Define "spam"

A comment came through recently from Trent asking me to define spam. It’s been a while since I’ve talked about how I define spam, so let’s look at it.
Personally, I describe spam as unsolicited bulk email. If I didn’t ask for it and it looks like bulk mail then I consider it spam. In many cases the spammers have multiple email addresses of mine so I can demonstrate the mail was sent in bulk.
In my consulting and working with clients, though, I rarely use the word spam. There are so many different definitions of spam, I have no way to know if my clients understand what I am saying, so I avoid the term as much as humanly possible. An example of some of the few definitions of spam I’ve seen used over the years.

  • unsolicited bulk email
  • unsolicited commercial email
  • mail I don’t want
  • mail I don’t think my customers want
  • mail that is identical/similar to mail that hit my spamtrap
  • mail that was sent to a non-existent address at my domain
  • mail that contains HTML
  • unsolicited email
  • mail that advertises Viagra or porn sites or similar
  • mail that other people send

With my clients we talk about how the client’s mail is perceived by the various groups and why their mail might be blocked or filtered. For those cases, it’s useful to look at the definitions used by organizations doing the blocking.
Spamhaus and some other blocking lists use “unsolicited bulk email” as their definition. Many of the listings rely on mail to spamtraps. IPs sending mail to addresses not given to anyone, are sending unsolicited and presumably bulk mail. Thus that IP gets listed. They also have other lists that monitor snowshoe behaviour as well as listing domains. Spamhaus, and other blocklists believe that if a mailer is sending one piece of email to a user who did not request it, then they are likely mailing many other users who did not request any mail. This definition centers around permission, and any mail without permission is considered spam.
Many of the large ISPs use “mail our users complain about” as their definition. With this definition, they do not have to argue permission status with a sender. The data shows that their customers complain about mail from that sender or with that URL. The ISPs are going to block, or deliver to the bulk folder, email that their users do not want.
Filters and some blocking lists use “mail that has characteristics of mail we know is unsolicited bulk mail” as their definition. These characteristics can be things like an invalid HELO string, or lack of reverse DNS on the connecting IP address, or badly formatted HTML. Mail that looks like spam, in the technical sense, is often treated like spam.
Spam is a term that means different things to almost everyone. However, to answer your request, Trent: when I mention spam here on the blog without an accompanying explanation of the term, I’m talking about unsolicited bulk email.
This post is an updated version of  What really is spam, anyway?. I also talk about the definition of spam in Defining Spam

Related Posts

Double opt-in, it's not what you think it is

Bill McCloskey has a post over on ClickZ about single opt-in vs. double opt-in. The post itself is generating a lot of buzz in the industry and has pages and pages of comments. I’m not going to really comment on the post, as I think much of what I would say has been covered in the comments, in posts here and in every email marketing discussion that has happened in the last 5 years.
I do want to comment on one of the comment’s however. This comment makes the assertion that “double opt-in was a term designed by spammers to make confirmed opt-in look too troublesome and problematic to use.”  This is a bit of lore that is deeply, deeply established in the minds of many anti-spammers. There is a core group of activists that are completely convinced that anyone who ever uses the term double opt-in to refer to a confirmation practice is not only a spammer, but a lying scammer. They cannot imagine a world where someone might use this term while actually supporting the practice.
The problem with this belief is that it’s not true. Double opt-in was mostly used by PostmasterDirect (now part of ReturnPath) as a way to market their email addresses. PostmasterDirect actually patented a process for confirming addresses and used double opt-in as a way to distinguish themselves in the market place. It wasn’t that double opt-in was twice as hard as opt-in, it’s that their email address lists were twice as good as those other lists that you might be thinking of buying.
So, no, double opt-in is not spammer speak. It is, in fact, often the speech of a sender who is attempting to do the right thing. The fact that the sender does not know a made up history of a term does not turn them into a lying spammer. Asserting that it does says a lot more about the person making the assertion.

Read More

9th circuit ruling in Gordon v. Virtumundo

The 9th circuit court of appeals issued their ruling in Gordon v. Virtumundo today. The ruling was heavily in favor of Virtumundo. I have not had time to read the ruling, but both Venkat and Mickey have posts on the case and the ruling.
This is another solid blow against anti-spammers suing spammers under state laws and CAN SPAM. The problem is that many of the cases are brought by people, and lawyers, who fail to understand that just because they don’t like something doesn’t make it illegal. Spammers do a lot of bad things, but the ones you can track enough to sue are generally not breaking the law. Sadly, cases like Gordon and Mummagraphics makes it harder for ISPs to sue spammers that are actively harming the ISP and the customers.

Read More

New Delivery tools

A couple nifty new delivery tools were published over the weekend.
Mickey published Bounce P.I. where senders can paste in an error message or bounce and it will tell you what filter generated it. If the rejection is unrecognized, it will flag the message internally and it will be researched to see if the filter can be identified.
Steve has a new tool at the DKIMCore site. The key generating tool and the record checking tool have been up for a while. This weekend, though, he published a tool to check the validity the DKIM record published in DNS. Tool output shows if the record is valid, the version and the public key.

Read More