Spamtrap

Metric Monetization

As a digital channel, email provides a lot of different metrics for marketers to use. Not only can marketers measure things like open and click rates, but they can tie these numbers back to a particular recipient. This treasure trove of information leads to obsessing over making the numbers look good. For good deliverability senders want low bounce rates, low spamtrap rates, and high engagement rates.
These metrics are important because they’re some of the things that filters look at when making delivery decisions. We care about this data because the receiver ISPs care about the data. The ISPs care about this data because they are characteristics of wanted and/or opt in email.

Over the past few years a number of companies sell services selling good metrics.

September 2015: The month in email

September’s big adventure was our trip to Stockholm, where I gave the keynote address at the APSIS Conference (Look for a wrapup post with beautiful photos of palaces soon!) and had lots of interesting conversations about all things email-related.
Now that we’re back, we’re working with clients as they prepare for the holiday mailing season. We wrote a post on why it’s so important to make sure you’ve optimized your deliverability strategy and resolved any open issues well in advance of your sends. Steve covered some similar territory in his post “Outrunning the Bear”. If you haven’t started planning, start now. If you need some help, give us a call.
In that post, we talked a bit about the increased volumes of both marketing and transactional email during the holiday season, and I did a followup post this week about how transactional email is defined — or not — both by practice and by law. I also wrote a bit about reputation and once again emphasized that sending mail people actually want is really the only strategy that can work in the long term.
While we were gone, I got a lot of spam, including a depressing amount of what I call “legitimate spam” — not just porn and pharmaceuticals, but legitimate companies with appalling address acquisition and sending strategies. I also wrote about spamtraps again (bookmark this post if you need more information on spamtraps, as I linked to several previous discussions we’ve had on the subject) and how we need to start viewing them as symptoms of larger list problems, not something that, once eradicated, means a list is healthy. I also posted about Jan Schaumann’s survey on internet operations, and how this relates to the larger discussions we’ve had on the power of systems administrators to manage mail (see Meri’s excellent post here<).
I wrote about privacy and tracking online and how it’s shifted over the past two decades. With marketers collecting and tracking more and more data, including personally-identifiable information (PII), the risks of organizational doxxing are significant. Moreso than ever before, marketers need to be aware of security issues. On the topic of security and cybercrime, Steve posted about two factor authentication, and how companies might consider providing incentives for customers to adopt this model.

Only spamtraps matter, or do they?

I received mail from Mitusbishi UK over the weekend, telling me that as a subscriber I was eligible to buy a car from one of their dealers, or something. I didn’t actually read the whole thing. While I am competent in a right hand drive, even when it’s a manual, it’s not something I want to try over here in the US.
The address the message came to is one that I’ve had for around 15 years now. But it’s not an address I’ve really ever used for anything. When I have used it, the address is tagged. The bare address has never been handed out.
When I sent the report in to SmartFocus, I commented this wasn’t an opt-in address and that it was, in fact, a spamtrap. Is it? Well, it certainly never signed up for UK car offers. Or any UK mail for that matter. I’ve never opted in to things with it. No one before me had the address.
I know why I mentioned it was a spamtrap… because sometimes it seems like the only way to get some senders to pay attention is if you call the address a trap. Mail to actual users is not a problem, it’s only mail to spamtraps that gets some compliance departments interested in an issue. Without the address begin labeled a spamtrap, the address is just marked as “complaint” and removed from further sends.
I wonder if we, and I include myself in that we, have made it harder to deal with spam by focusing on spamtraps rather than permission. Sure, we did it for a good reason – it’s hard to argue that an address that has never been used by a person signed up to receive mail. But now we have companies trying to create and monetize spamtrap networks because people care about spamtraps.
It’s a less conflict laden conversation when we can say “these addresses didn’t opt-in, they don’t exist.” But somehow “spamtrap” carries more weight than “bounce.” I’m not sure that’s a good distinction, bounces are all potential traps, and I do know some people go through their incoming logs and see what addresses they are bouncing mail to and then turn those addresses on.
Focusing on traps makes some conversations easier. But maybe we need to be having harder conversations with clients and senders and marketers. Maybe lack of spamtraps isn’t a sign of a good list. Maybe good lists are quantified by other things, like response and engagement and ROI.

I use tom@hotmail.com as my default bogus email address. Tom has subscribed to so many things because of me.
Read More

Typo traps

People make all sorts of claims about typo traps. One claim that showed up recently was that Spamhaus has just started using typo traps. I asked my Facebook network when people started using typos to detect incoming spam.
Two different colleagues mentioned using typos, both on the left hand side and the right hand side, back in ’98 and ’99.
The point is, typo traps are absolutely nothing new. They are, in fact, as old as spam filtering itself. And as one of trap maintainers remind me, not all of them even look like typos. It’s not as simple as hotmial.com or gmial.com.
I really think that focusing on traps is paying attention to the wrong thing.
The traps are not the issue. The underlying issue is that people are signing up addresses that don’t belong to them. Sometimes those are addresses that are spamtraps. Sometimes those are simply addresses that belong to someone else. Those addresses don’t belong to customers, they belong to random people who may never have heard of the sender. Sending mail to those people is sending spam.
Just trying to remove traps from your address lists isn’t going to solve the underlying problem. Instead, focus on improving your data process to keep from sending mail to random strangers.

Changes at Spamcop

Earlier this week some ESPs started asking if other ESPs have seen an uptick in Spamcop listings. The overwhelming answer (9 of 11 ESP representatives) said yes. I’ve also had clients start to ask me about Spamcop listings. All in all, there seems to be some changes at Spamcop that means more senders are showing up on the Spamcop radar.
Luckily, Spamcop provides us some insight into their data processing. If you look at the current monthly volume graph, we can see some very interesting changes in data.

Spamhaus Speaks

There’s been a lot of discussion about Spamhaus, spam traps, and blocking. Today, Spamhaus rep Denny Watson posted on the Spamhaus blog about some of the recent large retailer listings. He provides us with some very useful information about how Spamhaus works, and gives 3 case studies of recent listings specifically for transactional messages to traps.
The whole thing is well worth a read, and I strongly encourage you to check out the whole thing.
There are a couple things mentioned in the blog that I think deserve some special attention, though.
Not all spam traps actually accept mail. In fact, in all of the 3 case studies, mail was rejected during the SMTP transaction. This did not stop the senders from continuing to attempt to mail to that address, though. I’ve heard over and over again from senders that the “problem” is that spamtrap addresses actually accept mail. If they would just bounce the messages then there would be no problem. This is clearly untrue when we actually look at the data. All of the companies mentioned are large brick and mortar retailers in the Fortune 200. These are not small or dumb outfits. Still, they have massive problems in their mail programs that mean they continue to send to addresses that bounce and have always bounced.
Listings require multiple hits and ongoing evidence of problems. None of the retailers mentioned in the case studies had a single trap hit. No, they had ongoing and repeated trap hits even after mail was rejected. Another thing senders tell me is that it’s unfair that they’re listed because of “one mistake” or “one trap hit.” The reality is a little different, though. These retailers are listed because they have horrible data hygiene and continually mail to addresses that simply don’t exist. If these retailers were to do one-and-out or even three-and-out then they wouldn’t be listed on the SBL. Denny even says that in the blog post.

Spamtraps mean your list is bad

Spamtraps on a list are a symptom, not the disease itself. They’re (usually) a sign of some serious underlying problem, whether it be with address capture, bounce management, list purchase or epending.
We’ve talked about this a lot in the past, but sometimes you need a short summary to refer someone to.

Dear Email Address Occupant

There’s a great post over on CircleID from John Levine and his experience with a marketer sending mail to a spam trap.
Apparently, some time back in 2002 someone opted in an address that didn’t belong to them to a marketing database. It may have been a hard to read scribble that was misread when the data was scanned (or typed) into the database. It could be that the person didn’t actually know their email address. There are a lot of ways spamtraps can end up on lists that don’t involve malice on the part of the sender.
But I can’t help thinking that mailing an address for 10 years, where the person has never ever responded might be a sign that the address isn’t valid. Or that the recipient might not want what you’re selling or, is not actually a potential customer.
I wrote a few weeks back about the difference between delivery and marketing. That has sparked conversations, including one where I discovered there are a lot of marketers out there that loathe and despise delivery people. But it’s delivery people who understand that not every email address is a potential purchaser. Our job is to make sure that mail to non-existent “customers” doesn’t stop mail from actually getting to actual potential customers.
Email doesn’t have an equivalent of “occupant” or “resident.” Email marketers need to pay attention to their data quality and hygiene. In the snail mail world, that isn’t true. My parents still get marketing mail addressed to me, and I’ve not lived in that house for 20+ years. Sure, it’s possible an 18 year old interested in virginia slims might move into that house at some point, and maybe that 20 years of marketing will pay off. It only costs a few cents to keep that address on their list and the potential return is there.
In email, though, sending mail to addresses that don’t have a real recipient there has the potential to hurt delivery to all other recipients on your list. Is one or two bad addresses going to be the difference between blocked and inbox? No, but the more abandoned addresses and non-existent recipients on a list there are on a list, the more likely filters will decide the mail isn’t really important or wanted.
The cost of keeping that address, one that will never, ever convert on a list may mean losing access to the inbox of actual, real, converting customers.

By creating web domains that contained commonly mistyped names, the investigators received emails that would otherwise not be delivered.
Over six months they grabbed 20GB of data made up of 120,000 wrongly sent messages. BBC News
Read More