Word to the Wise https://wordtothewise.com Tue, 30 Jun 2015 00:54:45 +0000 en-US hourly 1 http://wordpress.org/?v=4.3-alpha-32315 Another CASL fine https://wordtothewise.com/2015/06/another-casl-fine/ https://wordtothewise.com/2015/06/another-casl-fine/#comments Tue, 30 Jun 2015 00:54:45 +0000 https://wordtothewise.com/?p=8475 The Canadian Radio-television and Telecommunications Commission (CRTC) announced today that Porter Airlines had agreed to pay a fine of $150,000 for violations of the Canadian Anti-Spam Law (CASL). After investigating the airline, CRTC found multiple violations of the statute. These violations include no unsubscribe link or the unsubscribe link was not prominent enough. Some of […]

The post Another CASL fine appeared first on Word to the Wise.

]]>
The Canadian Radio-television and Telecommunications Commission (CRTC) announced today that Porter Airlines had agreed to pay a fine of $150,000 for violations of the Canadian Anti-Spam Law (CASL).

After investigating the airline, CRTC found multiple violations of the statute. These violations include no unsubscribe link or the unsubscribe link was not prominent enough.
Some of the messages at issue failed to have proper identification. Finally, Porter Airlines couldn’t prove consent for at least some subset of the subscribers.

This is another in a series of enforcement actions where CRTC fined companies for violations of CASL. But none of those enforcement actions really seem overly punitive. There were multiple people publicly concerned about CRTC aggressively fining companies and even driving them out of business. These concerns now appear to be unfounded. Certainly, CRTC is enforcing the law but in a way to help companies come into compliance with it.

Another major concern some individuals had was the private right of action under CASL. I recently attended a conference where one of the talks was related to CASL and enforcement. What was said there is that there are some constraints on bringing a case. For instance cases can’t be brought in lower courts, they have to be brought in the provincial (I think) courts. This puts an additional burden on plaintiffs. Reading between the lines, my impression was this was intended by the regulatory agency and lawmakers to stop nuisance type suits, but allow for real action when needed.

Finally, I have yet to hear about any enforcement action that resulted in fines for corporate officers rather than the corporation as an entity.

All in all, the chicken littles claiming that this law was going to drive email marketers out of business seem to have been wrong. In fact, when I asked a question during the session “have you heard of any companies stopping marketing in Canada due to CASL” the first response was a scoff. This was not the purpose or intent of the law, and it doesn’t appear to be enforced that way.

The post Another CASL fine appeared first on Word to the Wise.

]]>
https://wordtothewise.com/2015/06/another-casl-fine/feed/ 0
When to include a physical address https://wordtothewise.com/2015/06/when-to-include-a-physical-address/ https://wordtothewise.com/2015/06/when-to-include-a-physical-address/#comments Fri, 26 Jun 2015 16:51:10 +0000 https://wordtothewise.com/?p=8463 One of the requirements to be CAN-SPAM compliant is to include a physical address within every promotional email that is sent. If your company hires a third party to send email on your behalf, your physical address should be clearly visible within the message when the message is selling your products and services. There is […]

The post When to include a physical address appeared first on Word to the Wise.

]]>
One of the requirements to be CAN-SPAM compliant is to include a physical address within every promotional email that is sent. If your company hires a third party to send email on your behalf, your physical address should be clearly visible within the message when the message is selling your products and services. There is a stipulation that if your message is transactional or a relationship message, then it does not need to adhere to the CAN-SPAM requirements by including your physical address or unsubscribe link.

Examples of transactional mail would be welcome emails, password resets, auto-responders, shipment notifications, or account alerts.  While you and I may know that these emails aren’t required to include this information most users would not know.

street-signsThe CAN-SPAM Act has been in effect going on 12 years and recipients look for unsubscribe links and physical addresses within the messages. Emails that are missing this bit of information leads the recipient to believing the message is spam.  While including the physical address and unsubscribe link are not required for your transactional emails, it’s better to be safe than sorry and include them anyways.

The recipient may have recently received a series of marketing emails from you and when they receive a transactional mail message, they may want to adjust the frequency of the mail they are receiving. By not including an unsubscribe link and physical address, the user may resort to marking the message as spam.

When sending marketing and transactional emails, you want to adhere to the law and then take the user behavior and expectations into consideration. There is no harm in including your physical address in both your marketing emails and transactional emails.

The post When to include a physical address appeared first on Word to the Wise.

]]>
https://wordtothewise.com/2015/06/when-to-include-a-physical-address/feed/ 0
3 new CAN SPAM cases https://wordtothewise.com/2015/06/3-new-can-spam-cases/ https://wordtothewise.com/2015/06/3-new-can-spam-cases/#comments Thu, 25 Jun 2015 23:57:14 +0000 https://wordtothewise.com/?p=8451 Xmission, a Utah ISP, has filed suit against 3 companies alleging violations of CAN SPAM. The cases were filed in the Utah District Court in April and June. I’ve downloaded some of the documents and complaints and they are now in RECAP. I’ve also included the complaints here (and the links from here on out are […]

The post 3 new CAN SPAM cases appeared first on Word to the Wise.

]]>
Xmission, a Utah ISP, has filed suit against 3 companies alleging violations of CAN SPAM. The cases were filed in the Utah District Court in April and June. I’ve downloaded some of the documents and complaints and they are now in RECAP. I’ve also included the complaints here (and the links from here on out are almost all .pdfs of the court documents).

Xmission v. Adknowledge (Case 2:15-cv-00277).

Xmission v. Clickbooth (Case 2:15-cv-00420).

Xmission v. Thompson and Company (Case 2:15-cv-00385).

In all the cases Xmission is alleging similar violations of CAN SPAM.

Falsified header information: part 1

Xmission asserts that the domains in the headers were spoofed, unregistered or belonged to an unrelated 3rd party. One of the complaints listed subject lines of the emails sent, so I dug through my spam folder for similar emails. I found a few examples of what I suspect are the spams mentioned in the suit.

Received: from lijiboyulecheng7.com (unknown [114.98.67.145])
    by mx.wordtothewise.com (Postfix) with ESMTP id C5BAB17EC50
    for <lxxxxx@xxxxxx.xxx>; Mon, 22 Sep 2014 16:46:00 -0700 (PDT)

lijiboyulecheng7.com doesn’t exist in DNS and is an unregistered domain. That same spam had a from address of: Awards <RewardsDepartment@lijiboyulecheng7.com>.

While I don’t know for sure that these are the specific emails in question, there is a lot of spam being sent from unregistered or invalid domains. It’s not hard to argue this is a CAN SPAM violation.

Falsified header information: part 2

Xmission asserts that the domains were acquired under false pretenses. They go so far as to say that the domains that were registered were done so for the sole purpose of sending spam and in violation of the registrar agreements.

Registering lots of domains, only to use them for a short period of time, is a common tactic among spammers. I don’t know if I’d go so far as to say it’s a CAN SPAM violation, but the Xmission reading of the law may persuade the judge.

“Header information that is technically accurate but includes an originating electronic mail address, domain name, or Internet Protocol address the access to which for purposes of initiating the message was obtained by means of false or fraudulent pretenses or representations shall be considered materially misleading.” 15 U.S.C. § 7704(a)(1)(A).

Using automated means to create addresses

Xmission alleges that the defendants used scripts to create both the recipient and the sender addresses. CAN SPAM doesn’t mention anything about scripts to create sender addresses, or domains, so I think this is a bit of a stretch for Xmission. And I haven’t seen any evidence these spammers are creating addresses. Overall, I think the aggravated damages is going to be a very hard sell for Xmission. Did the authors of CAN SPAM intend for the automated address provision to be used against the sender address. I’m pretty sure they didn’t.

But it’s hard to argue that the domains that Xmission did mention were somehow not automatically created:

Defendants transmitted e-mails to XMission customers through the following domains: 00261.net; 00374.net; 00596.net; 00689.net; 001268.net; 048588.com; 0959.org; 17000666666.com; 1700099999.com; 323333.net; 366666666.com; 466666666.com; 888338.net.

The founder of XMission, Pete Ashdown, did submit a declaration in the Clickbooth case. This declaration provides some extra details about spam coming into Xmission. The data points I found most interesting were:

  • Xmission has 13 servers just to handle incoming spam.
  • Xmission has 2 full time staffers to manage incoming mail, deal with complaints and adjust filters.
  • Xmission spends between 100K and 200K dollars per year on anti-spam technology.
  • Xmission uses both URIBL and Spamhaus as part of their filtering.
  • Even with these two blocklists, between 40 and 85% of mail coming into Xmisison is spam.
  • Xmission clicked unsubscribe on links in emails and saw no effect.

Of all the cases, only Adknowlege has responded to the complaint, and they deny everything and ask for summary judgement as “they don’t own the sending domains in question.” The judges in the Adknowledge and Clickbooth cases have ordered that both companies are to accept a list of domains from Xmission and cease mailing to them.

Xmission has put a lot of energy into this case, and they have actually avoided a lot of the problems I’ve seen in other CAN SPAM cases brought by ISPs. It seems to me that this is a case on principle for them as much as it is about recovering damages. They’re also the first group I’ve seen go after the advertiser (URL owner) as well as the sender. This is a provision in CAN SPAM that I don’t think the FTC has even enforced. We’ll see what happens.

The post 3 new CAN SPAM cases appeared first on Word to the Wise.

]]>
https://wordtothewise.com/2015/06/3-new-can-spam-cases/feed/ 0
Whois privacy protection https://wordtothewise.com/2015/06/whois-privacy-protection/ https://wordtothewise.com/2015/06/whois-privacy-protection/#comments Thu, 25 Jun 2015 00:27:11 +0000 https://wordtothewise.com/?p=8447 I’ve talked about using privacy protection on domains in the past (here, here, here, here, and here). Short version (if you don’t want to check all the old links) is that privacy protection for commercial domains is bad, that’s what spammers do and legitimate email marketers should not hide domains behind privacy protection services. I still believe all of […]

The post Whois privacy protection appeared first on Word to the Wise.

]]>
I’ve talked about using privacy protection on domains in the past (hereherehere, here, and here). Short version (if you don’t want to check all the old links) is that privacy protection for commercial domains is bad, that’s what spammers do and legitimate email marketers should not hide domains behind privacy protection services. I still believe all of these things.

What I’ve never really addressed is that I think privacy protection services are appropriate in some cases and are a reasonable protective measure for individuals.  Over on Spamresource, Al wrote up a great post today about whois privacy protection.

Sometimes people do need anonymity and privacy online. Trusting a registrar’s privacy protection service is probably not your best bet for that. Like Al, we’ve stood in as a “privacy service” for friends and colleagues. It was our name on the domain registrations, and we could contact the appropriate people as needed. They trusted us to forward only the important stuff and we trusted them not to do bad things. This trust doesn’t scale.

Privacy protection services are used by a lot of bad actors to hide their involvement. Companies and commercial entities are tarring their own reputations using privacy protection services.

No real pull quote here, all of Al’s points are too good. So go read the whole thing.

 

The post Whois privacy protection appeared first on Word to the Wise.

]]>
https://wordtothewise.com/2015/06/whois-privacy-protection/feed/ 1
AOL starts using Sender Score Certification https://wordtothewise.com/2015/06/aol-starts-using-sender-score-certification/ https://wordtothewise.com/2015/06/aol-starts-using-sender-score-certification/#comments Tue, 23 Jun 2015 22:08:00 +0000 https://wordtothewise.com/?p=8445 Good news for Sender Score Certified IPs. Return Path recently announced that AOL has joined the list of ISPs offering preferential treatment to certified IPs.  

The post AOL starts using Sender Score Certification appeared first on Word to the Wise.

]]>
Good news for Sender Score Certified IPs. Return Path recently announced that AOL has joined the list of ISPs offering preferential treatment to certified IPs.

 

The post AOL starts using Sender Score Certification appeared first on Word to the Wise.

]]>
https://wordtothewise.com/2015/06/aol-starts-using-sender-score-certification/feed/ 1
Filtering more than spam https://wordtothewise.com/2015/06/filtering-more-than-spam/ https://wordtothewise.com/2015/06/filtering-more-than-spam/#comments Tue, 23 Jun 2015 00:21:18 +0000 https://wordtothewise.com/?p=8441 The obvious application of machine learning for email is to send spam to the junk/bulk folder. Most services use some level of machine learning for filters. Places like Gmail have extensive machine learning filters to filter spam and unwanted mail away from their users. Some organizations are taking the filtering process a step further. Almost […]

The post Filtering more than spam appeared first on Word to the Wise.

]]>
The obvious application of machine learning for email is to send spam to the junk/bulk folder. Most services use some level of machine learning for filters. Places like Gmail have extensive machine learning filters to filter spam and unwanted mail away from their users.

Some organizations are taking the filtering process a step further. Almost every mail client more advanced than PINE has the ability for users to create rules to sort mail into folders.  Late last year, Office 365 rolled out a feature, Clutter that tracks how a user interacts with mail and filters unimportant mail. This allows each user to have their own filters, but without the overhead of having to create the filters.

The Clutter engine looks at both how the user interacts with mail and things it knows about the organization. For example, if Exchange is tied into Active Directory, then mail from a manager will be prioritized while mail from a co-worker may end up in the clutter folder.

Email is a critical business tool. A significant number of companies rely on email for internal and external communication. Many users treat their inbox as a todo list, prioritizing what they work on based on what’s in their mail box. Despite the needs of users, the mail client hasn’t really changed.

Over the last few years, we’ve seen different online services attempt to build a more effective email client. Some of these features were things like tabs and priority inbox at Gmail. Microsoft created the “sweep” feature for Outlook/Hotmail users to manage inbox clutter. Third parties have created services to try and improve the mailbox experience for their users. 

Many of the email filters, up to this point, have really been focused on protecting users from spam and malicious emails. Applying that filtering knowledge to more than just spam, but to the different kinds of emails makes sense to me. I’ve always had a fairly extensive set of filters, initially procmail but now sieve, to process and organize incoming mail. But I kinda like the idea that my mail client learns how I filter messages and do the right thing on its own.

I’d love to see some improvements in the mail client, that make it easier to manage and organize incoming email. It remains to be seen if this is a feature that takes off and makes its way to other clients or not.

 

 

The post Filtering more than spam appeared first on Word to the Wise.

]]>
https://wordtothewise.com/2015/06/filtering-more-than-spam/feed/ 3
Testing your opt-out process https://wordtothewise.com/2015/06/testing-your-opt-out-process/ https://wordtothewise.com/2015/06/testing-your-opt-out-process/#comments Fri, 19 Jun 2015 18:41:55 +0000 https://wordtothewise.com/?p=8432 When was the last time you tested your opt-out process? Did you just click the unsubscribe link to see if the page loaded? How did you confirm the email address was unsubscribed? If you have a Gmail account, Gmail allows you to use unlimited aliases. For example, if your Gmail email address is josh@gmail.com, you […]

The post Testing your opt-out process appeared first on Word to the Wise.

]]>
When was the last time you tested your opt-out process? Did you just click the unsubscribe link to see if the page loaded? How did you confirm the email address was unsubscribed?

If you have a Gmail account, Gmail allows you to use unlimited aliases. For example, if your Gmail email address is josh@gmail.com, you can add the + symbol to your email address to create an alias. An example of an alias would be josh+test1@gmail.com. Sending an email to josh+test1@gmail.com gets delivered to the mailbox for josh@gmail.com.

On your next mailing add a Gmail alias email address like josh+unsubtest06192015@gmail.com to be included with the mailing. After sending the mailing, find the email sent to the alias address and go through the unsubscribe process.  After unsubscribing, log into your ESP or mailing software to confirm that the alias email address was successfully unsubscribed. Testing the unsubscribe process ensures that the landing page for the unsubscribe is working and that your ESP is registering the unsubscribe request.

A few reminders about your unsubscribe page:

  • The unsubscribe link shouldn’t automatically remove the subscriber as some filtering devices scan the links within the message and may automatically unsubscribe the user.
  • Brand the unsubscribe landing page to be similar to your website or the email message.
  • Include the ability to unsubscribe without asking for additional information as this is law in many jurisdictions, including the US.
  • Unsubscribe links must remain active for at least 30 days after a mailing, and the longer the unsubscribe link remains active the better.
  • Provide alternatives to just unsubscribing such as allowing the recipient to put a pause on receiving mail from you or reducing the number of messages they receive from you.

The post Testing your opt-out process appeared first on Word to the Wise.

]]>
https://wordtothewise.com/2015/06/testing-your-opt-out-process/feed/ 1
On Father’s Day https://wordtothewise.com/2015/06/on-fathers-day/ https://wordtothewise.com/2015/06/on-fathers-day/#comments Thu, 18 Jun 2015 19:56:49 +0000 https://wordtothewise.com/?p=8422 I’m on quite a few mailing lists for companies whose main product is sending gifts: food hampers, jewelry, flowers, overpriced desk toys and so on. They tend to ramp up their volume before appropriate holidays such as Christmas, Mother’s Day, Thanksgiving, Valentine’s Day or Father’s Day and target their promotions to those particular holidays. One […]

The post On Father’s Day appeared first on Word to the Wise.

]]>
always be batman

I’m on quite a few mailing lists for companies whose main product is sending gifts: food hampers, jewelry, flowers, overpriced desk toys and so on. They tend to ramp up their volume before appropriate holidays such as Christmas, Mother’s Day, Thanksgiving, Valentine’s Day or Father’s Day and target their promotions to those particular holidays.

One recipient may have a toxic relationship with their Mother and not want to be reminded of Mother’s Day, another may have recently lost their Father and not want to revisit that distress every time they open their mail client in June, yet another may be recently divorced and really not want to see diamonds and roses in their inbox right now.

You should try and avoid sending mail that will distress your recipients. You should do that because you’re a compassionate human and you want to treat your recipients as humans. But if you need an ROI argument to justify the effort needed to do so… those recipients will associate your brand with that distress and then they’ll buy less or they’ll unsubscribe and you’ll lose their business entirely – even if they are interested in and responsive to your offers for the rest of the year.

How do you identify those recipients? Maybe just ask them. Or add an “Unsubscribe from Father’s Day promotions” link next to the “Unsubscribe” link – it’s not hard to do. Help your customers segment your list for you.

The post On Father’s Day appeared first on Word to the Wise.

]]>
https://wordtothewise.com/2015/06/on-fathers-day/feed/ 0
Google Apps for ISPs is gone https://wordtothewise.com/2015/06/google-apps-for-isps-is-gone/ https://wordtothewise.com/2015/06/google-apps-for-isps-is-gone/#comments Wed, 17 Jun 2015 16:29:06 +0000 https://wordtothewise.com/?p=8418 Google Apps for ISPs is being shut down. While this was a scheduled end of life, apparently some users weren’t notified (always keep the contact email address up to date at your vendor!) and other users were told that it would be discontinued in July and were surprised when their service was turned off a month earlier […]

The post Google Apps for ISPs is gone appeared first on Word to the Wise.

]]>
Google Apps for ISPs is being shut down. While this was a scheduled end of life, apparently some users weren’t notified (always keep the contact email address up to date at your vendor!) and other users were told that it would be discontinued in July and were surprised when their service was turned off a month earlier than they expected.

I’ve not seen any reports of mail bouncing due to this yet, but it’s likely that some consumer ISPs will be scrambling to migrate to new email providers and their inbound mail may be a mess for a while. If you see domain-wide problems at consumer domains, check to see if their MXes point at the google aspmx cluster.

It seems to be a rolling shutdown, and some ISPs have apparently had their service extended by a few days or weeks, so issues may start with some domains throughout the month.

The post Google Apps for ISPs is gone appeared first on Word to the Wise.

]]>
https://wordtothewise.com/2015/06/google-apps-for-isps-is-gone/feed/ 2
Yahoo Feedback Loop https://wordtothewise.com/2015/06/yahoo-feedback-loop/ https://wordtothewise.com/2015/06/yahoo-feedback-loop/#comments Mon, 15 Jun 2015 21:34:06 +0000 https://wordtothewise.com/?p=8411 If you are utilizing the Yahoo Complaint Feedback Loop, you should have received an email today about an upcoming change to the CFL. The message received was: “On June 29, 2015, we will transition Yahoo Complaint Feedback Loop (CFL) administration from Return Path to Yahoo Customer Care. We will continue sending spam reports during this […]

The post Yahoo Feedback Loop appeared first on Word to the Wise.

]]>
yahoo

If you are utilizing the Yahoo Complaint Feedback Loop, you should have received an email today about an upcoming change to the CFL.

The message received was:

“On June 29, 2015, we will transition Yahoo Complaint Feedback Loop (CFL) administration from Return Path to Yahoo Customer Care.

We will continue sending spam reports during this transition. However, you will need to save existing CFL information as it will not be available after the transition.

To save the existing CFL information:

  • Go to http://feedbackloop.yahoo.net
  • Sign-in with the email address you used for registration
  • Go to ‘Manage Existing CFLs’ section (3rd tab at the top)
  • Select all the information for existing domains
  • Copy and paste the information to a file for future reference

To add, modify or remove domains post transition, please visit postmaster.yahoo.com.

For any questions, visit our CFL Help page or contact Yahoo Customer Care.”

The CFL Help page can be found at https://help.yahoo.com/kb/SLN3438.html or contact Yahoo via their Customer Care page.

The post Yahoo Feedback Loop appeared first on Word to the Wise.

]]>
https://wordtothewise.com/2015/06/yahoo-feedback-loop/feed/ 0