Permission
The key to improving deliverability
According to the UK DMA, marketers report improvements in deliverability after GDPR went into effect.
Read MoreExplicit consent
I’m working on a blog post about correlation and causation and how cleaning a list doesn’t make it opt-in and permission isn’t actually as outdated as many think and is still important when it comes to delivery. Today is a hard-to-word day, so I headed over to twitter. Only to find someone in my personal network re-tweeted this:
Read MoreDelivery is not dependent on authentication
All too often folks come to me with delivery problems and lead off with all of the things they’ve done to send mail right. They assure me they’re using SPF and DKIM and DMARC and they can’t understand why things are bad. There is this pervasive belief that if you do all the technical things right then you will reach the inbox.
Read MoreThe many meanings of opt-in
An email address was entered into our website
An email address was associated with a purchase on our website.
Read MoreOne subscription should equal one unsubscription
One of the side effects of using tagged addresses to sign up for things is seeing exactly what companies do with your data once they get it.
Read MoreYeah… don’t do that
Never add someone to a mailing list without giving them a heads up that you’re doing it. It’s just uncool and rude. For example, I have been contacting some vendors about some work we need done. One of them has yet to answer my inquiry, but has already added me to their newsletter. Even worse, I had no idea submitting a form asking about their services would get me on their mailing list.
Read MoreConsent must be informed
In the deliverability space we talk about permission and consent a lot. All too often, though, consent is taken not given. Marketers and senders assume they have permission to send email, while the recipient is left expecting no email.
Read MoreJuly 2017: The month in email
August is here, and as usual, we’re discussing spam, permissions, bots, filters, delivery challenges, and best practices.
One of the things we see over and over again, both with marketers and with companies that send us email, is that permission is rarely binary — companies want a fair amount of wiggle room, or “implied permission” to send. There are plenty of examples of how companies try to dance around clear permissions, such as this opt form from a company we used to do business with. But there are lots of questions here: can you legitimately mail to addresses you haven’t interacted with in 5 years? 10 years? What’s the best way to re-engage, if at all?
We frequently get questions about how to address deliverability challenges, and I wrote up a post about some of the steps we take as we help our clients with this. These are short-term fixes; for long-term success, the most effective strategy is sending email that people want and expect. Engagement is always at the core of a sustainable email program.
We’ve also discussed the rise of B2B spam, and the ways in which marketing technologies contribute to the problem. B2B marketers struggle to use social and email channels appropriately to reach customers and prospects, but still need to be thoughtful about how they do it. I also wrote about some of the ways that marketing automation plugins facilitate spam and how companies should step up to address the problem. Here’s an example of what happens when the automation plugins go awry.
I wrote a few posts about domain management and the implications for security and fraud. The first was about how cousin domain names can set users up for phishing and fraud, and the second was a useful checklist for looking at your company’s domain management. We also looked at abuse across online communities, which is an increasing problem and one we’re very committed to fighting.
I also highlighted a few best practices this month: guidelines for choosing a new ESP and active buttons in the subject line for Gmail.
And finally, we celebrated the 80th birthday of the original SPAM. If you’re a regular reader of this blog, you probably already know why unwanted email is called SPAM, but just in case, here’s a refresher….
Implied permission
Codified into law in CASL, implied permission describes the situation where a company can legally mail someone. The law includes caveats and restrictions about when this is a legitimate assumption on the part of the company. It is, in fact, a kludge. There isn’t such a thing as implied permission. Someone either gives you permission to send them email or they don’t.
We use the term implied permission to describe a situation where the recipient didn’t actually ask for the mail, but isn’t that bothered about receiving it. The mail is there. If it has a particularly good deal the recipient might buy something. The flip side of not being bothered about receiving mail, is not being bothered about not receiving mail. If it’s not there, eh, no biggie.
Implied permission isn’t real permission, no matter what the law says.
Now, many deliverability folks, including myself, understand that there are recipients who don’t mind getting mail from vendors. We know this is a valid and effective way of marketing. Implied permission is a thing and doesn’t always hurt delivery.
However, that does not mean that implied permission is identical to explicit permission. It’s one of the things I think CASL gets very right. Implied permission has a shelf life and expires. Explicit permission doesn’t have a shelf life.
Implied permission is real, but not a guarantee that the recipient really wants a particular email from a sender, even if they want other emails from that sender.
Delete or read?
This week I attended a Data Visualization workshop presented by the Advanced Media Center at UC Berkeley. Every year I set at least one professional development goal; this year it’s learning how to better communicate visually.
Part of the class included other resources, which led me to Nathan Yau’s website. One of the articles on the front page of his site is titled “Email Deletion Flow Chart.” Well, of course I had to read the post.
Permission trumps good metrics
Most companies and senders will tell you they follow all the best practices. My experience says they follow the easy best practices. They’ll comply with technical best practices, they’ll tick all the boxes for content and formatting, they’ll make a nod to permission. Then they’re surprised that their mail delivery isn’t great.
Read MoreFebruary 2017: The Month In Email
Happy March!
As always, I blogged about best practices with subscriptions, and shared a great example of subscription transparency that I received from The Guardian. I also wrote about what happens to the small pool of people who fail to complete a confirmed opt-in (or double opt-in) subscription process. While there are many reasons that someone might not complete that process, ultimately that person has not given permission to receive email, and marketers need to respect that. I revisited an older post on permission which is still entirely relevant.
Speaking of relevance, I wrote about seed lists, which can be useful, but — like all monitoring tools — should not be treated as infallible, just as part of a larger set of information we use to assess deliverability. Spamtraps are also valuable in that larger set of tools, and I looked at some of the myths and truths about how ISPs use them. I also shared some thoughts from an industry veteran on Gmail filtering.
On the topic of industry veterans, myths and truths, I looked at the “little bit right, little bit wrong” set of opinions in the world of email. It’s interesting to see the kinds of proclamations people make and how those line up against what we see in the world.
We attended M3AAWG, which is always a wonderful opportunity for us to catch up with smart people and look at the larger email ecosystem and how important our work on messaging infrastructure and policy really is. I was glad to see the 2017 Mary Litynski Award go to Mick Moran of Interpol for his tireless work fighting abuse and the exploitation of children online. I also wrote about how people keep wanting to quote ISP representatives on policy issues, and the origin of “Barry” as ISP spokesperson (we should really add “Betty” too…)
Steve took a turn as our guest columnist for “Ask Laura” this month with a terrific post on why ESPs need so many IP addresses. As always, we’d love to get more questions on all things email — please get in touch!
End of an era
A few moments ago, I cancelled one of my email addresses. This is an address that has been mine since somewhere around 1993 or 4. It was old enough to vote. And now it’s no more.
I am not even sure why I kept it for so long. It was my dialup account back when I was in grad school in Delaware. When I moved to Madison to work at the university, I kept it as a shell account and email address. I gave it up as my primary email address about the time it was bought by a giant networking company. By then I had my own domain and a mail server living behind the futon in the living room. That was back when we started WttW, somewhere around 2002.
15 years the address has mostly laid dormant. I used it for a couple yahoo groups accounts, but just lists that I lurked on.
I did use it as research for some past clients, typically the ones using affiliate marketers. “Our affiliates only ever send opt in mail!” Yeah, no. See, look, your affiliate is spamming me. My favorite was when said customer put me on the phone with the affiliate.
From the archives: Taking Permission
From February 2010, Taking Permission.
Permission is always a hot topic in email marketing. Permission is key! the experts tell us. Get permission to send email! the ISPs tell us.
Marketers have responded by setting up processes to “get” permission from recipients before adding them to mailing lists. They point to their privacy polices and signup forms and say “Look! the recipient gave us permission.”
In many cases, though, the permission isn’t given to the sender, permission is taken from the recipient.
Yes, permission is being TAKEN by the sender. At the point of address collection many senders set the default to be the recipient gets mail. These processes take any notion of giving permission out of the equation. The recipient doesn’t have to give permission, permission is assumed.
This isn’t real permission. No process that requires the user to take action to stop themselves from being opted in is real permission. A default state of yes takes the actual opt-in step away from the recipient.
Permission just isn’t about saying “well, we told the user if they gave us an email address we’d send them mail and they gave us an email address anyway.” Permission is about giving the recipients a choice in what they want to receive. All too often senders take permission from recipients instead of asking for permission to be given.
Since that post was originally written, some things have changed.
CASL has come into effect. CASL prevents marketers from taking permission as egregiously as what prompted this post. Under CASL, pre-checked opt-in boxes do not count as explicit permission. The law does have a category of implicit permission, which consists of an active consumer / vendor relationship. This implicit permission is limited in scope and senders have to stop mailing 2 years after the last activity.
The other change is in Gmail filters. Whatever they’re doing these days seems to really pick out mail that doesn’t have great permission. Business models that would work a few years ago are now struggling to get to the inbox at Gmail. Many of these are non-relationship emails – one off confirmations, tickets, receipts. There isn’t much of a relationship between the sender and the recipient, so the filters are biased against the mail.
Permission is still key, but these days I’m not sure even informed permission is enough.
June 2016: The Month in Email
We’re officially halfway through 2016, and looking forward to a slightly less hectic month around here. I hope you’re enjoying your summer (or winter, for those of you in the Southern Hemisphere).
Permission: Let’s Talk Facts
I’ve commented in the past about how I can usually tell when an ISP makes filtering changes because all my calls relate to that ISP. The more recent contender is Gmail. They made changes a few months ago and a lot of folks are struggling to reach the inbox now. What I’m seeing, working with clients, is that there are two critical pieces to getting to the gmail inbox: permission and engagement.
Read MoreWho owns the inbox
One of the questions asked of my panel during Connections 16 last month was who owns the inbox.
Read MoreNecessary but not sufficient
With all the emphasis on getting the technical right, there seem to be people who think their mail will be delivered as long as the technical is right.
Getting the technical right is necessary for good inbox delivery, but it’s not sufficient.
The most important part of getting mail to the inbox is sending mail users want. In fact, if you’re sending mail folks want, interact with and enjoy then you can get away with sloppy technical bits. Look, major players (eBay and Intuit) have invalid SPF records, but we’re all still getting mail from them.
There are also a lot of folks who are doing everything technically perfectly, but their mail is still going to bulk. Why? Because their recipients don’t want their mail.
Permission is still the key to getting mail to the inbox. In fact, permission is more important than getting all the technical bits right. If you have permission you can play a little fast and loose with the technical stuff. If you have the technical stuff right you still need permission.
It's still spam
Companies are always trying to find new ways to use and abuse email. My mailbox has been rife with mail from companies trying to sell me stuff for my business. It’s been interesting to watch the new ways they’re trying to get attention, while not honoring the most important rule of email marketing.
Fraud, terms of service and email marketing
Here at the Atkins house we’re still both recovering from the M3AAWG plague. I don’t know what it was that we shared during the conference, but it’s knocked many folks over. I don’t have a lot to blog about this afternoon so I was looking through some of my old blog posts to get at least some content up before I give up for the weekend.
I found an old post about permission (Permission: It May Not Be What You Think It Is). The post discusses where a woman sued Toyota over emails from an online marketing campaign. I’d totally forgotten about that blog post, so I started looking at what happened with the case.
In the original case Toyota created a social media campaign where people could opt their friends in to be the target of a prank.
Purchased Lists and ESPs
After some thought, I’ve decided to remove a few ESPs from this list based on personal experience with them allowing customers to send to purchased lists. If your company has disappeared and you want to come back, you’ll need to actually stop the spam coming from your network. Every company that’s been removed has received a complaint from me specifically mentioning the address was purchased and allowed that same customer to continue spamming the same address. Deal with your spam and we can talk about reinstatement.
Read MoreOld Lists and RadioShack
RadioShack is putting their assets up for sale including more than 65 million customer records and 13 million email addresses. Many are up in arms about the sale of personal data including the Texas Attorney General and AT&T who both want the data destroyed.
Part of the controversy is that RadioShack’s privacy policy states the collected data will be only used by RadioShack and its affiliates and that they will not “sell or rent your personally identifiable information to anyone at any time”. Company acquisitions happen all the time and data like this is often sold to the new owner and the sale of customer data is common. The problem with RadioShack selling the customer data is that their privacy policy states they will never sell the information.
RadioShack was one of the first companies to ask for personal information at checkout, sometimes refusing a sale without providing it and the collection of data during checkout caught on quickly. Having demographic information for retargeting of customers is extremely valuable to marketers, but only if it’s valid data. With RadioShack, people often lie about their zip code and if they are giving incorrect zip codes I’m pretty sure their email address isn’t going to be valid either. Even Kramer asks why does RadioShack ask for your phone number…
https://www.youtube.com/watch?v=WgfaYKoQxzQ
If a client asked if this was a good investment and if the list had value, I would tell them no. Sending to this list will have poor delivery because the data is dirty and the lack of a clear opt-in is going to be problematic especially since a RadioShack customer is not expecting to receive mail from you. Many ESPs have policies prohibiting sending to a purchased list and doing so will hurt your relationship with the ESP.
If a client had already purchased the list and wanted to send to it, I would tell them their reputation is going to take a significant hit and I would discourage them from sending. The list is going to be full of domains that no longer exist and contain abandoned email addresses including ones that have been turned into spam traps.
When preparing to send to a new list of email addresses, I go through this process:
Spam is about invading other people's space
At the recent Sendgrid Emailmatter’s conference Sally Lehman advised attendees to “Treat someone’s inbox like it was their home.” This is advice I’ve been giving clients for a long time. I think it’s even more relevant now as so many people have data enabled phones and are checking email so frequently. It’s not just their home, it’s their personal space they can take with them.
Seanan McGuire, a friend and NY Times bestselling author, wrote a blog post today about how she views promotion and marketing as an artist and someone who is expected to promote her work. She also talks about what it feels like to be a target of promotion and offers some advice about how to promote your products online. She talks about how she, as an author and creative type, is expected to do some level of self promotion and how that promotion is done in her space – whether that space be on twitter or her blog.
CASL is more privacy law than anti-spam law
Michael Geist, a law professor in Canada, writes about the new CASL law, why it’s necessary and why it’s more about privacy and consumer protection than just about spam.
Read MoreSending mail to the wrong person, part eleventy
Another person has written another blog post talking about their experiences with an email address a lot of people add to mailing lists without actually owning the email address. In this case the address isn’t a person’s name, but is rather just what happens when you type across rows on they keyboard.
These are similar suggestions to those I (and others) have made in the past. It all boils down to allow people who never signed up for your list, even if someone gave you their email address, to tell you ‘This isn’t me.” A simple link in the mail, and a process to stop all mail to that address (and confirm it is true if someone tries to give it to you again), will stop a lot of unwanted and unasked for email.
Some content is just bad; but it doesn't have to be
There are a few segments in the marketing industry that seem to acquire senders with bad mailing practices. Nutraceuticals, male performance enhancing drugs, short term or payday loans and gambling have a lot of senders that treat permission as optional. The content and the industry themselves have garnered a bad reputation.
This makes these industries extremely difficult for mailers who actually have permission to send that content to their recipients. Working with this kind of sender, sometimes it seems impossible to get mail delivered to the inbox, no matter what the level of permission. Even when it’s double confirmed opt-in with a cherry on top, all the care in the world with permission isn’t enough to get inbox delivery.
This doesn’t have to be the case. Look at the porn industry. Early on in the email marketing arena there was a lot of unsolicited image porn. A Lot. So much that complaints by recipients drove many ISPs to disable image loading by default. The legitimate porn companies, though, decided unsolicited image porn was bad for the industry as a whole. Porn marketers and mailers adopted fairly strong permission and email address verification standards.
It was important for the porn marketers that they be able to prove that the person they were mailing actually requested the email. The porn marketers took permission seriously and very few companies actually send photographic porn spam these days. Even the “Russian girls” spam doesn’t have not safe for work images any longer.
Because of their focus on permission, in some cases revolving around age of consent in various jurisdictions, the porn industry as a whole is not looked at as “a bunch of spammers.” Porn content isn’t treated as harshly as “your[sic] pre-approved for a wire transfer” or “best quality drugs shipped overnight.”
Just having offensive content isn’t going to get you blocked. But having content that is shared by many other companies who don’t care about permission, will cause delivery headache after delivery headache. This is true even when you are the One Clean Sender in the bunch.
Email verification – what are we verifying
One of the ongoing discussions in the email space is the one about address verification. Multiple companies have sprung up to do “real time” email address verification. They ensure that addresses collected at the point of sale are valid.
But what does valid mean? In most of these contexts, valid means that the addresses don’t bounce and aren’t spam traps. And that is one part of validating email addresses.
That isn’t the only part, though. In my opinion, an even more important thing to validate is that the email address belongs to the person giving it to you. The Consumerist has had an ongoing series of articles discussing people getting mis-directed email from various companies.
Today the culprit is AT&T, who are sending a lot of personal information to an email address of someone totally unconnected to that account. There are a lot of big problems with this, and it’s not just in the realm of email delivery.
The biggest problem, as I see it, is that AT&T is exposing personally identifiable information (PII) to third parties. What’s even worse, though, is that AT&T has no process in place for the recipient to correct the issue. Even when notified of the problem, support can’t do anything to fix the problem.
Dr. Livingston, I presume?
I linked to Al’s post about misdirected emails and how annoying it is for people who receive emails. I’ve previously talked about the problems associated with not handling misdirected emails properly.
It’s really annoying getting email that you never signed up for. For instance, one of my email addresses gets quite a bit of misdirected email. Oddly enough, much of this mail comes addressed to “Mrs. Christine Stelfox” and advertises various services. The problem is, I’m not Mrs. Christine Stelfox and I don’t live in the UK.
I’ve been getting this misdirected email for a while. In fact, I’ve even tried to track down the source of this just to make it stop. But I can’t seem to get that to happen. The senders tell me simply that I opted in, and that if I want to opt-out, here’s a link. Sometimes I have more luck contacting ESPs, but not always.
In fact, recently I reported spam to Mrs. Stelfox to a European based ESP. I got a response from their delivery head, who asked a lot of questions about the email address. What kind of spamtrap was it? How long had I had it? Is it possible it’s a recycled address? It’s really not, though. It’s an address I’ve had since early 1994, and it’s not really a trap as I still actually use if for some me. But I’ve not used it for commercial email since sometime in the late ’90s. And I’ve certainly never claimed to be a Mrs. Stelfox.
This really isn’t a case where I forgot I signed up. This isn’t a case where someone had the address before me. This is either some confused person using my address or some company in the UK selling my email address as belonging to someone else. I’ve tried to track this down in the past to get off the list of whomever is selling this address. But I’ve never had any luck.
There isn’t a lot of recourse here. I can continue to unsubscribe the addresses, but that doesn’t resolve the underlying problem. The underlying problem is that many marketers think it’s acceptable to purchase (or append) email addresses with no regard for the fact that sometimes their data suppliers are wrong.
It’s not just this one address, either. Another one of my email addresses is being sold as “Mrs. Laura Corbishley” of the UK as well. Sometimes I get the same spam to Mrs. Christine Stelfox and Mrs. Laura Corbishley. Other times I get different spams to each address, possibly because Mrs. Stelfox is behind some commercial email filters and Mrs. Corbishley isn’t.
Misdirected emails are annoying. They’re a problem for the people who keep getting them and can’t make them stop. It’s really important that ESPs, companies that send email and companies that sell email addresses have some way to make that mail stop. It doesn’t matter that half a dozen ESPs have put Mrs. Stelfox in their suppression list. Senders are still purchasing that data and are wasting their money. I am still getting spam.
Do you have child subscribers?
Al has a short, but informative, post up on Spam Resource about privacy groups filing complaints with the FTC about companies violating the Children’s Online Privacy Protection Act (COPPA). Companies who are alleged to have violated COPPA include Nickelodeon, McDonalds and General Mills.
The underlying issue appears to be the presence of “send to a friend” links maintained on kid focused websites. The consumer advocates are alleging that kids don’t understand that when they send things to their friends what they’re sending is actually advertising.
I talk a lot about informed consent, but don’t often touch the idea of consent from minors. But this is a good reminder that there are other laws than CAN SPAM involved when dealing with children.
Permission.
- Permission-ish based email marketing
- Customers want to get mail from us!
- Some thoughts on permission
- Relevance or Permission
- Evangelizing Permission
- Ask; Don’t Assume.
- Taking Permission
MAAWG and email appending
In today’s Magill Report Ken says:
The only surprise in the Messaging Anti-Abuse Working Group’s statement last week condemning email appending was that it didn’t publish one sooner.
Read More
However, MAAWG’s implication that email appending can’t be accomplished without spamming is nonsense.
MAAWG statement on email appending
MAAWG has published their position statement on email appending. It’s pretty explicit in it’s condemnation of the practice.
Read MoreMarketing or spamming?
A friend of mine sent me a copy of an email she received, asking if I’d ever heard of this particular sender. It seems a B2B lead generation company was sending her an email telling her AOL was blocking their mail and they had stopped delivery. All she needed to do was click a link to reactivate her subscription.
The mail copy and the website spends an awful lot of time talking about how their mail is accidentally blocked by ISPs and businesses.
Evangelizing Permission
Last week the Only Influencers email discussion group tackled this question posed by Ken Magill.
Read MorePermission-ish based marketing
My Mum flew in to visit last week, and over dinner one evening the talk turned to email.
Read MoreSome thoughts on permission
A lot of email marketing best practices center around getting permission to send email to recipients. A lot of anti-spammers argue that the issue is consent not content. Both groups seem to agree that permission is important, but more often than not they disagree about what constitutes permission.
For some the only acceptable permission is round trip confirmation, also known as confirmed opt-in or double opt-in.
For others making a purchase constitutes permission to send mail.
For still others checking or unchecking a box on a signup page is sufficient permission.
I don’t think there is a global, over arching, single form of permission. I think context and agreement matters. I think permission is really about both sides of the transaction knowing what the transaction is. Double opt-in, single opt-in, check the box to opt-out area all valid ways to collect permission. Dishonest marketers can, and do, use all of these ways to collect email addresses.
But while dishonest marketers may adhere to all of the letters of the best practice recommendations, they purposely make the wording and explanation of check boxes and what happens when confusing. I do believe some people make the choices deliberately confusing to increase the number of addresses that have opted in. Does everyone? Of course not. But there are certainly marketers who deliberately set out to make their opt-ins as confusing as possible.
This is why I think permission is meaningless without the context of the transaction. What did the address collector tell the recipient would happen with their email address? What did the address giver understand would happen with their email address? Do these two things match? If the two perceptions agree then I am satisfied there is permission. If the expectations don’t match, then I’m not sure there is permission involved.
What are your thoughts on permission?
Relevance or Permission
One of the discussions that surrounds email marketing is whether relevance trumps permission or permission trumps relevance. I believe this entire discussion is built on a false dichotomy.
Sending relevant email is important. Not only do recipients expect mail to be relevant, but the ISPs often make delivery decisions on how relevant their users find your mail. Marketers that send too much irrelevant mail find themselves struggling to get inbox placement.
Permission makes sending relevant mail all that much easier. Sure, really good marketers can probably collect, purchase, beg, borrow and steal enough information to know that their unsolicited email is relevant. But how many marketers are actually that good?
My experience suggest that most marketers aren’t that good. They don’t segment their permission based lists to send relevant mail. They’re certainly not going to segment their non-permission based lists to send relevant mail.
Macy’s, for instance, decided that I would find their Bloomingdales mail relevant. I didn’t, and unsubscribed from both publications, after registering a complaint with their ESP. Had Macy’s asked about sending me Bloomies mail I wouldn’t have opted-in, but I probably wouldn’t have unsubbed from Macy’s mail, too.
So what’s your stand? Does relevance trump permission? Or does permission trump relevance? How much relevant, unsolicited mail do you get? How much irrelevant permission based mail do you get? And what drives you to unsubscribe from a permission based list?
Best practices: a meaningless term
Chad White wrote an article for MediaPost about best practices which parallels a lot of thinking I’ve been doing about how the email marketing industry treats best practices.
Read MoreSpam isn't a best practice
I’m hearing a lot of claims about best practices recently and I’m wondering what people really mean by the term. All too often people tell me that they comply with “all best practices” followed by a list of things they do that are clearly not best practices.
Some of those folks are clients or sales prospects but some of them are actually industry colleagues that have customers sending spam. In either case, I’ve been thinking a lot about best practices and what we all mean when we talk about best practices. In conversing with various people it’s clear that the term doesn’t mean what the speakers think it means.
For me, best practice means sending mail in a way that create happy and engaged recipients. There are a lot of details wrapped up in there, but all implementation choices stem from the answer to the question “what will make our customers happy.” But a lot of marketers, email and otherwise, don’t focus on what makes their recipients or targets happy.
In fact, for many people I talk to when they say “best practice” what they really mean is “send as much mail as recipients will tolerate.” This isn’t that surprising, the advertising and marketing industries survive by pushing things as far as the target will tolerate (emphasis added).
Poor delivery can't be fixed with technical perfection
There are a number of different things delivery experts can do help senders improve their own delivery. Yes, I said it: senders are responsible for their delivery. ESPs, delivery consultants and deliverability experts can’t fix delivery for senders, they can only advise.
In my own work with clients, I usually start with making sure all the technical issues are correct. As almost all spam filtering is score based, and the minor scores given to things like broken authentication and header issues and formatting issues can make the difference between an email that lands in the inbox and one that doesn’t get delivered.
I don’t think I’m alone in this approach, as many of my clients come to me for help with their technical settings. In some cases, though, fixing the technical problems doesn’t fix the delivery issues. No matter how much my clients tweak their settings and attempt to avoid spamfilters by avoiding FREE!! in the subject line, or changing the background, they still can’t get mail in the inbox.
Why not? Because they’re sending mail that the recipients don’t really want, for whatever reason. There are so many ways a sender can collect an email address without actually collecting consent to send mail to that recipient. Many of the “list building” strategies mentioned by a number of experts involve getting a fig leaf of permission from recipients without actually having the recipient agree to receive mail.
Is there really any difference in permission between purchasing a list of “qualified leads” and automatically adding anyone who makes a purchase at a website to marketing lists? From the recipient’s perspective they’re still getting mail they don’t want, and all the technical perfection in the world can’t overcome the negative reputation associated with spamming.
The secret to inbox delivery: don’t send mail that looks like spam. That includes not sending mail to people who have not expressly consented to receive mail.
Check your assumptions
One of the things that prompted yesterday’s post was watching a group of marketers discuss how to get subscribers to give them their “real” or “high value” email addresses. Addresses at free email providers are seen as less valuable than addresses at a place of employment or at a cable company or dialup ISP. The discussion centered around how to incentivize recipients to give up their “actual” email addresses.
The underlying belief is that users don’t use free mail accounts for their important mail, and if a recipient gives a marketer a free mail account as a signup that they will not be reading the mail regularly. Better to get an email address that the recipient checks frequently so there is a better chance at a conversion and sale.
Perfectly acceptable marketing goals, but makes a number of assumptions that I am not sure are valid.
Assumption 1: An email address at a freemail provider is less important to the recipient than a different email address.
Wrong! A sender has no idea if a recipient uses a freemail account exclusively or has another real email address. Many people these days use gmail as their primary account and they don’t check the email account associated with their dialup or broadband provider. For instance I have an email account at AT&T associated with our UVerse TV and internet service, but have never logged in to do anything with email.
Assumption 2: A non freemail address gives better response rates.
Really? I haven’t seen data one way or another saying that different classes of email addresses give better responses. It may be true, but it may not. Some users do have separate accounts for friends and family and marketing mail. In that case, are senders better off in the marketing account? Or in the F&F account where the user may hit the “this is spam” button just because that mail is in the wrong place?
Assumption 3: I’ve been invited in, I get free run of the place
Wrong! Just because you’ve been invited onto the front porch for a glass of lemonade, doesn’t mean you’re welcome in the bedroom. Marketing is all about pushing limits and getting more and more from recipients, but in email marketing the recipients get to hit the “this is spam” filter and stop delivery of that email. Limit pushing in email may result in all out blocks and zero inbox delivery, rather than causing a massive increase in sales.
Assumption 4: Incentivized permission is the same as real permission
Wrong! Just because a subscriber hits the “give me a coupon” or “enter me in the drawing” link does not mean they want mail from that sender. What it really means is the recipient wants a chance to win something or get $5 off their next purchase. Just because they closed the loop to get an incentive does not mean the sender gets a free pass through spam filters or is exempt from having their mail marked as spam.
The marketing relationship between sender and recipient is a lot more balanced than any other direct marketing relationship. The sender can’t ignore the recipients’ preferences over the long term without suffering delivery problems. Many email marketers, particularly those that didn’t start in email, forget that the relationship is different and marketers have to respect the recipient.
Taking permission
Permission is always a hot topic in email marketing. Permission is key! the experts tell us. Get permission to send email! the ISPs tell us.
Read MorePermission versus forgiveness
Stephanie at Return Path has a great blog post on permission and how permission is an ongoing process not a one time thing. There were a couple statements that really grabbed my attention.
Read MoreTWSD: Using FOIA requests for email addresses
Mickey has a good summary of what’s going on in Maine where the courts forced the Department of Inland Fisheries and Wildlife to sell the email addresses of license purchasers to a commercial company.
There isn’t permission associated with this and the commercial company has no pretense that the recipients want to receive mail from them. This is a bad idea and a bad way to get email addresses and is no better than spammers scraping addresses from every website mentioning “fishing” or “hunting.”
Click-wrap licenses again
Earlier this week ARS Technica reported on a ruling from the Missouri Court of Appeals stating that terms and conditions are enforceable even if the users are not forced to visit the T&C pages. Judge Rahmeyer, one of the panel members, did point out that the term in question, under what state laws the agreement would be enforced, was not an unreasonable request. She “do[es] not want [their] opinion to indicate that consumers assent to any buried term that a website may provide simply by using the website or clicking ‘I agree.'”
What does this have to do with email? Well, it means that reasonable terms in the agreements may still be binding even if the user does not read the full terms of the opt in before submitting an email address. In practical terms, though, there’s very little that has changed. Hiding grants of permission deep in a terms document has long been a sneaky trick practiced by spammers and list sellers. Legitimate companies already make terms clear so that users know what type of and how much mail to expect by signing up to a list. They also know that the legal technicalities of permission are not as important as meeting the recipients expectations.
What she said
Jamie Tomasello on the Cloudmark Blog:
ESPs who require and enforce best permission practices should be applying peer and industry pressure within the ESP community to adopt these policies. Ultimately, ESPs need to take responsibility for their clients’ practices. If you are aware that your clients are engaging in questionable or bad practices, address those issues before contacting an ISP or anti-spam vendor to resolve the issue.
Read More
Permission: it may not be what you think it is
I’ve talked frequently about permission on this blog, and mentioned over and over again that senders should correctly set expectations at the time they collect permission. Permission isn’t permission if the recipient doesn’t know what they’re agreeing to receive.
Read MorePermission is not a legal concept
One trap I see companies fall into when looking at opt-in and permission is they seem to think that permission is a blanket thing. They believe permission can be bought and sold by the companies that collected email addresses.
Read MoreEngaging recipients critical for delivery
One of the issues I have touched on repeatedly is the changing face of blocking and filtering at ISPs. Over the last 12 – 18 months, large, end-user ISPs have started rolling out more and more sophisticated filters. These filters look at a lot of things about an email, not just the content or the sending IP reputation or URLs in the message but also the recipient profile. Yes, ISPs really are measuring how engaged recipients are with a sender and, they are using that information to help them make blocking decisions.
There were two separate posts on Friday related to this.
Mark Brownlow has a great blog post speculating about a number of things ISPs might be looking at when making decisions about what to do with an incoming email. He lists a number of potential measurements, some of which I can definitively confirm are being measured by ISPs.
Political Spam
At Adventures in Email Marketing, there is a post up this morning about political spam. It seems Anna discovered that providing her email address on her voter registration card not only results in political groups sending her email to that address, but also that political email does not have to follow the rules of CAN SPAM. The article ends with a few questions and makes some suggestions.
Read MoreThat's spammer speak
I’ve been hearing stories from other deliverability consultants and some ISP reps about what people are telling them. Some of them are jaw dropping examples of senders who are indistinguishable from spammers. Some of them are just examples of sender ignorance.
“We’re blocked at ISP-A, so we’re just going to stop mailing all our recipients at ISP-A.” Pure spammer speak. The speaker sees no value in any individual recipient, so instead of actually figuring out what about their mail is causing problems, they are going to drop 30% of their list. We talk a lot on this blog about relevancy and user experience. If a sender does not care about their email enough to invest a small amount of time into fixing a problem, then why should recipients care about the mail they are sending?
A better solution then just throwing away 30% of a list is to determine the underlying reasons for delivery issues, and actually make adjustments to address collection processes and user experience. Build a sustainable, long term email marketing program that builds a loyal customer base.
“We have a new system to unsubscribe people immediately, but are concerned about implementing it due to database shrink.” First off, the law says that senders must stop mailing people that ask. Secondly, if people do not want email, they are not going to be an overall asset. They are likely to never purchase from the email, and they are very likely to hit the ‘this is spam’ button and lower the overall delivery rate of a list.
Let people unsubscribe. Users who do not want email from a sender are cruft. They lower the ROI for a list, they lower aggregate performance. Senders should not want unwilling or unhappy recipients on their list.
“We found out a lot of our addresses are at non-existent domains, so we want to correct the typos.” “Correcting” email addresses is an exercise in trying to read recipients minds. I seems intuitive that someone who typed yahooooo.com meant yahoo.com, or that hotmial.com meant hotmail.com, but there is no way to know for sure. There is also the possibility that the user is deliberately mistyping addresses to avoid getting mail from the sender. It could be that the user who mistyped their domain also mistyped their username. In any case, “fixing” the domain could result in a sender sending spam.
Data hygiene is critical, and any sender should be monitoring and checking the information input into their subscription forms. There are even services which offer real time monitoring of the data that is being entered into webforms. Once the data is in the database, though, senders should not arbitrarily change it.
Signup forms and bad data
One thing I frequently mention, both here on the blog and with my clients, is the importance of setting recipient expectations during the signup process. Mark Brownlow posted yesterday about signup forms, and linked to a number of resources and blog posts discussing how to create user friendly and usable signup forms.
As a consumer, a signup process for an online-only experience that requires a postal address annoys and frustrates me to no end. Just recently I purchased a Nike + iPod sport kit. Part of the benefit to this, is free access to the Nike website, where I can see pretty graphs showing my pace, distance and time. When I went to go register, however, Nike asked me to give them a postal address. I know there are a lot of reasons they might want to do this, but, to my mind, they have no need to know my address and I am reluctant go give that info out. An attempt to register leaving those blanks empty was rejected. A blatantly fake street address (nowhere, nowhere, valid zipcode) did not inhibit my ability to sign up at the site.
Still, I find more and more sites are asking for more and more information about their site users. From a marketing perspective it is a no-brainer to ask for the information, at least in the short term. Over the longer term, asking for more and more information may result in more and more users avoiding websites or providing false data.
In the context of email addresses, many users already fill in random addresses into forms when they are required to give up addresses. This results in higher complaint rates, spamtrap hits and high bounce rates for the sender. Eventually, the sender ends up blocked or blacklisted, and they cannot figure out why because all of their addresses belong to their users. They have done everything right, so they think.
What they have not done is compensate for their users. Information collection is a critical part of the senders process, but some senders seem give little thought to data integrity or user reluctance to share data. This lack of thought can, and often does, result in poor email delivery.
Social network sends spam
Yesterday we talked about social networks that harvest the address books of registered users and send mail to all those addresses on behalf of their registered user. In the specific case, the registered user did not know that the network was going to send that mail and subsequently apologized to everyone.
That is not the only way social networks collect addresses. After I posted that, Steve mentioned to me that he had been receiving invitations from a different social network. In that case, the sender was unknown to Steve. It was random mail from a random person claiming that they knew each other and should network on this new website site. After some investigation, Steve discovered that the person making the invitation was the founder of the website in question and there was no previous connection between them.
The founder of the social networking site was harvesting email addresses and sending out spam inviting people he did not know to join his site.
Social networking is making huge use of email. Many of my new clients are social networking sites having problems delivering mail. Like with most things, there are some good guys who really do respect their users and their privacy and personal information. There are also bad guys who will do anything they can to grow a site, including appropriating their users information and the information of all their users correspondents.
It is relatively early in the social networking product cycle. It remains to be seen how much of an impact the spammers and sloppier end will have. If too much spam gets through, the spam filters and ISPs will adapt and social networks will have to focus more on respecting users and potential users in order for their mail to get delivered.
Address harvesting through social networks
The next killer ap on the Internet seems to be social networking. Everyone has a great idea for the next facebook or or myspace. All of these sites, though, have to find users. The site will fail if there are no users. One way to get new users is to ask all your current users to invite all their friends to join. This tends to lead to the marketing / product decision to insert functionality into the social networking site which allows current users to upload their address book and the site itself will send out invitations to all your friends and contacts.
This is not actually as great as an idea as it sounds, however. First, you end up with situations like what happened to me this past week. On Wednesday I received the following email:
More about FBLs and unsubscribes
In the comments of the last post, Gary DJ asked an insightful questions and I think my answer probably deserves a broader audience.
Read MoreHow much mail?
Yesterday I had a call with a potential new client. She told me she had a list of 4M Yahoo addresses and she wanted to mail them twice a day. Her biggest concern was that this volume would be too much for Yahoo and her mail would be block solely on volume. As we went through the conversation, she commented that this list is also being used by someone else she knows and they were getting inbox delivery at Yahoo on every mailing.
From other bits of the conversation, I suspect that these are not the only two people using this list, but I have no feel for the volume. But how much email is each person on that list receiving a day?
I have a current client who is in a similar field to the above potential client. I signed up for their list back in December. Since then I have received 1728 emails to the address I used on their site. 4 of those emails have actually been from my clients, the rest were stolen by a partner of theirs and sold off to all sorts of mailers. Yesterday I received 40 emails.
I just cannot see how this is a valid, long term business model. The bulk of these mails are advertising payday and other kinds of loans. Some of them are duplicate offers from the same senders (judged by CAN SPAM addresses) using different From: lines. The mailbox these mails are filtered into is completely useless, it has been swamped by loan offers. I cannot imagine that anyone, even someone looking for a loan, is receptive to this much email. The only thing I can figure is that the mailers believe that if their email is the one at the top of the mailbox at the exact moment the recipient gets most desperate for money in their bank account tomorrow they will make the sale and get paid.
This model is going to be less and less viable as time goes on.
On the permission level, there really is no permission associated with that email address. Sure, I could call up the former client of mine who mailed that address today and challenge them to show me where they got the address and they would probably tell me they bought it from that company over there. But when I submitted my email address to my client’s site, I did not expect to receive offers for Mickey Mouse Collectible Watches. It certainly is not what I signed up for.
Not only is the permission tenuous, but ISPs are moving away from a permission based model for access to their subscribers. What they really care about now is how recipients react to email. An email marketing model based on getting as much email in front of the recipient as possible will be harder and harder to be profitable as ISPs get better at measuring how much their subscribers want email. The mailers who get good delivery are those are able to make the mail interesting, wanted and relevant to recipients.
It is difficult for me to imagine a case where you can make 2 emails a day relevant to 4 million recipients.
Spamfilters are stupid
Ben over at MailChimp writes about spamfilters that are following links in emails resulting in people being unsubscribed from lists without their knowledge. I strongly suggest clients use a 2 step unsubscribe system, that does not require any passwords or information. The recipient clicks on a link in the email and confirms that they do want to be unsubscribed once they get to the unsubscribe webpage.
Even more concerning for me is the idea that people could be subscribed to emails without their knowledge. For some subset of lists, using confirmed (double) opt-in is the best way to make sure that the sender really has permission from the recipient. Now we have a spam filter that is rendering “click here to opt-in” completely useless. I am sure there are ways to compensate for the stupidity of filters. As usual, though, the spammers are doing things which push more work off onto the end user and the legitimate mailers.
Permission, Part 2
Permission Part 1 I talked about the definition of permission as I use it. Before we can talk about how to get permission we need to clarify the type of email that we’re talking about in this post. Specifically, I’m talking about marketing and newsletter email, not transactional email or other kinds of email a company may send to recipients. Also, when I talk about lists I include segments of a database that fit marketing criteria as well as specific list of email addresses.
There are two ways that recipients give permission to receive newsletters or marketing email, explicit permission and implicit permission. Recipients give explicit permission to receive marketing email when they sign up for such email. Implicit permission covers situations where a user provides an email address, either during the course of a purchase, a download or other interaction with a company. There may be some language in the company’s privacy policy explaining that recipients may receive marketing email, but the recipient may not be aware they will receive email.
The easier situation is explicit permission. There are two basic ways a company can gather explicit permission to send marketing email: single opt-in and double (confirmed) opt-in.
Single opt-in: Recipient provides an email address to the sender for the express purpose of receiving marketing email.
Double (or confirmed) opt-in: Recipient provides an email address to the sender for the express purpose of receiving marketing email. The sender then sends an initial email to the recipient that requires a positive action on the part of the recipient (click a link, log into a web page or reply to the email) before the address is added to the sender’s list.
There can be problems with both types of opt-in, but barring fake or typoed email addresses being given to the sender, there is an social contract that the sender will send email to the recipient. I’ll talk about single and double opt-in in later posts.
Implicit permission covers a lot of situations where email is commonly sent in response to a recipient giving the sender and email address. In these cases, though, the recipient may not be aware they are consenting to receive email. This behavior may annoy recipients as well as causing delivery problems for the sender. Common cases of implicit permission include website registration, product purchase and free downloads.
More responsible companies often change implicit opt-in to explicit opt-in. They do this by making it clear to users that they are agreeing to receive email at the point where the user gives the company an email address. Not only is the information about how email addresses will be used in the company’s privacy policy, but there is a clear and conspicuous notice at the point where the user must provide their email address. The recipient knows what the sender will do with the email address and is given the opportunity to express their preferences. If users do agree to receive email, the company will send a message to that recipient with relevant information about how their email address will be used, how often they will receive email and how they can opt-out.
Explicit opt-in is the best practice for building a list, however, there are still companies that successfully use implicit opt-in to build marketing lists. Companies successfully using implicit opt in usually are collecting emails as part of a sales transaction. There is very little incentive for their customers to give them an email address not belonging to the customer.
Outside of purchasers, however, implicit opt-in leaves a company open to getting email addresses that do not actually belong to the person providing the company with the email address. This most often occurs when the sender is providing some service, be it software downloads, music or access to content, in return for a “payment” of a valid email address. In order to protect against users inputting other, valid addresses into the form, the sender must verify that the address actually belongs to their user before sending any sort of marketing email. The easiest way for senders to do this is to send a link to the recipient email. This link can be the download link, or the password to get to restricted content. Because the recipient must be able to receive and act on email, the only addresses the sender has belong to actual users of the site.
In some rare cases, implicit opt-in can be used to build a list that performs well. However, senders must be aware of the risks of annoying their customer base and the recipient ISPs. Mitigating these risks can be done, but it often takes more effort than just using explicit opt-in in the first place.
Permission, Part 1
Before I can talk about permission and how a mailer can collect permission from a recipient to send them email I really need to define what I mean by permission as there are multiple definitions used by various players in the market. Permission marketing was a term coined by Seth Godin in his book entitled Permission Marketing.
The underlying concept beneath permission marketing is that all marketing should be “anticipated, personal and relevant.” Others have defined permission marketing as consumers volunteering or requesting to be marketed to.
When I talk about permission in the email marketing context I mean that the recipient understood *at the time they provided the sender with an email address* that they would receive email from that sender as a result.
Let’s look at some of the relevant parts of that definition.