Schroedinger’s email

The riskiest email to send is that very first email. It’s a blank slate. Even if you’re sending confirmation messages, you don’t really know anything about how this email is going to affect your reputation.

It’s Schroedinger’s email. The address is both good and bad, until you send to it.

If it’s good, great things will happen. You’ll be happy. The recipient will be happy. Deliverability will increase. Everything is awesome.

But if it’s not good, there are a whole host of consequences to sending that email. The obvious problems are hitting spamtraps, bouncing mail and complaints with the resulting delivery problems and, in very bad case, spamfoldering and blocklisting. Sure, you can use a data hygiene to lower the chances of the mail bouncing. But hygiene services don’t help you if the address is deliverable but belongs to someone else. They certainly don’t help if the address is a spamtrap.

There are all sorts of ways to mitigate damage from bad email addresses, after you know for certain they’re bad email addresses. But that first email is still risky. Even sending a confirmation email (double opt-in) can cause delivery problems at some places. That’s especially true for signups where you might want to send confirmation emails like sweepstakes or political mail.

The obvious answer is to segregate all confirmation emails onto their own IP with their own DKIM signature and, if you’re really worried, it’s own domains and everything. The problem there is that if your mail is messy enough, you may generate a bad reputation on it and your confirmation emails will go to bulk.

You may want to consider, then, just mixing in the confirmation emails with your regular mailstream and letting the good reputation carry the new messages. That may work depending on the relative volumes and the quality of the subscription feed.

Another way to handle it is to segregate the confirmation messages on an IP with other transactional and triggered emails like password resets, 2FA emails and purchase receipts. If you have a transactional feed, this is the best way to handle this mail. Most of the other emails are heavily engaged with, but come at irregular intervals. This mimics the confirmation emails and lets all that stream develop a reputation outside of the reputation of regular bulk mail.

All in all, there’s no one way to manage confirmation emails for a signup stream. There’s always going to be risk to mailing that unknown email. We’re already seeing filters able to sort out different mail types when they’re from the same IPs with the same authentication. Google and Oath are good at that already.

My best advice is to lump it in with the other transactional email. That’s what it is, that’s what it looks like. If you only have a single IP, then I’d advise authenticating transactional mail, including confirmation mail, differently from marketing and bulk mail. That way the filters can distinguish between the two streams. While some reputation will be shared between the different kinds of mail, the filters will be able to distinguish between them. As such the confirmation emails will be less likely to harm your overall delivery.

Related Posts

Confirming addresses for transactional mail

A colleague was asking about confirming transactional mail today. It seems a couple of big retailers got SBLed today for sending receipts to spamtraps. I talked a few weeks ago about why it’s important to let people unsubscribe from transactional email, and many of those same things apply to confirming receipts.

Read More

Would you buy a used car from that guy?

There are dozens of people and companies standing up and offering suggestions on best practices in email marketing. Unfortunately, many of those companies don’t actually practice what they preach in managing their own email accounts.
I got email today to an old work email address of mine from Strongmail. To be fair it was a technically correct email. Everything one would expect from a company handling large volumes of emails.  It’s clear that time and energy was put into the technical setup of the send. If only they had put even half that effort into deciding who to send the email to. Sadly, they didn’t.
My first thought, upon receiving the mail, was that some new, eager employee bought a very old and crufty list somewhere. Because Strongmail has a reputation for being responsible mailers, I sent them a copy of the email to abuse@. I figured they’d want to know that they had a new sales / marketing person who was doing some bad stuff.
I know how frustrating handling abuse@ can be, so I try to be short and sweet in my complaints. For this one, I simply said, “Someone at Strongmail has appended, harvested or otherwise acquired an old email address of mine. This has been added to your mailing list and I’m now receiving spam from you. ”
They respond with an email that starts with:
“Thank you for your thoughtful response to our opt-in request. On occasion, we provide members of our database with the opportunity to opt-in to receive email marketing communications from us.”
Wait. What? Members of our database? How did this address get into your database?
“I can’t be sure from our records but it looks like someone from StrongMail reached out to you several years ago.  It’s helpful that you let us know to unsubscribe you.  Thank you again.”
There you have it. According to the person answering email at abuse@ Strongmail they sent me a message because they had sent mail to me in the past. Is that really what you did? Send mail to very old email addresses because someone, at some point in the past, sent mail to that address? And you don’t know when, don’t know where the address came from, don’t know how it was acquired, but decided to reach out to me?
How many bad practices can you mix into a single send, Strongmail? Sending mail to addresses where you don’t know how you got them? Sending mail to addresses that you got at least 6 years ago? Sending mail to addresses that were never opted-in to any of your mail? And when people point out, gently and subtly, that maybe this is a bad idea, you just add them to your global suppression list?
Oh. Wait. I know what you’re going to tell me. All of your bad practices don’t count because this was an ‘opt-in’ request. People who didn’t want the mail didn’t have to do anything, therefore there is no reason not to spam them! They ignore it and they are dropped from your list. Except it doesn’t work that way. Double opt-in requests to someone has asked to be subscribed or is an active customer or prospect is one thing. Requests sent to addresses of unknown provenance are still spam.
Just for the record, I have a good idea of where they got my address. Many years ago Strongmail approached Word to the Wise to explore a potential partnership. We would work with and through Strongmail to provide delivery consulting and best practices advice for their customers. As part of this process we did exchange business cards with a number of Strongmail employees. I suspect those cards were left in a desk when the employees moved on. Whoever got that desk, or cleaned it out, found  those cards and added them to the ‘member database.’
But wait! It gets even better. Strongmail was sending me this mail, so that they could get permission to send me email about Email and Social Media Marketing Best Practices. I’m almost tempted to sign up to provide me unending blog fodder for my new series entitled “Don’t do this!”

Read More

How not to build a mailing list

I mentioned yesterday one of the major political blogs launched their mailing list yesterday. I pointed out a number of things they did that may cause problems. Today, I discovered another problem.
This particular blog has been around for a long time, probably close to 10 years. It allows anyone to join and create their own blogs and comment with registered users. As part of their new mailing list, they added everyone who has ever registered to their mailing list. They did not send a “we have a new list, want to join it?” email, they added every registered user to the list and said “you can opt out if you want.”
This is such a bad idea. My own account was used once, to make one comment, back in 2005. Yes, 2005. It’s been almost 5 years since I last logged into the site. Sure, I have email addresses that go back that far, but not everyone does. That list is going to be full of problems: dead addresses, spamtraps, duplicates, unengaged and uninterested.
Seriously, they’re adding people who’ve not logged into their site in 5 years to a mailing list. How can this NOT go horribly wrong?
My initial thought was this was going to blow up in a week. I’m now guessing they’ll start seeing delivery problems a lot sooner than that.

Read More