Transactional mail can be spam

Marketers have a thing about transactional mail. In the US, transactional mail is exempt from many of the CAN SPAM regulations. If they label a mail transactional, then they can send it even when the recipient has opted-out! The smart marketer looks for opportunities to send transactional mail so they can bother spam get their brand in front of people who’ve opted out.

Enter the anniversary, birthday or holiday message. If a message is sent once per year and is based around some event, then it’s classified as transactional. But these messages aren’t really transactional. There’s nothing the recipient did. The only “transaction” is the passage of time.

These kind of fake transactional messages are just legal spam, particularly if the recipient has opted out of marketing mail.

I mentioned this on the email geeks slack channel, along with the comment that if companies were going to ignore preferences they should at least offer recipients something for reading their spam. One smart person pointed out that if the messages contained rewards, like a percentage off, then it’s not transactional mail any more and it’s a clear violation of CAN SPAM and other laws.

There are, of course, legitimate transactional messages. My favourite definition of transactional message is a message confirming or completing an action initiated by the recipient. The whole point of carving out transactional messages from CAN SPAM is for the recipient, not for the sender. Any truly transactional mail, therefore, must benefit the recipient more than the sender.

There are also cases where one time emails benefit the recipient, but are not generated due to a direct interaction by the recipient. One common case of this is messages alerting users that a particular product is back in stock. These messages are wanted by the user, and they benefit the user, but the timing of their send isn’t related to a user’s action. Timing is dictated by restocking timelines. In discussions with clients, I describe these types of messages as triggered rather than transactional.

Transactional mail must center the recipient. If a recipient has opted out from mail from a company, then they probably don’t want to receive marketing mail, even if the subject line is Happy Birthday or Happy Anniversary.

Resources for safer conferences
SaaS systems are spammer targets

Related Posts

September 2015: The month in email

September’s big adventure was our trip to Stockholm, where I gave the keynote address at the APSIS Conference (Look for a wrapup post with beautiful photos of palaces soon!) and had lots of interesting conversations about all things email-related.
Now that we’re back, we’re working with clients as they prepare for the holiday mailing season. We wrote a post on why it’s so important to make sure you’ve optimized your deliverability strategy and resolved any open issues well in advance of your sends. Steve covered some similar territory in his post “Outrunning the Bear”. If you haven’t started planning, start now. If you need some help, give us a call.
In that post, we talked a bit about the increased volumes of both marketing and transactional email during the holiday season, and I did a followup post this week about how transactional email is defined — or not — both by practice and by law. I also wrote a bit about reputation and once again emphasized that sending mail people actually want is really the only strategy that can work in the long term.
While we were gone, I got a lot of spam, including a depressing amount of what I call “legitimate spam” — not just porn and pharmaceuticals, but legitimate companies with appalling address acquisition and sending strategies. I also wrote about spamtraps again (bookmark this post if you need more information on spamtraps, as I linked to several previous discussions we’ve had on the subject) and how we need to start viewing them as symptoms of larger list problems, not something that, once eradicated, means a list is healthy. I also posted about Jan Schaumann’s survey on internet operations, and how this relates to the larger discussions we’ve had on the power of systems administrators to manage mail (see Meri’s excellent post here<).
I wrote about privacy and tracking online and how it’s shifted over the past two decades. With marketers collecting and tracking more and more data, including personally-identifiable information (PII), the risks of organizational doxxing are significant. Moreso than ever before, marketers need to be aware of security issues. On the topic of security and cybercrime, Steve posted about two factor authentication, and how companies might consider providing incentives for customers to adopt this model.

Read More

I'm not a customer any more

We recently moved co-working spaces, after 8 or 9 years in the same place.  I’ll be up front here, we left Space A because I was annoyed with them. I’ve been increasingly unhappy with them for a while, but moving is a pain so just put up with them. But their most recent rent increase along with the lost packages, increasing deposit requirements and revolving door of incompetent staff finally drove us to find a new co-working space.
On the 15th of the last month of our contract, I started receiving marketing emails from Space A. I just deleted a couple of them but finally decided I didn’t want to ever see their name again. I tried to unsubscribe.

Gotta give them credit. Checkboxes for everything, except some of them are to opt-in and some of them are to opt-out. This is the kind of interface marketers use to confuse folks and limit the actual number of opt-outs. I’ll admit, the first time I tried to opt-out, I probably did it wrong. But, I know CAN SPAM says they have 10 days, and I know many marketers take advantage of that so I wait a while and keep deleting the messages that show up in my mailbox.
That was late June. By early July I realize it’s been more than 10 days and I’m still getting mail from them. So I click another opt-out link. This time I notice I need to uncheck most boxes, but check the bottom one. OK, fine, you got me, I didn’t read and didn’t correctly opt-out the first time. This time I will.
I continue to receive email. I continue to delete the email. We run our own mail system so I don’t have the benefit of a this-is-spam button, but you can bet if I did I would have used it, on every message I received after my first attempt to opt-out.
This week, after getting yet more mail, I start digging. What ESP are they using that’s bungling the opt-out process? Ah. I know that ESP. So I send in a complaint to abuse@ESP asking them to please make their customer stop mailing me. I also go, once again, to the preference page and submit an opt-out request. Because, hey, maybe third time is a charm?
12 hours later I get yet another mail from them. Really? REALLY? OK. Now I’m moving from annoyed to irate. First step: figure out if I know anyone working at said ESP. Ah, right, them. I have a lot of respect for this colleague, so I send a heads up pointing out that their customer isn’t honoring unsubscribes and can they take a look at what might have broken in their unsubscribe process.
This morning they tell me they looked into my subscription and have not registered any opt-out request until the one this week. The other two? Not recorded in their system. “Does this match your recollection of what happened?” No. No it doesn’t. I know I clicked on unsub links at least 3 times and only one of those clicks is recorded.
At this point, I’m pretty sure I’ll be suppressed by the ESP so I won’t have to get mail from Space A any longer. That fixes the annoyance on my end. But I can’t help thinking about how horrible this interaction was, both from a deliverability perspective and from a customer perspective.

Read More

Unsubscribe means unsubscribe

But, unfortunately, some senders don’t actually think unsubscribe means stop sending mail.
Today, for instance, the nice folks at The Container Store sent me an email with an “important update to my POP! account”

Yes, that’s an address I gave them. But I don’t have any record of setting up an account. I was on their mailing list for all of 4 emails back in November 2016 before unsubscribing. But, they’ve decided they can email me despite my unsubscribe request.
They’ve cloaked this as an “Important Account Update” about some account I don’t have. In fact, when I go to their website and try and see what this oh so important account is about they tell me:


I understand legitimate account notifications might be an acceptable excuse to send mail even after the recipient opted out. This, however, was done extremely poorly. There is no record of the account that they are sending me information about. Neither the company nor I have any record of this account of mine.
At a minimum the emails should have only be sent to the folks that actually had an account. But, they weren’t.
I also have some issues with a company requiring recipients to accept email in order to continue using reward points. As a recipient, if I wanted what they were offering I might go ahead and continue receiving emails. But, I might not. It would all depend on how aggressive their email program is and how good the rewards are. As a deliverability consultant, this strikes me as a great way to create a mailing list full of unengaged users. Unengaged users lead to spam foldering and eventual failure of an email marketing program.
Whatever some executives think, and having been in this industry for a decade and I half I’m sure this is coming from the top down, this is not a good way to build an email program. You really can’t force folks to accept your email. ISPs are too protective of their users to make that a viable strategy.

Read More