The coming changes

Yesterday I talked about how I’m hearing warnings of a coming paradigm shift in the email industry. While these changes will affect all sender, ESPs in particular are going to need to change how they interact with both ISPs and their customers.
Currently, ESPs are able to act as “routine conveyers.” The traffic going across their network is generated by their customers and the ESP only handles technical issues. Responsible ESPs do enforce standards on their customers and expect mailings to meet certain targets. They monitor complaints and unknown users, they monitor blocks and reputation. If customers get out of line, then the ESP steps in and forces their customer to improve their practices. If the customer refuses, then the ESP disconnects them.
Currently standards for email are mostly dictated by the ISPs. Many ESPs take the stance that if any mail that is not blocked by the ISPs then it is acceptable. But just because a certain customer isn’t blocked doesn’t mean they’re sending mail that is wanted by the recipients.
It seems this reactive approach to customer policing may no longer be enough. In fact, one of the large spam filter providers has recently offered their customers the ability to block mail from all ESPs with a single click. This may become a more common response if the ESPs don’t start proactively policing their networks.
Why is this happening? ISPs and filtering companies are seeing increasing percentages of spam coming out of ESP netspace. Current processes for policing customers are extremely reactive and there are many ESPs that are allowing their customers to send measurable percentages of spam. This situation is untenable for the filtering companies or the ISPs and they’re sending out warnings that the ESPs need to stop letting so much spam leave their networks.
Unsurprisingly, there are many members of the ESP community that don’t like this and think the ISPs are overreacting and being overly mean. They do not think the ISPs or filtering companies should be blocking all an ESPs customers just because some of the customers are sending unwanted mail. Paraphrased, some of the things I’ve heard include:

  • But we segregate out customers onto separate IPs, why can’t they just block the spammers?
  • But we’re doing everything we can to police our customers, why can’t they just understand that?
  • What more do they expect us to do?
  • How can we stop our customers from spamming? We don’t send the mail.

The ISPs don’t really care about any of that. They’re seeing spam coming from an ESP and they expect the ESP to make it stop. This is it, ESPs, you’ve now been accepted as full members of the email ecosystem and are now expected to police the traffic coming off your IP space. It is no longer sufficient to segregate customers onto their own IPs and let the ISPs block unwanted mail. ESPs are now expected to do their own policing and their own monitoring.
This isn’t anything new. The ISPs went through this with regards to the email their customers were sending 8 years ago or so. There were ISPs that didn’t effectively police their user base. Infections, bots, spammers signing up… some ISPs would take spammer money and expect other ISPs to sort out wanted from unwanted (spam from non-spam) traffic. Finally, the non-spammer supporting ISPs got tired of it and started blocking the spammer supporting ISPs.
The widespread blocking caused a large shift in the industry. There was also a lot of Sturm und Drang about how wrong it all was and how legitimate customers were collateral damage. Despite this the message to ISPs was clear: police your networks. Policing networks proactively cost a lot of companies a lot of money as they work out how to identify bad traffic before it left their networks. They had to develop or purchase software to identify the traffic and block or mitigate it.
Now, it’s the ESPs turn. Much like happened to the ISPs years ago, the ESPs aren’t sure how to react or what they can monitor. Many ESPs do have proactive monitoring in place, but these strategies are failing. Spam is coming off some networks, and the whole network is at risk for blocking, not just the bad customers.
The truth is, though, that ESPs have as much control over their own IP space as ISPs do – and those ISPs are expected to control the amount of spam leaking out their systems. ISPs are starting to expect ESPs, who are now participants in MAAWG and IETF and such, to step up and control the amount of spam leaking out of their systems, too. This is why we’re starting to see wider blocking by ISPs and spam filters of ESPs and their customers.
There is a clear opportunity here for smart ESPs to stand out from their peers and competitors. ESPs are being told that things are changing, and how those things are going to change. How is your business going to adapt? What are you going to do to stop your customers from sending spam?

Related Posts

Problems at Cox: Resolved

People mailing to Cox in the wee hours of this morning may have received a rejection message citing the Invaluement DNSBL.
554 IMP a.b.c.d blocked.  IPBL100 – Refer to Error Codes section at http://postmaster.cox.net for more information.
I spoke with one of the folks at Cox and they said there was an error in the implementation causing non-listed IPs to be rejected erroneously between about 4am to 8am (Eastern) this morning.  The problem has been resolved as of 8am, and all traffic is flowing  normally.  The also stated that attempts to resend any blocked messages will succeed. They do apologize for any problems this may have caused.
For those of you with aggressive bounce handling, removing addresses after a single 550 bounce, you will also want to re-enable any cox.net subscribers that bounced off during this configuration problem.

Read More

Winning friends and removing blocks

I do a lot of negotiating with blocklists and ISPs on behalf of my clients and recently was dealing with two incidents. What made this so interesting to me was how differently the clients approached the negotiations.
In one case, a client had a spammer slip onto their system. As a result the client was added to the SBL. The client disconnected the customer, got their IP delisted from the SBL and all was good until the spammer managed to sweet talk the new abuse rep into turning his account back on. Predictably, he started spamming again and the SBL relisted the IP.
My client contacted me and asked me to intercede with Spamhaus. I received a detailed analysis of what happened, how it happened and how they were addressing the issue to prevent it happening in the future. I relayed the info to Spamhaus, the block was lifted and things are all back to normal.
Contrast that with another client dealing with widespread blocking due to a reputation problem. Their approach was to ask the blocking entity which clients they needed to disconnect in order to fix the problem. When the blocking entity responded, the customer disconnected the clients and considered the issue closed. They didn’t look at the underlying issues that caused the reputation problems, nor did they look at how they could prevent this in the future. They didn’t evaluate the customers they disconnected to identify where their processes failed.
The first client took responsibility for their problems, looked at the issues and resolved things without relying on Spamhaus to tell them how to fix things. Even though they had a problem, and is statistically going to have the occasional problem in the future, this interaction was very positive for them. Their reputation with the Spamhaus volunteers is improved because of their actions.
The second client didn’t do any of that. And the people they were dealing with at the blocking entity know it. Their reputation with the people behind the blocking entity was not improved by their actions.
These two clients are quite representative of what I’ve seen over the years. Some senders see blocking as a sign that somehow, somewhere there is a flaw in their process and a sign they need to figure out how to fix it. Others see blocking as an inconvenience. Their only involvement is finding out the minimum they need to do to get unblocked, doing it and then returning to business as usual. Unsurprisingly, the first type of client has a much better delivery rate than the second.

Read More

AOL EWL: low complaints no longer enough

This morning AOL announced some changes to their Enhanced White List. Given I’ve not talked very much about the AOL EWL in the past, this is as good a time as any to talk about it.
The AOL Enhanced Whitelist is for those senders that have very good practices. Senders on the EWL not only get their mail delivered to the inbox, but also have links and images enabled by default. Placement on the EWL is done solely on the basis of mail performance and only the best senders get on the list.
The new announcement this morning says that AOL will take more into account than just complaints. Previously, senders with the lowest complaint rates qualified for the EWL. Now, senders must also have a good reputation in addition to the low complaint rates. Good reputation is a measure of user engagement with a particular sender.
This change only reinforces what I and many other delivery experts have been saying: The secret to good delivery is to send mail recipients want. ISPs are making delivery decisions based on those measurements. Send mail that recipients want, and there are few delivery problems.
For a long time good delivery was tied closely to complaint rates, so senders focused on complaints. Spammers focused on complaints too, thus managing to actually get some of their spam delivered. ISPs noticed and started looking at other ways to distinguish wanted mail from spam. One of the better ways to separate spam from wanted mail is to look at user engagement. And the ISPs are measuring engagement and using that measurement as part of their decision making process. Send so much mail users don’t read it, and your reputation goes down followed by your delivery rates.

Read More