B2B mail and compliance failures

This morning I got an email to a tagged address. The tag matched the company so it’s very likely I did actually sign up. Digging back through my mailbox, I see one previous email to that account – back in 2008.

2008.

One email.

Who knows why I signed up and gave them an email address. Maybe I made a comment on their website. Or perhaps I signed up while investigating something for a client. I certainly don’t know. Given there is one email, I clearly unsubscribed.

If the address hadn’t been tagged, I would have assumed it was just another giant company purchasing addresses and sending out spam. In fact, it’s quite possible that many of the subscribers thought that this was simply spam. One interesting thing, though, is this is primarily B2B mail. It’s very unlikely that their ESPs monitoring saw anything unusual with the mailing. And if they did, it’s possible there’s not enough evidence the customer is violating the AUP.

Monitoring B2B deliverability it a challenge in any situation. Most of the ways ESPs monitor customers delivery don’t work in a B2B context. There aren’t FBLs for business domains. The business user sometimes does have a “this is spam” button and that data is used to tune filters. Sometimes the filters are the individual bayesian filters built into the mail client. Other times, the filters feed back to the filter maintainer and affect the mail coming into the business and other users of the filter. That data isn’t sent by FBL to the sender.

What does this mean? It means that how compliance monitors and identifies spam doesn’t work very well in when their customers are focused on the B2B market. Senders in the B2B space think they don’t have to actually get permission before they send. As compliance we’ve enforced that because their complaints are low. The complaints are low not because people don’t want the mail, but because there’s no way to get complaints from B2B mail.

Lack of negative feedback doesn’t mean the mail is good. It just means there’s no pathway for the feedback. Mail sent to lists of purchased email addresses, or addresses harvested off LinkedIn may not have high complaint rates or high bounce rates. But that doesn’t make the mail good, or wanted.

The remedy for B2B spam is blocking. B2B mailers don’t get the ability to tune their mail based on engagement or other factors like they can with B2C. Send B2B spam, get blocked.

Gradual DMARC Rollout
Filters working as intended

Related Posts

The cycle goes on

Monday I published a blog post about the ongoing B2B spam and how annoying it is. I get so many of these they’re becoming an actual problem. 3, 4, 5 a day. And then there’s the ongoing “drip” messages at 4, 6, 8, 12 days. It is getting out of control. It’s spam. It’s annoying. And most of it’s breaking the law.
But, I can also use it as blog (and twitter!) fodder.

Read More

Permission and B2B spam

Two of the very first posts I wrote on the blog were about permission (part 1, part 2). Re-reading those posts is interesting. Experience has taught me that recipients are much more forgiving of implicit opt-in than that post implies.
The chance in recipient expectations doesn’t mean, however, that permission isn’t important or required. In fact, The Verge reported on a chatbot that will waste the time of spammers. Users who are fed up with spam can forward their message to Re:Scam and bots will answer the mail.
I cannot tell you how tempted I am to forward all those “Hey, just give me 10 minutes of your time…” emails I get from B2B spammers. I know, those are actually bots, but there is lovely symmetry in bots bothering one another and leaving us humans out of it.

Speaking of those annoying emails, I tweeted about one (with horrible English…) last week. I tagged the company in question and they asked for an example. After I sent it, they did nothing, and I continued to get mail. Because of course I did.
These types of messages are exactly why permission is so critical for controlling spam. Way more companies can buy my email address and add me to their spam automation software than I can opt-out of in any reasonable time frame. My inbox, particularly my business inbox, is where I do business. It’s where I talk with clients, potential clients, customers and, yes, even vendors. But every unsolicited email wastes my time.
It’s not even that the mail is simply unwanted. I get mail I don’t want regularly. Collecting white papers for my library, RSVPing to events, joining webinars all result in me getting added to companies’ mailing lists. That’s fair, I gave them an email address I’ll unsubscribe.
The B2B companies who buy my address are different. They’re spamming and they understand that. The vendors who sell the automation filters tell their customers how to avoid spam filters. Spammers are told to use different domains for the unsolicited mail and their opt-in mail to avoid blocking. The software plugs into Google and G Suite account because very few companies will block Google IPs.
I’ve had many of these companies attempt to pay me to fix their delivery problems. But, in this case there’s nothing to fix. Yes, your mail is being blocked. No, I can’t help. There is nothing I can say to a filtering company or ISP or company to make them list that block. The mail is unwanted and it’s unsolicited.
The way to get mail unblocked is to demonstrate the mail is wanted. If you can’t do that, well, the filters are working as intended.
 

Read More

July 2017: The month in email

August is here, and as usual, we’re discussing spam, permissions, bots, filters, delivery challenges, and best practices.

One of the things we see over and over again, both with marketers and with companies that send us email, is that permission is rarely binary — companies want a fair amount of wiggle room, or “implied permission” to send. There are plenty of examples of how companies try to dance around clear permissions, such as this opt form from a company we used to do business with. But there are lots of questions here: can you legitimately mail to addresses you haven’t interacted with in 5 years? 10 years? What’s the best way to re-engage, if at all?
We frequently get questions about how to address deliverability challenges, and I wrote up a post about some of the steps we take as we help our clients with this. These are short-term fixes; for long-term success, the most effective strategy is sending email that people want and expect. Engagement is always at the core of a sustainable email program.
We’ve also discussed the rise of B2B spam, and the ways in which marketing technologies contribute to the problem. B2B marketers struggle to use social and email channels appropriately to reach customers and prospects, but still need to be thoughtful about how they do it. I also wrote about some of the ways that marketing automation plugins facilitate spam and how companies should step up to address the problem. Here’s an example of what happens when the automation plugins go awry.
I wrote a few posts about domain management and the implications for security and fraud. The first was about how cousin domain names can set users up for phishing and fraud, and the second was a useful checklist for looking at your company’s domain management. We also looked at abuse across online communities, which is an increasing problem and one we’re very committed to fighting.
I also highlighted a few best practices this month: guidelines for choosing a new ESP and active buttons in the subject line for Gmail.
And finally, we celebrated the 80th birthday of the original SPAM. If you’re a regular reader of this blog, you probably already know why unwanted email is called SPAM, but just in case, here’s a refresher….

Read More