Industry

Amazon launching new email service WorkMail

Amazon is launching a new email service called Amazon WorkMail. Amazon already offers a Simple Email Service (SES) that allows customers to send outbound-only emails and unlike SES, WorkMail will be a full feature email, calendaring, and client management product. The new WorkMail mail service will compete with enterprise email solutions such as Microsoft Exchange Server. WorkMail will support the Microsoft Exchange ActiveSync protocol, something that Google disabled with Gmail in early 2013, and will include Mobile Device Management and Active Directory Integration. The new service will also utilize Amazon’s AWS Key Management Service that allows the customer to create and control their own encryption keys used to encrypt their data on AWS.
Amazon WorkMail will also scan all incoming and outgoing email for spam, malware, and viruses, however, it’s not clear yet if they are going with a third-party solution or will be creating their own filtering system.

Deliverability, Return Path, List-Unsubscribe Header

Here are a few blog posts covering the email industry from Constant Contact, Return Path, and SpamResource.
Constant Contact posted a blog post about how they measure email deliverability on January 10^th. They started with just tracking bounce backs and using that metric to calculate deliverability but then moved to using seed list through a third-party and report that they get 97% deliverability. Read more at Constant Contact
On January 6^th, Return Path recapped their most read blog posts which includes covering Yahoo’s DMARC Reject Policy, Blacklist Basics, and GMails new FBL and Unsubscribe button. Read more at Return Path
Return Path and SpamResource both have an excellent write-ups about the preference change at Outlook.com/Hotmail regarding the List-Unsubscribe header. Microsoft, like Google, prefers to use mailto instead of http or other URI protocols for the List-Unsubscribe header.

M3AAWG Recommends TLS

SSL or Secure Sockets Layer is protocol designed to provide a secure way of transmitting information between computer systems. Originally created by Netscape and released publicly as SSLv2 in 1995 and updated to SSLv3 in 1996. TLS or Transport Layer Security was created in 1999 as a replacement for SSLv3. TLS and SSL are most commonly used to create a secure (encrypted) connection between your web browser and websites so that you can transmit sensitive information like login credentials, passwords, and credit card numbers.
M³AAWG published a initial recommendation that urges the disabling of all versions of SSL. It has been a rough year for encryption security, first with Heartbleed vulnerability with the OpenSSL library, and again with POODLE which stands for “Padding Oracle on Downgraded Legacy Encryption” that was discovered by Google security researchers in October of 2014. On December 8, 2014 it was reported that TLS implementations are also vulnerable to POODLE attack, however unlike SSLv3, TLS can be patched where as SSL 3.0 has a fundamental issue with the protocol.

Google's Inbox Team answers questions on Reddit

The team behind Google’s new Inbox app did an “Ask us Anything” Q&A with reddit on December 3rd. The team consisted of a Product Manager, Designer, and Software Engineer and for two hours the team answered all sorts of questions.
Most of the questions were about new features or supporting additional email providers and it showed just how new this app is, it’s not quite ready to be your primary email client as Inbox only supports personal Gmail accounts. The Inbox team mentions they are working on supporting additional mail providers but does not give a timeline of when that would be available.
For email marketers, Google Inbox shares the same HTML sanitizer and media queries that Gmail does and when asked about email filtering it was mentioned that the direct marketing community would benefit by having a place for their emails within the Promos tab. They describe the Promo tab as

E-Postage Just Won't Die

E-Postage is back! Wired covers a report from New Scientist. Here’s what they have to say: “Yahoo’s researchers want you to voluntarily slap a one-cent stamp on your outgoing e-mails, with proceeds going to charity, in a bid to cut down on spam. Can doing good really do away with spam, which consumes 33 terawatt hours of electricity every year, not to mention way too much of our time?”
Alex Rubin at Return Path says hold up, wait a minute. He writes: “Our contacts at Yahoo! tell us this idea is purely in the research realm, and is not scheduled for development in Yahoo! Mail. In other words: it isn’t even vaporware and isn’t likely to be a part of the Yahoo! mail system anytime soon.” He goes on to say (I’m paraphrasing) that oops, Yahoo didn’t really intend for this research to become public.
So, apparently, there are no plans for Yahoo to roll out E-Postage today, tomorrow or next week. Nothing to see here, beyond a simple web site and some thoughts from a Yahoo researcher. Some individual’s hopeful vision for the future, not a corporate announcement of an upcoming product.
E-Postage has always been a neat idea, I’ve thought. A neat idea beset by insurmountable problems. First, end users don’t want to pay for the email messages they send, they want all you can eat. With years of webmail providers offering free email access, you’ll have a heck of a time convincing somebody’s grandmother that they have to pony up a nickel to be able to email the grandkids.
Then, answer me this: Who’s going to handle the economics on the back-end? And any time you have a computer storing a resource (like, say, account information for that tiny little bit of money you’ll need to be able to send me an email), that information can be hacked, exploited, stolen. You think spammers are actually going to pony up? Why would they? They’ll just hack into millions of exploitable computers, stealing five cents from everyone along the way, and gleefully shoveling millions of spams into millions of inboxes.
This concept of E-Postage, either paying money to send email, or spending “computational power” to send email, has been kicking around for years. Periodically, some researcher comes up with the idea anew, and suggests that we all immediately adopt their sure fire plan to solve the world’s spam problem, immediately, pennies at a time. These ideas never seem to go anywhere. And that will never change until somebody can actually convince most of the world to adopt their proposed scheme. Will it ever happen? Never say never, but I have no plans to rush out and buy e-Stamps any time soon.
— Al Iverson

Open rates climbing, click rates dropping

Ken Magill reported on a study published by Epsilon (pdf link) on Tuesday. This report shows open rates are climbing but click-through rates are falling.

Political Spam

At Adventures in Email Marketing, there is a post up this morning about political spam. It seems Anna discovered that providing her email address on her voter registration card not only results in political groups sending her email to that address, but also that political email does not have to follow the rules of CAN SPAM. The article ends with a few questions and makes some suggestions.

Verifying email addresses

Over at CircleID Aviram Jenik posts about using email addresses as identification and how that can go horribly wrong if the website does no verification. In his case, the problem is a user who has made a purchase using Aviram’s gmail address and Aviram now has access to the other users personal information. As he explains it:

Botnets

Terry Zink has been posting articles about botnets as traced by Hotmail. I do not often talk about botnets as they are outside my area of expertise. They are not something I deal with, as no one who uses botnets is welcome as a client here.
My clients and I, however, do have to deal with the fallout from botnets. Because of botnets, receiver ISPs are extremely suspicious of mail from any IP address that they have not seen mail from previously. Mail from new IPs is, more often than not, a newly infected Windows machine. This results in mail from new IPs not starting with a reputation of zero but starting with a negative reputation.
Botnets are another example of spammers making it more difficult for mailers with permission to use email.

$234M default judgment against spammers

MySpace has won a 234 million dollar judgment against Walt Rines and Sanford Wallace.
“MySpace has zero tolerance for those who attempt to act illegally on our site,” [MySpace Chief Privacy officer] Nigam said in a statement. “We remain committed to punishing those who violate the law and try to harm our members.”
These are two of the spammers responsible for me learning to read headers and report spam. Both of them have previous judgments against them. Wallace sued AOL to force AOL to accept his mail. Eventually the judge ruled against Cyber Promotions and Wallace.

Followup to EEC spamming

Ken has a followup to his article last week about the EEC spamming.

Email non-viable for acquisition

Chris Marriott over at iMediaConnection talks about all the reasons email is a non-starter as a replacement for direct mail. This is something I have been telling clients for a while now. Chris mentions a number of reasons for why email is not an acquisition tool.

FTC Rulemaking on CAN SPAM

The FTC announced today they will be publishing clarifications to CAN SPAM in the near future. According to the FTC

Postini bug

Ben over at MailChimp has an article talking about a recent experience with Postini and an actual bug that causes Postini to interact badly with another spamfilter and block non-spam.

Links

Venkat posts today about the ruling in the Asis v. Azoogle case. I have not yet had a chance to read the whole ruling, but in talking with Mickey over at SpamSuite it seems to expand the Gordon ruling a bit.
Mickey posts on Intellectual Intercourse about spam received from a recruiting agency trying to get him to hire one of their clients. This spam was amusing in that it contained reference to a bill that Mickey helped defeat years ago.
Box of Meat blog links to a CSO online article graphically demonstrating a botnet. The representation is really helps to understand the scope of the problem.
On Bronto Blog DJ posts about resurrecting old addresses. He has it right when he says: “If you continue to send email to customers that is random and unexpected, there will be consequences.”
Matt at ReturnPath has a couple posts about who should get delivery services and how ReturnPath chooses customers. This is something I end up dealing with occasionally. There are not specific types of companies I refuse to do consulting for. I will generally provide consulting on best practices to any business segment. My one restriction is that I will not provide ISP relations (ie, contacting the ISPs) for companies that do not send opt-in email. This has caused consternation with some potential customers.
Mark Brownlow at No Man is an iland suggests renaming “open rate” as “render rate” in an effort to make it much clearer what “open rates” really measure. Expect to see render rates referred to here on this blog in the future.
Josh talks about suppression list abuse on Deliverability.com. For those of us who use unique addresses for every signup, it quickly becomes clear that there are leaks in the suppression process. I have also seen problems with leaks from subscriptions, so do not think the problem is just in suppressions.

EEC shows how not to send email

The Email Experience Council is the email marketing arm of the Direct Marketing Association. They recently sent out a mailing that demonstrated what not to do when sending email, including:

Sender complaints about spamfiltering

JD posed a question in my post about Postini and trying to sort out a customer getting marked as spam by their filtering mechanism and I think it bears more discussion than can be done in comments.

Finding your relevancy

Ken Magill reported today that Responsys has unveiled a tool to measure the relevancy of email marketing programs. This tool is intended to help marketers implement the advice “be more relevant.”

Email related blog communities

I have recently become aware of 2 new blog communities based around email marketing.
One is a feedburner community Email Marketing Expert
The other is Box of Meat
Enjoy.

Email related laws

I’ve been working on a document discussing laws relevant to email delivery and have found some useful websites about laws in different countries.
US Laws from the FTC website.
European Union Laws from the European Law site.
Two documents on United Kingdom Law from the Information Commissioner’s Office and the Data Protection Laws.
Canadian Laws from the Industry Canada website.
Australian Laws from the Australian Law website.

Blog roundup

Denise Cox has a list of 10 things your signup page should have over on her blog.
The AOL postmaster blog has its first post up talking about bounces.
BeRelevant has a great blog with lots of suggestions email best practices.
Mark Brownlow had a great post this weekon moving the unsubscribe button to the top of your newsletter to make it easy for customers to unsubscribe. The comments are a must read as well, including one commenter that saw the number of ‘this is spam’ hits go down when he moved the unsubscribe link to the top of the email.

FBLs, complaints and unsubscribes

On one of my mailing lists there was a long discussion about the Q Interactive survey. Some of the senders on the list were complaining that unless ISPs provide FBLs they should not use complaints to make filtering decisions. The sender perspective is that it isn’t fair for the ISPs to have data and use it without sharing it back so that the senders could remove complainers.
This deeply, deeply misses the point.
The ISPs are in the business of keeping their users happy. Part of that is measuring how users react to mail. This includes providing “report spam” or similar buttons when they control the interface. Some ISPs have chosen to share that data back with senders. Some ISPs have made the choice not to share that information back.
But even the ISPs that share FBL data with senders do not expect that the only thing a sender will do is remove the email address. ISPs expect senders to actually pay attention, to not send mail that their recipients do not want. They expect that ESPs are going to notice that one customer has consistently high complaint rates and actually force their customer to stop sending mail that recipients think is spam.
Senders should keep track of complaint rates. Measure them per send. Do not waste time whining that this ISP or that ISP will not set you up with a FBL. Take the data from those ISPs that do have FBLs and measure it. It is extremely unlikely that a mailing will have grossly different complaint rates between ISPs. You have all the data you need in order to evaluate how your recipients are perceiving your email.
ESPs and senders who think that their only response to FBL complaints should be to remove that email are the ones most likely to have filtering and blocking problems. The ISPs are giving them valuable data that they can use to evaluate how their emails are being received. Instead of being ungrateful, wagging fingers and blaming the ISPs for not giving them the data they want, senders should spend more time focusing on what they can discover from the data that is shared with them.
A FBL email is more than an unsubscribe request, senders should stop focusing on the unsubscribe portion of the FBL process and focus more on the recipient feedback portion of it. What can you learn about your mail from a FBL?

Report spam button broken: an ISP perspective

This press release has been discussed in a lot of groups and sites I read. One of my favorite comments comes from one of the filter developers at a large ISP. He was asked “does the overuse/misuse of the this-is-spam button significantly affect the ability to do your job?” His response, reposted with permission,

Affiliates: what is a company's responsibility

Many of my clients come to me when they end up with delivery problems due to the actions of affiliates. These can either be listings in some of the URL blocklists (either public or private) or escalations of IP based listings. In many of the cases I have dealt with affiliates, the affiliates have sloppy mailing practices or are out and out spammers.
Recently the FTC settled with Cyberheat over their liability for the behaviour of their affiliates. In this settlement Cyberheat is required to monitor their affiliates as follows:

What to expect from your delivery consultant

Every once in a while I get a phone call asking me what delivery consultant do. What can I do for them? How can I help them? Delivery consulting is a very new field and it is understandable a lot of people do not know what we do.
The overall delivery consulting process here a Word to the Wise involves collecting detailed information about your mailing program and your technical setup, like:

e360 v. Comcast: part 2

Yesterday, I talked about e360 filing suit against Comcast. Earlier this week, Comcast responded to the original filing with some filings of their own.

e360 v. Comcast: part 1

A few weeks ago I very briefly touched on the recent lawsuits filed by e360 against Comcast and a group of anti-spammers. In the Comcast suit (complaint here) e360 argues that Comcast is unfairly and incorrectly blocking e360’s email and are liable for damages to e360’s business.
They have a number of claims, including

Ken speaks the truth

Ken Magill has a great article up today about how many marketers expect their ESPs to fix their delivery problems when in reality the marketers policies and practices are the real problem.

Roadrunner turns images off by default

Earlier this week DirectMag published an article talking about RoadRunner blocking images by default. I did talk to someone over at RoadRunner and found out a few more details about this change.
What is happening is that RR is rolling out a new web interface. This interface has both a bulk/spam filter and has images disabled by default.
I do not expect sender to notice this change in the open rates of RoadRunner addresses. Most RoadRunner customers use their own mail client (Outlook, Outlook Express, Thunderbird, etc.) and not the RR web interface. The number of uses this change touches is a very small fraction of the RR users.

Ironport response

Last week I posted about a ESP that had a misconfiguration in their Ironport A60s that let spammers use the A60s to relay email to AOL. Earlier this week, Pat Peterson from Ironport approached me to talk about the problem and clarify what happened.
Ironport has provided me with the following explanation.

Articles I read today

It has been a rather busy day today, I do not have a full blog post. I did see a couple posts come across my RSS feeds. Both of them have content I want to talk about and discuss in a little more detail, as I think they touched on some very interesting issues.
Network World has an article interviewing Mark Risher from Yahoo. The article discusses Yahoo’s use of DomainKeys as part of their inbound mail filtering.
Mickey has an article about how to deal with ISPs when attempting to troubleshoot a blocking issue.
More details and commentary on both articles later this week.

ESP unwittingly used to send spam

Late last week I heard from someone at AOL they were seeing strange traffic from a major ESP, that looked like the ESP was an open relay. This morning I received an email from AOL detailing what happened as relayed by the ESP.

Predictions for 2008

I did not have a lot of predictions for what will happen with email at the beginning of the year so I did not do a traditional beginning of the year post. Over the last 3 – 4 weeks, though, I have noticed some things that I think show where the industry is going.
Authentication. In January two announcements happened that lead me to believe most legitimate mail will be DK/DKIM signed by the end of the year. AOTA announced that approximately 50% of all email was currently authenticated. They did not separate out SPF/SenderID authentication from DK/DKIM authentication, but this still suggests email authentication is being widely adopted. AOL announced they will be checking DKIM on their inbound mail. I expect more and more email will be DKIM signed in response to this announcement.
Filtering. The end of 2007 marked a steady uptick in mail being filtered or blocked by recipient domains. I expect this trend to continue throughout 2008. Recipient domains are rolling out new technology to measure complaints, evaluate reputation and monitor unwanted email in ways that tease out the bad actors from the good. This means more bad and borderline email will be blocked. Over the short term, I expect to see more good email blocked, too, but expect this will resolve itself by Q2/Q3.
Sender Improvements. As the ISPs get better at filtering, I expect that many borderline senders will discover they cannot continue to have sloppy subscription practices and still get their mail delivered. Improved authentication and better filtering let ISPs pin-point blocks. Instead of having to block by IP or by domain, they can block only some mail from a domain, or only some mail from an IP. There are a number of senders who are sending mail that users do not want mixed with mail that recipients do want. Right now, if there is more mail that recipients want in that mix, then ISPs let the mail through. This will not continue to happen through 2008. Senders will need to send mail users actively want in order to see good delivery.
Less is more. A lot of other email bloggers have talked about this, and I will echo their predictions. Less email is more. Send relevant mail that your customers want. Target, target, target. Good mailers will not send offers to their entire database, instead they will send mail to a select portion of their database.
Feedback loops. Use of feedback loops by recipient domains will continue to grow.
Mobile email. More recipients will be receiving email on mobile devices.
Suggestions for 2008

SenderScore Certified expands

ReturnPath announced yesterday that SenderScore Certified now covers 1.2 billion inboxes, including mail handled by Hotmail, Time Warner Cable, GoDaddy and eventually Yahoo. A number of filters are also using SSC, including Spam Assassin, IronPort Systems, Barracuda Networks and Cloudmark.

e360 in court again

Today’s edition of Magilla Marketing announced that Dave Linhardt and e360 have sued Comcast. Spamsuite.com has the text of the complaint up.
On the surface this seems quite silly. e360 is alleging a number of things, including that Comcast is committing a denial of service attack against e360 and locking up e360’s servers for more than 5 hours. Additionally, e360 is laying blame at the feet of multiple spam filtering companies, including Spamhaus, Trend Micro and Brightmail.
One of the more absurd claims is that Comcast is fraudulently transmitting ‘user unknown’ messages. At no point do they explain how or why they think this is the case, but simply assert:

Do you know where your addresses go?

Being a deliverability consultant, I end up signing up for a lot of lists and providing email addresses to a lot of different websites I may not normally trust with my email address. The only way to manage the resulting volume of email is using a disposable address system. There are a number of commercial versions, but we built our own system.
Any time I need to sign up with a client, I create a new email address. Part of the address creation process involves making notes about where and when the address was used. When mail is received at any of the email addresses I have used, that email is appended with the data I provided at the time I signed up and forwarded to a mailbox on my main system. If an address ends up compromised or sold and getting too much mail, I can just turn it off. This system allows me to freely hand out addresses, without a large amount of mail ending up in my primary mail box.
Disposable addresses great way to monitor what my clients are doing with my email address. I have found, in at least 2 cases, that my clients are doing nothing wrong, but there are leaks in their process that lets email addresses get out to spammers. My reports of data leaking were the first they knew about any problems with their vendors or customers.
I strongly recommend any marketer who shares any data, include in that data test or seed accounts. Sign up for your own lists, using unique addresses, so that you can see what kind of mail your subscribers are receiving once they sign up at your site. If you are providing data to customers or vendors, include unique test data in each list. If you start getting unexpected mail to those addresses, you can track back to the specific vendor with the data problem.
Your email address list is one of the biggest assets your company has. Protect that asset by monitoring what others are doing with it.

Yahoo and Spamhaus

Yahoo has updated and modified their postmaster pages. They have also put a lot of work into clarifying their response codes. The changes should help senders identify and troubleshoot problems without relying on individual help from Yahoo.
There is one major change that deserves its own discussion. Yahoo is now using the SBL, XBL and PBL to block connections from listed IP addresses. These are public blocklists run by Spamhaus. Each of them targets a different type of spam source.
The SBL is the blocklist that addresses fixed spam sources. To get listed on the SBL, a sender is sending email to people who have never requested it. Typically, this involves email sent to an address that has not opted in to the email. These addresses, known as spamtraps, are used as sentinel addresses. Any mail sent to them is, by definition, not opt-in. These addresses are never signed up to any email address lists by the person who owns the email address. Spamtraps can get onto a mailing list in a number of different ways, but none of them involve the owner of the address giving the sender permission to email them.
Additionally, the SBL will list spam gangs and spam supporters. Spam supporters include networks that provide services to spammers and do not take prompt action to remove the spammers from their services.
The XBL is a list of IP addresses which appear to be infected with trojans or spamware or can be used by hackers to send spam (open proxies or open relays). This list includes both the CBL and the NJABL open proxy list. The CBL list machines which appear to be infected with spamware or trojans. The CBL works passively, looking only at those machines which actively make connections to CBL detectors. NJABL lists machines that are open proxies and open relays.
The Policy Block List (PBL) is Spamhaus’ newest list. Spamhaus describes this list as

SenderScore update

Matt has posted a bit more about the SenderScore Blacklist, following up on my post about the changes at Comcast. George Bilbrey, VP and General Manager, for Return Path followed up with him to explain a bit more about the blacklist. George says:

Best practices and ISPs

A couple articles came out today talking about ISP requirements and how to find them.
EmailInsider talks about ISP best practices and how merely complying with CAN-SPAM is not enough to get good delivery at the ISPs.
Meanwhile, over at ClickZ, Stefan talks about what the ISPs want from you and how to find the information online.

Email standards at the email client

The Email Standards Project launched last week. This group is looking to lobby and encourage companies to make their email clients comply with HTML display standards. They are also identifying how different clients display email with HTML. Check out their website, and see what they’re doing.
I do apologize for the light blogging recently. I have a couple big deadlines on my plate. I hope to get back to regular blogging soon.

Greylisting: that which Yahoo does not do

Over the last couple days multiple people have asserted to me that Yahoo is greylisting mail. The fact that Yahoo itself asserts it is not using greylisting as a technique to control mail seems to have no effect on the number of people who believe that Yahoo is greylisting.
Deeply held beliefs by many senders aside, Yahoo is not greylisting. Yahoo is using temporary failures (4xx) as a way to defer and control mail coming into their servers and their users.
I think much of the problem is that the definition of greylisting is not well understood by the people using the term. Greylisting generally refers to a process of refusing email with a 4xx response the first time delivery is attempted and accepting the email at the second delivery attempt. There are a number of ways to greylist, per message, per IP or per from address. The defining feature of greylisting is that the receiving MTA keeps track of the messages (IP or addresss) that it has rejected and allows the mail through the second time the mail is sent.
This technique for handling email is a direct response to some spamming software, particularly software that uses infected Windows machines to send email. The spam software will drop any email in response to a 4xx or 5xx response. Well designed software will retry any email receiving a 4xx response. By rejecting anything on the first attempt with a 4xx, the receiving ISPs can trivially block mail from spambots.
Where does this fit in with what Yahoo is doing? Yahoo is not keeping track of the mail it rejects and is not reliably allowing email through on the second attempt. There are a couple reasons why Yahoo is deferring mail.

40 email companies

Ken Magill has a post up mentioning the top 40 companies in email marketing. Some highlights:

ISP Postmaster sites

A number of ISPs have email information and postmaster sites available. I found myself compiling a list of them for a client today and thought that I would put up a list here.

How to improve AOL delivery

DMNews interviewed Charles before he left AOL about the state of spam and the challenges for ISPs and how that affects senders. The article was published this week. In it he talks about

Wired editor has enough spam!

Seth Godin links to a post up over on The Long Tail about spammers who send PR mail to Chris Anderson, an editor at wired. Apparently lots of people send automated email to the editor of Wired hawking their latest and greatest product, service or photos.
In response to this overwhelming amount of mail, Chris has instituted a new email acceptance policy. He says

New VP at Goodmail

Charles Stiles, who managed the postmaster team at AOL and was laid off 2 weeks ago, is the new VP of Worldwide Business Development at Goodmail.
Ken Magill mentioned the possibility of Charles moving to Goodmail yesterday.

Changes at AOL Postmaster desk

The recent layoffs at AOL did affect the AOL Postmaster desk, and information I have received is that there was significant loss. As a result of the staff decrease, some changes have been made to the whitelisting and FBL processes. In order for a FBL to be approved it must meet the new FBL guidelines. In a nutshell, anyone wanting to get a FBL from AOL must meet ONE of the following criteria.

Tools for monitoring email

A number of groups provide tools for monitoring email performance.
Some of these tools are provided by ISPs, like Hotmail and AOL have postmaster webpages. Hotmail also provides things like SNDS so you can monitor what Hotmail is seeing about your network.
Al has a new blacklist stats center over at DNSBL.com. Of interest is the accuracy of some of the widely used lists like Spamhaus, Spamcop, and PSBL. Other lists like FiveTen were wildly inaccurate. In fact, Al has shown that blocking mail from any IP with a 7 in it is more accurate (more spam hits, less non-spam hits) than FiveTen.
ReturnPath provides free reputation lookup and monitoring based on the data they acquire.

MAAWG: Sender Best Practices

The MAAWG Sender Subcommittee has published a Sender Best Current Practices document.
This document details what the current best practices in the sending industry are. Summarized the document says:

Busy Busy.

Getting ready to head to MAAWG next week. We leave for the plane in a couple hours. I expect there will be some interesting information coming out of the talks and sessions and will be sharing some of the more interesting bits throughout the week.
Also, Steve has written a new tool to visualize blacklists. He’s put up a beta version. It still has a few bugs and missing features, but there are already some interesting patterns in XBL data with it.
The demo installation only displays XBL data (rather than letting you overlay multiple datasets) and is missing search and bookmarking, amongst other things. Enough disclaimers yet?

Yahoo blocks unauthenticated PayPal and eBay Mail

Yahoo announced this morning that over the course of the next few weeks Yahoo would roll out a new feature to their email that blocks any unauthenticated email from eBay and PayPal.
In a blog post Nikki Dugan says:

Marketing and Delivery blogs

Mark Brownlow links to a number of marketing and delivery blogs over at his website. Different perspectives and different thoughts will give you the tools to create the best email marketing campaign for your business.

IP Reputation Portability

Matt posted a discussion of the portability of IP reputation over at his EmailKarma blog.
I have heard about Hotmail/MSN’s claim that if you add your new IPs to your SPF/SenderID record and send from your old IPs that your old IP reputation will transfer to your new IPs. I’ve not heard it working in practice, but it really can’t hurt to add your new IPs to your records as soon as you know what they are.

419 … over live chat?

MailChimp’s customer service people were contacted by what appears to be a King selling monkeys.
I want to get permission part II up today, but this was just so funny I had to share.

Goodmail

Goodmail made a splash on the email marketing and ISP industries a few years ago by announcing their CertifiedEmail program. They guaranteed that using their certification would result in email going directly to the inbox, and all images in the email would be displayed by default. Senders using Goodmail would pay money, per message, and Goodmail would split that money with the receiving ISP.
This sounds very much like a situation where everyone wins. The senders get their mail to the inbox with images turned on. The receiving ISPs get a little money to deliver email and offloads some of their sender screening onto a third party. Individual recipients know that this email is certified and that it’s safe to click on links in the email.
In the time since CertifiedEmail has been announced, however, there seems to be very little adoption. Sure, receivers do seem to be signing up, a little. AOL and Yahoo have been using CertifiedEmail for a while. In summer 2007, a number of cable providers announced they would be using CertifiedEmail as well.
Senders, on the other hand, don’t seem to be adopting this as fast as Goodmail might like. The Federal Government recently announced they would be sending email signed by Goodmail and some large online companies, Overstock.com among them, are also sending with certified email. In order to get more companies to sign up for CertifiedEmail, Goodmail announced in August 2007 that they had partnered with CheetahMail, Episilon and Axciom Digital to provide free CertifiedEmail to qualifying customers of those ESPs.
Why might companies not be adopting CertifiedEmail? I have a couple of thoughts.