of a coming paradigm shift in the email industry. While these changes will affect all sender, ESPs in particular are going to need to change how they interact with both ISPs and their customers.
Currently, ESPs are able to act as “routine conveyers.” The traffic going across their network is generated by their customers and the ESP only handles technical issues. Responsible ESPs do enforce standards on their customers and expect mailings to meet certain targets. They monitor complaints and unknown users, they monitor blocks and reputation. If customers get out of line, then the ESP steps in and forces their customer to improve their practices. If the customer refuses, then the ESP disconnects them.
Currently standards for email are mostly dictated by the ISPs. Many ESPs take the stance that if any mail that is not blocked by the ISPs then it is acceptable. But just because a certain customer isn’t blocked doesn’t mean they’re sending mail that is wanted by the recipients.
It seems this reactive approach to customer policing may no longer be enough. In fact, one of the large spam filter providers has recently offered their customers the ability to block mail from all ESPs with a single click. This may become a more common response if the ESPs don’t start proactively policing their networks.
Why is this happening? ISPs and filtering companies are seeing increasing percentages of spam coming out of ESP netspace. Current processes for policing customers are extremely reactive and there are many ESPs that are allowing their customers to send measurable percentages of spam. This situation is untenable for the filtering companies or the ISPs and they’re sending out warnings that the ESPs need to stop letting so much spam leave their networks.
Unsurprisingly, there are many members of the ESP community that don’t like this and think the ISPs are overreacting and being overly mean. They do not think the ISPs or filtering companies should be blocking all an ESPs customers just because some of the customers are sending unwanted mail. Paraphrased, some of the things I’ve heard include:

  • But we segregate out customers onto separate IPs, why can’t they just block the spammers?
  • But we’re doing everything we can to police our customers, why can’t they just understand that?
  • What more do they expect us to do?
  • How can we stop our customers from spamming? We don’t send the mail.

The ISPs don’t really care about any of that. They’re seeing spam coming from an ESP and they expect the ESP to make it stop. This is it, ESPs, you’ve now been accepted as full members of the email ecosystem and are now expected to police the traffic coming off your IP space. It is no longer sufficient to segregate customers onto their own IPs and let the ISPs block unwanted mail. ESPs are now expected to do their own policing and their own monitoring.
This isn’t anything new. The ISPs went through this with regards to the email their customers were sending 8 years ago or so. There were ISPs that didn’t effectively police their user base. Infections, bots, spammers signing up… some ISPs would take spammer money and expect other ISPs to sort out wanted from unwanted (spam from non-spam) traffic. Finally, the non-spammer supporting ISPs got tired of it and started blocking the spammer supporting ISPs.
The widespread blocking caused a large shift in the industry. There was also a lot of Sturm und Drang about how wrong it all was and how legitimate customers were collateral damage. Despite this the message to ISPs was clear: police your networks. Policing networks proactively cost a lot of companies a lot of money as they work out how to identify bad traffic before it left their networks. They had to develop or purchase software to identify the traffic and block or mitigate it.
Now, it’s the ESPs turn. Much like happened to the ISPs years ago, the ESPs aren’t sure how to react or what they can monitor. Many ESPs do have proactive monitoring in place, but these strategies are failing. Spam is coming off some networks, and the whole network is at risk for blocking, not just the bad customers.
The truth is, though, that ESPs have as much control over their own IP space as ISPs do – and those ISPs are expected to control the amount of spam leaking out their systems. ISPs are starting to expect ESPs, who are now participants in MAAWG and IETF and such, to step up and control the amount of spam leaking out of their systems, too. This is why we’re starting to see wider blocking by ISPs and spam filters of ESPs and their customers.
There is a clear opportunity here for smart ESPs to stand out from their peers and competitors. ESPs are being told that things are changing, and how those things are going to change. How is your business going to adapt? What are you going to do to stop your customers from sending spam?

Related Posts

Senders need to take responsibility

Having just returned home from another conference, my head is full of new ideas, new thoughts and new projects. I enjoy seeing old friends, making new contacts and sharing ideas. One thing I don’t enjoy, though, is listening to senders and marketers complaining about how hard it is to be a sender because the ISPs will not tell them what standards they need to meet.
If the ISPs would just tell us what they want us to do, we’ll do it.

The ISPs have told senders what they want them to do. They want senders to stop sending mail that their users don’t want. It is a very simple statement.
Stop sending spam.

For many senders, however, it’s not enough. “Tell us exactly what we need to do to stop sending spam. What complaint rates must we be under? What bounce rates do we have to be under? How do you want us to do this?” By this point in the conversation the ISP person is mentally rolling their eyes and looking for a way to escape the conversation.
The ISPs don’t want to tell senders how to behave, they want senders to start behaving. Stop sending spam should be all they need to tell senders.
Senders who ask for ISPs to tell them how to stop sending mail recipients think is spam are looking for specific thresholds they can stay under. They’re not really interested in actually sending wanted mail, they’re interested in sending good-enough mail, where good-enough mail is simply mail that gets to the inbox.
Want to know why ISPs don’t think much of many senders? Because the senders are not visibly taking any stand against abuse. I know there are a lot of senders out there who stop a lot of spam from ever leaving their systems, but there’s also a lot of unwanted mail that goes out, too. Some of that mail is even spam by any definition of the word. All the ISPs can see is the spam that gets through, and then they hear just tell us what to do and we’ll do it. From an ISP perspective, this means the senders only care about the thresholds and getting in under the ISPs’ radars.
Senders need to take more responsibility for the mail that goes out over their networks.
What do I mean by this? I mean senders need to stop waiting for the ISPs to define good practices. Senders need to implement standards and good practices just because they’re good practices, not because the ISPs are dictating the practices. Senders need to stop customers from doing bad things, and dump them if they won’t stop. Senders need to stop relying on ISPs for specific answers to why mail is being blocked. Senders need to take responsibility for the mail going across their networks.
It’s time for senders to grow up and stop relying on others for guidance. They shouldn’t implement good practices just because the ISPs tell them to, but instead should implement good practices because they are good practices.

Read More

Controlling delivery

How much control over delivery do senders have? I have repeatedly said that senders control their delivery. This is mostly true. Senders control their side of the delivery chain, but there is a point where the recipient takes over and controls things.
As a recipient I can

Read More

Legitimate email marketers need to take a stand

I was reading an article on Virus Rants and the opening paragraph really stood out.

Read More