Delivery implications of Yahoo releasing usernames

Yahoo announced a few weeks ago it would be releasing account names back into the general pool. This, understandably, caused a lot of concern among marketers about how this would affect email delivery at Yahoo. I had the opportunity to talk with a Yahoo employee last week, and ask some questions about how this might affect delivery.
Q: How many email addresses are affected?

Yahoo is not providing any numbers for how many usernames are being returned to the “available” pool. However, most of these addresses were never associated with an email account. The Yahoo rep told me that the number of accounts with email addresses was “miniscule.” What’s more, the vast majority of these email addresses have been bouncing for a long time. As of July 15th, all the email addresses going back into the pool are bouncing and will be until someone claims the username and activates the email address.

Q: What bounce message are senders receiving when they try to send mail to affected email addresses?

All addresses returned to the pool will bounce with a message indicating that the mailbox doesn’t exist. And most of these addresses have been bouncing with that message for months or years.

Q: Are any of these addresses going to be turned into spamtraps?

Yahoo won’t discuss any specifics of their spam filtering. However, there is always the chance that abandoned addresses will be reactivated to spam traps at any time after they are abandoned. This is on reason bounce handling is so critical.

Q: Is Yahoo going to make exceptions for senders who are opt-in, but may send mail to someone who picked up a reclaimed address?

No. These are old, abandoned email addresses and Yahoo expects senders to bounce handle their lists.

Q: Will sending mail to these non-existent addresses affect Yahoo! reputation?

Most of these addresses have been inactive for a long time, so senders with good bounce handling polices should not be concerned.

Q: What do you recommend to opt-in senders who don’t want to send mail to the wrong person?

Make use of the Require-Recipient-Valid-Since header.

Q: Anything else we should know?

This is a normal process for most ISPs. Usernames and addresses don’t stick around forever and most ISPs recycle addresses.

Overall, I don’t think there are many changes from my previous advice not to worry too much about this. There aren’t going to be huge delivery implications to the username recycling. But I do have some suggestions for senders.
If you haven’t mailed a Yahoo account in more than 6 months, mail it now to make sure it’s deliverable. Most of these accounts have been long term bouncing, and regular mailers should have already removed the address. But, I know some senders segment to the extent that some accounts don’t get mail for months or years. Mail them now.
Remove Yahoo addresses that bounce with “user unknown” “mailbox unavailable” and “mailbox unknown” messages on the first bounce. We know that Yahoo will be releasing some portion of these addresses back into the available pool. You could keep mailing those users and hope that the address starts working, and it might. But that recipient may not be who you think it is. Yahoo is not known for sending fake or incorrect mailbox unavailable messages, so trust their bounces and remove addresses promptly.
If you use email as a “key” for access to an online account, consider implementing the proposed “Require-recipient-valid-since” header. Require-recipient-valid-since is a new header going through the IETF standardization process. This header lets a sender, say a social networking site sending a password reset notification, tell the receiving ISP when the address was originally collected. The receiving ISP can bounce the mail if the account has been recycled since it was collected. I’ll be talking more about this in another post.
 

Related Posts

TWSD: Mail known spam trap addresses

One of the things we all “know” is that if spammers get their hands on spamtrap addresses then they’ll stop sending mail to those addresses. This is true for a lot of spammers, but sadly it’s not true for all.
I don’t think it’s any secret that I consult for all types of mailers, from those who just need a little tune up to those who want me to help them avoid filters and blocking. During some of these consulting projects, I use my own spam folder as research and provide information on the spam that I am receiving from them.
A few years ago I was working with a company who hires a lot of different affiliates to send acquisition email. A few of their affiliates had really poor practices and they were trying to figure out which affiliates were the problem. I handed over a number of mails from my personal spam traps, in order to help them identify the problem affiliate.
I told them, and their affiliate, what my spamtrap addresses were. And, for many years I stopped receiving that particular spam. But, over the last few weeks I’ve seen a significant uptick in spam advertising my former client.
I’m certainly not trying to convince anyone that handing over spamtraps is a good thing. But there is at least some evidence out there that they’re not even competent enough to permanently remove traps. I really have to wonder at how sloppy some marketers are, too, that they’ll hire spammers and not at least hand over a list of addresses they know are bad addresses to mail.
I really thought spammers were smarter than that. I am, apparently, wrong.
EDIT: Of course, mailing this spamtrap gets them nothing but a little ranty blog post here. It doesn’t result in blocking, or disconnection from their ISP or their ESP or anything else. I suspect if there was actually an affect, like, say, I started forwarding this mail to Spamhaus or other filtering companies, they might stop mailing this address. Anyone want a 20 year old, slightly used spam trap?
 

Read More

Broken record…

The Return Path In the Know blog listed 4 reasons mailing those old addresses is a bad idea.
Ashley, the author, is completely right and I endorse everything she said. (Although I’d really like to hear what happened to the customer that added back all those addresses. What was the effect on that campaign and future email marketing?) As I was reading the article though, I realized how many times this has been said and how depressing it is that we have to say it again. And again. And again.
A number of folks have told me that the reason they don’t pay any attention to delivery professionals is because we don’t provide enough real data. They can show that sending mail to old addresses costs them nothing, and makes them real money.
That’s not really true, though. We do provide data, they just don’t like it so they don’t listen to it. Return Path publishes lots of numbers showing that mailing unengaged recipients lowers overall delivery. I can provide case studies and data but companies that are committed to sending as much mail as possible throw up many reasons why our data isn’t good or valid.
The biggest argument is that they want hard numbers. I do understand this. Numbers are great. Direct and clear answers are wonderful. But delivery is a squishy science. There are a lot of inputs and a lot of modifiers and sometimes we can’t get exactly one answer. The data is noisy, and difficult to replicate. One of the reasons is that filtering is a moving target. Filters are not, and cannot be, fixed. They are adaptive and are changing even between one hour and the next.
Delivery experts are about risk management. They are the parents requiring everyone in the car wear seat belts, even though the driver has never had an accident. They are the fire department enforcing fire codes, even though it’s the rainy season.
Risk management isn’t about the idea that bad things will absolutely happen but rather that it is more likely that a bad thing will happen in some cases.
In this case, it’s more likely that delivery problems will happen when mailing old addresses. And if those addresses aren’t actively contributing to revenue, it’s hard to argue that their presence on a list is more beneficial than their absence.
But I repeat myself. Again.

Read More

Do you have an abuse@ address?

I’ve mentioned multiple times before that I really don’t like using personal contacts until and unless the published or official channels fail. I don’t hold this opinion just about resolving delivery issues, but also use official channels when reporting spam to one of my addresses or spam traps.
My usual complaints contain a plain text copy of the mail, including full headers and a short summary of the email address it was sent to. “This is an address that was part of a leak from…” or “This is an address scraped off my website. It’s been removed from the website since 2004” or “This address isn’t used to sign up for any mail.”
Sadly, there are a number of “legitimate” ESPs that don’t have or don’t monitor their abuse address. In some cases it’s an oversight or a break down of internal mail handling. But in most cases, it’s a sign that the ESP doesn’t actually handle abuse.
It’s frustrating to watch an ESP post long blog posts about “best practices” and “effective delivery” and “not spamming” and yet not be able to actually stop their own customers from spamming. It’s not even that I necessarily want them to disconnect their spamming customers (although that would be nice) but suppressing the address that I’ve told them was a spamtrap seems trivial. And yet, a month after my first complaint and weeks after escalating to a personal contact, I’m still getting spam.
The 5 things every ESP should do to handle spam complaints.

Read More