The coming changes

Yesterday I talked about how I’m hearing warnings of a coming paradigm shift in the email industry. While these changes will affect all sender, ESPs in particular are going to need to change how they interact with both ISPs and their customers.
Currently, ESPs are able to act as “routine conveyers.” The traffic going across their network is generated by their customers and the ESP only handles technical issues. Responsible ESPs do enforce standards on their customers and expect mailings to meet certain targets. They monitor complaints and unknown users, they monitor blocks and reputation. If customers get out of line, then the ESP steps in and forces their customer to improve their practices. If the customer refuses, then the ESP disconnects them.
Currently standards for email are mostly dictated by the ISPs. Many ESPs take the stance that if any mail that is not blocked by the ISPs then it is acceptable. But just because a certain customer isn’t blocked doesn’t mean they’re sending mail that is wanted by the recipients.
It seems this reactive approach to customer policing may no longer be enough. In fact, one of the large spam filter providers has recently offered their customers the ability to block mail from all ESPs with a single click. This may become a more common response if the ESPs don’t start proactively policing their networks.
Why is this happening? ISPs and filtering companies are seeing increasing percentages of spam coming out of ESP netspace. Current processes for policing customers are extremely reactive and there are many ESPs that are allowing their customers to send measurable percentages of spam. This situation is untenable for the filtering companies or the ISPs and they’re sending out warnings that the ESPs need to stop letting so much spam leave their networks.
Unsurprisingly, there are many members of the ESP community that don’t like this and think the ISPs are overreacting and being overly mean. They do not think the ISPs or filtering companies should be blocking all an ESPs customers just because some of the customers are sending unwanted mail. Paraphrased, some of the things I’ve heard include:

  • But we segregate out customers onto separate IPs, why can’t they just block the spammers?
  • But we’re doing everything we can to police our customers, why can’t they just understand that?
  • What more do they expect us to do?
  • How can we stop our customers from spamming? We don’t send the mail.

The ISPs don’t really care about any of that. They’re seeing spam coming from an ESP and they expect the ESP to make it stop. This is it, ESPs, you’ve now been accepted as full members of the email ecosystem and are now expected to police the traffic coming off your IP space. It is no longer sufficient to segregate customers onto their own IPs and let the ISPs block unwanted mail. ESPs are now expected to do their own policing and their own monitoring.
This isn’t anything new. The ISPs went through this with regards to the email their customers were sending 8 years ago or so. There were ISPs that didn’t effectively police their user base. Infections, bots, spammers signing up… some ISPs would take spammer money and expect other ISPs to sort out wanted from unwanted (spam from non-spam) traffic. Finally, the non-spammer supporting ISPs got tired of it and started blocking the spammer supporting ISPs.
The widespread blocking caused a large shift in the industry. There was also a lot of Sturm und Drang about how wrong it all was and how legitimate customers were collateral damage. Despite this the message to ISPs was clear: police your networks. Policing networks proactively cost a lot of companies a lot of money as they work out how to identify bad traffic before it left their networks. They had to develop or purchase software to identify the traffic and block or mitigate it.
Now, it’s the ESPs turn. Much like happened to the ISPs years ago, the ESPs aren’t sure how to react or what they can monitor. Many ESPs do have proactive monitoring in place, but these strategies are failing. Spam is coming off some networks, and the whole network is at risk for blocking, not just the bad customers.
The truth is, though, that ESPs have as much control over their own IP space as ISPs do – and those ISPs are expected to control the amount of spam leaking out their systems. ISPs are starting to expect ESPs, who are now participants in MAAWG and IETF and such, to step up and control the amount of spam leaking out of their systems, too. This is why we’re starting to see wider blocking by ISPs and spam filters of ESPs and their customers.
There is a clear opportunity here for smart ESPs to stand out from their peers and competitors. ESPs are being told that things are changing, and how those things are going to change. How is your business going to adapt? What are you going to do to stop your customers from sending spam?

Related Posts

Tribes

Earlier Laura talked about a communication gap between ESPs and ISPs.
My take on it is that it’s something more than just a difficulty in communicating, rather it’s a division due to differences in personality and approach of those individuals whose primary interest is themselves and those whose primary interest is the health of the overall email ecosystem.
The former group (who I mentally refer to using the shorthand “frat boys“) want to make everything all about them, and their companies revenue, and their visibility in the industry, and their ego resume. Broad generalizations with little need for understanding are adequate to raise their visibility and keep them employed. Details aren’t that important to them. Dominating the conversation is. (Lest that sound negative, these are exactly the individuals who can thrive in sales, customer relations, bizdev and marketing environments.)
The latter (shorthand “utilitarians“) instinctively want to make email work well and to be useful for everyone. They want email to be a healthy, useful system and tend to believe that that means optimizing for the greatest good for the greatest number. (If you’ve any philosophy background, think “felicific calculus as applied to email”). They tend to understand the system in much more detail than the frat boys, though maybe less than the mechanics. And they tend to be better at working together – as they’re more interested in hearing other peoples data in order to get better at what they do, rather than being there to convince others of their pre-decided agenda.
(There’s a third group I think of as “mechanics” who take more joy in the details of keeping the system running smoothly on a small scale, without much interest in the broader system, whether that be in a technical or business role. They tend not to be very interactive in public, though, so don’t have much impact at the level of conversations I’m thinking about).
While I hate the broad terms “senders” and “receivers” used to (falsely) divide the industry into two disjoint halves, I’m painting with a fairly broad brush here, so I’m going to stick with them.
There are quite a few of all three types of people at both senders and receivers – but their power and visibility varies.
At senders there’s a mix of frat boys and utilitarians in operational and policy making positions, but the frat boys tend to have a lot more public visibility – they’re the ones who are trying to be visible, to dominate the conversation, and they’re the people you tend to see doing all the talking and less of the listening, whether it be on industry mailing lists or at the microphone at a conference. Because of their greater visibility, they’re who you think of when you think of senders, and typically they’ll be the ones you end up interacting with most in any random mix of individuals from senders.
At receivers the  operational (as opposed to policy) level is where the real decision making power is as far as email is concerned, and it’s heavily dominated by the utilitarians. (In fact, the more visible frat boys I can think of who were in influential positions at receivers are mostly now working on behalf of senders).
Frat boys are very, very bad at communicating with utilitarians. And utilitarians find it very hard to discuss issues they consider serious with frat boys at anything deeper than a superficial level.
Mechanics aren’t great at communicating with strangers in anything other than a fairly friendly environment, but manage best with other mechanics or with utilitarians.
If you’re a C level manager at a sender, and you’re deciding which of your staff are well suited to collaborate with typical receiver staff that’s something important to consider. The public face of the recievers are probably utilitarians. Frat boys are the worst representatives to send out to talk to them.

Read More

Problems at Cox: Resolved

People mailing to Cox in the wee hours of this morning may have received a rejection message citing the Invaluement DNSBL.
554 IMP a.b.c.d blocked.  IPBL100 – Refer to Error Codes section at http://postmaster.cox.net for more information.
I spoke with one of the folks at Cox and they said there was an error in the implementation causing non-listed IPs to be rejected erroneously between about 4am to 8am (Eastern) this morning.  The problem has been resolved as of 8am, and all traffic is flowing  normally.  The also stated that attempts to resend any blocked messages will succeed. They do apologize for any problems this may have caused.
For those of you with aggressive bounce handling, removing addresses after a single 550 bounce, you will also want to re-enable any cox.net subscribers that bounced off during this configuration problem.

Read More

Winning friends and removing blocks

I do a lot of negotiating with blocklists and ISPs on behalf of my clients and recently was dealing with two incidents. What made this so interesting to me was how differently the clients approached the negotiations.
In one case, a client had a spammer slip onto their system. As a result the client was added to the SBL. The client disconnected the customer, got their IP delisted from the SBL and all was good until the spammer managed to sweet talk the new abuse rep into turning his account back on. Predictably, he started spamming again and the SBL relisted the IP.
My client contacted me and asked me to intercede with Spamhaus. I received a detailed analysis of what happened, how it happened and how they were addressing the issue to prevent it happening in the future. I relayed the info to Spamhaus, the block was lifted and things are all back to normal.
Contrast that with another client dealing with widespread blocking due to a reputation problem. Their approach was to ask the blocking entity which clients they needed to disconnect in order to fix the problem. When the blocking entity responded, the customer disconnected the clients and considered the issue closed. They didn’t look at the underlying issues that caused the reputation problems, nor did they look at how they could prevent this in the future. They didn’t evaluate the customers they disconnected to identify where their processes failed.
The first client took responsibility for their problems, looked at the issues and resolved things without relying on Spamhaus to tell them how to fix things. Even though they had a problem, and is statistically going to have the occasional problem in the future, this interaction was very positive for them. Their reputation with the Spamhaus volunteers is improved because of their actions.
The second client didn’t do any of that. And the people they were dealing with at the blocking entity know it. Their reputation with the people behind the blocking entity was not improved by their actions.
These two clients are quite representative of what I’ve seen over the years. Some senders see blocking as a sign that somehow, somewhere there is a flaw in their process and a sign they need to figure out how to fix it. Others see blocking as an inconvenience. Their only involvement is finding out the minimum they need to do to get unblocked, doing it and then returning to business as usual. Unsurprisingly, the first type of client has a much better delivery rate than the second.

Read More