BLOG

Summer 2017: Moving so fast

It’s been a busy summer so far! If you’ve been too busy to read the blog regularly, here’s an early summer wrap up of our posts from May and June.

A small but significant part of our consulting practice is helping people with delivery crisis situations, such as figuring out what to do if you’re listed on Spamhaus or other block lists, or getting delisted at AT&T. People also ask very specific questions about things like text to image ratio. We answer these directly for clients, on the blog generally, and in my Ask Laura column.

Most of what we do, however, is larger strategic work on creating smart email programs that are designed for deliverability. Our primary focus is to help marketers think about how to send email people want — and have asked — to receive. I went into detail on this in my post on how permissions trump metrics. We also help clients with what we call reading between the lines, or useful ways to think about collaboration between ESPs and their customers. Another enormous area of focus is helping people understand filters in a big picture — or gestalt — approach.

We also talk a lot about list purchasing, appending, and all the other ways people acquire email addresses without direct permission from recipients. Our most recent examples: a colleague who added me to a list they’d built from their LinkedIn contacts (using a wholly different email address), Steve’s experience trying to get hotel wifi, and lists passed between political campaigns. Spammers can generate lists that are “clean” enough to fool ESPs just long enough to get a send out the door.

Unwanted email is unwanted email, even when it’s in a B2B context. When someone reaches out “personally” to me to tell me how useful they think I will find their product or service for my business, that’s still SPAM, even if it’s coming from a personal address or a gmail address to try to get around filters. Even if it’s to say Hello from your LinkedIn BFF. Seriously?! More on permission here.

I often use unique email addresses when I interact with companies, and this shows me both when my address is purchased or shared without permission and when a company has a data breach. Sometimes this can be challenging to report, however, as illustrated (hilariously!) in my Shibboleet post.

In legislative news, the FTC would like to know if we still need CAN-SPAM, and other important feedback on the rule. Though it obviously has not entirely saved our inboxes from SPAM, there’s still a lot of good there. Our neighbors to the north have just announced a delay in one of the major provisions of their anti-SPAM legislation, the private right to action provision of CASL. Both the provision and the delay are interesting, so I went into some detail in my post.

Steve wrote several posts about DMARC, starting with The Philosophy of DMARC, which goes into detail about how the method evolved and the thinking behind it. He followed up with another lengthy post about how DMARC breaks, and a solution for that, the Authenticated Received Chain (ARC). He also posted a message from Fedex as an illustration of how DMARC doesn’t fix phishing.

In fact, phishing just keeps getting more and more sophisticated. And sadly, it seems that senders are not necessarily getting smarter in response.

Steve also wrote about how you can figure out (more or less) if a sender is using DKIM. He also added a useful explanation of protocol-relative URLs in email.

In industry news, I added some detailed information from AOL on the final bits of the Verizon migration and a note about how to handle bounces with disappearing domains.

The best part of my early summer was speaking on a few panels at the ESPC meeting and celebrating the one year anniversary of our Women of Email network with an in-person board meeting in Las Vegas. As someone who works mostly remotely, I very much enjoy coming together with colleagues to connect in person and share ideas and stories. Let me know if you know of any interesting events I should attend later this year.

2 comments

  1. Brian says

    To busy to realize it is 2017 now too… thanks for the links!

    1. laura says

      HA! Oops. Thanks.

Comment:

Your email address will not be published. Required fields are marked *

  • OTA joins the ISOC

    The Online Trust Alliance (OTA) announced today they were joining forces with the Internet Society (ISOC). Starting in May, they will operate as an initiative under the ISOC umbrella. “The Internet Society and OTA share the belief that trust is the key issue in defining the future value of the Internet,” said Internet Society President and CEO, Kathryn Brown. “Now is the right time for these two organizations to come together to help build user trust in the Internet. At a time when cyber-attacks and identity theft are on the rise, this partnership will help improve security and data privacy for users,” added Brown.No Comments


  • Friday blogging... or lack of it

    It seems the last few Friday's I've been lax on posting. Some of that is just by Friday I'm frantically trying to complete all my client deliverables before the weekend. The rest of it is by Friday I'm just tired. Today had the added complication of watching the Trumpcare debate and following how (and how soon) it would affect my company if it passed. That's been a bit distracting, along with the other stuff I posted about yesterday. I wish everyone a great weekend.1 Comment


  • Indictments in Yahoo data breach

    Today the US government unsealed an indictment against 2 Russian agents and 2 hackers for breaking into Yahoo's servers and stealing personal information. The information gathered during the hack was used to target government officials, security employees and private individuals. Email is so central to our online identity. Compromise an email account and you can get access to social media, and other accounts. Email is the key to the kingdom.No Comments


Archives