Unsubscribes

Don't bother unsubscribing

In the early years of the spam problem, a common piece of advice was to never unsubscribe. At the time, this made a lot of sense. Multiple anti-spammers documented spammers harvesting addresses from unsubscribe forms. This activity tapered off around 2000 or so, although the myth persisted for much longer.

These days, there isn’t much harm in unsubscribing. I even spent a full month unsubscribing from spam at one of my dormant accounts (Yes, spam is still a problem). While the graph shows an initial increase in spam, levels dropped for the next few months. By the time I cancelled the account in 2017, spam levels were at very low. I don’t know if the decrease was due to the unsubscribing or if there were improvements in the filtering appliance the ISP used.
More recently the biggest problem is senders that don’t honor unsubscribes. There are a lot of reasons this can happen and they’re not all malicious. Still, too many companies don’t care enough to actually make sure their unsubscribe process is working. I’ve had way too many companies “lose” unsubscribe requests, sometimes years after I asked them to stop. I expect many of these cases are accidents. They switch ESPs and decide or forget or otherwise fail to transfer unsubscribes to the new ESP. But, in other cases, there doesn’t seem to be any ESP change. It appears the companies think that they can reactivate unsubscribes at some point (pro tip: there is no expiration on legally required unsubscribe requests).
All of this leads to my current recommendation: yeah, unsub if you feel like it, it’s unlikely to hurt, and it’s possible it will help. But, don’t expect them to actually work permanently. Companies just don’t care enough to make them permanent.

Ask Laura: Should we confirm unsubscribes?

Dear Laura,
We have some questions about best practices for unsubscribes. Our ESP uses the List-Unsubscribe header by default on every email. I’m not familiar with this, and I have some questions for you.
First, do you think this is a good idea? Should we always use it, or just for certain emails? Should we use the mailto:link or link to a web site to unsubscribe?
We were also asked about double opt-out and if we should do it. We’re thinking that if someone clicks on the unsubscribe link they would be directed to a site displaying a message such as “Sorry to see you go. We have sent an email out for you to fully unsubscribe from the mailing list”. They then have to open the email and click on the link. Do you recommend doing this? Are there anti-spam regulations that this might violate?
And then, once someone unsubscribes (either with double opt-out or not), should we send out some sort of email confirmation? We currently do not, but we’re thinking of sending something like “Sorry to see you go. If you unsubscribed accidentally please click here to re-subscribe.” What do you think?
Thanks,
Breaking Up Is Hard to Do

September 2016: The month in email

Happy October, everyone. As we prepare to head to London for the Email Innovations Summit, we’re taking a look back at our busy September. As always, we welcome your feedback, questions, and amusing anecdotes. Seriously, we could use some amusing anecdotes. Or cat pictures.

We continued to discuss the ongoing abuse and the larger issues raised by attacks across the larger internet infrastructure. It’s important to note that even when these attacks aren’t specifically targeting email senders, security issues affect all of us. It’s important for email marketers to understand that increased attacks do affect how customers view the email channel, and senders must take extra care to avoid the appearance of spam, phishing, or other fraudulent activity. I summarized some of the subscription form abuse issues that we’re seeing across the web, and noted responses from Spamhaus and others involved in fighting this abuse. We’re working closely with ESPs and policy groups to continue to document, analyze and strategize best practices to provide industry-wide responses to these attacks.
I was pleased to note that Google is stepping up with a new program, Project Shield, to help journalists and others who are being targeted by these attacks by providing hosting and DDoS protections.
I’m also delighted to see some significant improvements in email client interactions and user experiences. I wrote a bit about some of those here, and I added my thoughts to Al’s discussion of a new user interaction around unsubscribing in the iOS 10 mail client, and I’ll be curious to see how this plays out across other mail clients.
For our best practices coverage, Steve wrote about global suppression lists, and the ways these are used properly and improperly to prevent mail to certain addresses. I wrote about using the proper pathways and workflows to report abuse and get help with problems. I also wrote about the ways in which incentivizing address collection leads to fraud. This is something we really need to take seriously — the problem is more significant than some bad addresses cluttering up your lists. It contributes to the larger landscape of fraud and abuse online, and we need to figure out better ways to build sustainable email programs.
Is there such a thing as a perfect email? I revisited a post from 2011 and noted, as always, that a perfect email is less about technology and more about making sure that the communication is wanted and expected by the recipient. I know I sound like a broken record on this point (or whatever the 21st century equivalent metaphor of a broken record is….) but it’s something that bears repeating as marketers continue to evolve email programs.
We had a bit of a discussion about how senders try to negotiate anti-spam policies with their ESPs. Is this something you’ve experienced, either as a sender or an ESP?
In Ask Laura, I covered shared IP addresses and tagged email addresses, questions I get fairly frequently from marketers as they enhance their lists and manage their email infrastructures. As always, we welcome your questions on all things email delivery related.

Increase in unsubscribes

UPDATE 12/17/2015 2:30PM Pacific: I heard from Josh, the CEO of Unroll.me. He says:

Monitoring Your Mail Stream

One of the most important things for any mail sender to do is monitor their mail stream. There are a number of things that every mailer should pay attention to. Some are things to monitor during delivery, some are things to monitor after delivery. All of these things tell senders important information about how their mail is being received by their recipients and the ISPs.

My holiday email prediction

I was on IRC with a group of ESP delivery specialists last week and one of them was looking for something to blog about. I suggested a list of holiday predictions. Not that I have a huge number of holiday predictions, but I did come up with one.
During the holiday season at least one retailer will decide that they have information so important that they will ignore my opt-0ut request and add me to their holiday blast list.
So what’s your holiday email prediction?

Best practices: A Gmail Perspective

At M³AAWG 30 in San Francisco, Gmail representatives presented a session about best practices and what they wanted to see from senders.
I came out of the session with a few takeaways.

Unsubscribing from spam, part 2

Yesterday I posted about why the reasons a lot of people give for not unsubscribing from spam are mostly wrong. Unsubscribing from spam doesn’t seem to confirm your address and it doesn’t seem to increase your spam load.
But does that mean you should unsubscribe from spam? I’m not sure about that.
I’ve been working on a project where I am unsubscribing from every message coming into one of my email addresses. Weeks into that process I’m not seeing a huge decrease in the amount of mail that address is receiving. In some cases I’m unsubscribing from the same senders multiple times a day and have been for close to 3 weeks.
While unsubscribing doesn’t increase your spam, I’m also not sure it decreases your spam, either. But I’ll have full data and numbers demonstrating that in a few more weeks.
What can have an effect on the amount of spam you get is complaining about spam, at least according to Brian Krebs.

Don't unsubscribe from spam!!

Having been around the email and anti-spam industry for a while, I’ve just about seen and heard it all. In fact, sometimes I’ve been around for the beginning of the myth.
One myth that seems to never actually go away is “unsubscribing just confirms you’re a real address and your address will get sold and your spam load will explode.” This is related but orthogonal to “spammers harvest addresses out of unsubscribe forms.” The reality is that both of these things used to be true. Unsubscribing would confirm your email address and increase your spam load. Spammers would harvest addresses out of unsubscribe forms.
But neither of these things have really been true for the last decade.
I have had clients over the years that are spammers. Some of the are names that you probably would recognize. Some of them are companies we could probably all agree are spammers. Some of them are buying addresses from companies that are spammers. Some of them are companies that have a good mailing program here and then hire snowshoers over there. Sometimes they come to me claiming to be real mailers “with minor delivery problems.” Sometimes they come to me saying that a blocklist has recommended they talk to me about repairing their processes. Sometimes they even actually want to fix things. Sometimes they’re just looking to say that I’ve given them a clean bill of health (which is not something I do).
What that means is that I have lots of addresses on lots of spammer lists. Not just the ones they’ve found, but ones I’ve used to test their systems. I use tagged or disposable addresses for everything. Some of my disposable accounts are only marginally connected to me as I want to see what senders really do for their subscribers rather than what they want me to think they do. The ones I add to their system I use to test their subscription process as well as their unsubscription process.
I have never encountered a situation where unsubscribing one of those addresses caused a “multiplication” (to quote one anti-spammer) of my spam load.
I’ve had cases where my clients have ignored unsubscribes. I’ve had cases where my clients have decided years later to add me to their list again. I’ve had cases where they’ve been bought out and my address has been reactivated by the new owners. I’ve had cases where months or even years of 5xx responses was ignored. I’ve seen just about every bad bit of behavior on behalf of spammers. But I’ve never actually had unsubscribing increase my spam load.
It doesn’t matter how often people demonstrate unsubscribing doesn’t result in more spam in the current email ecosystem. (Ken Magill 2013, NYTimes 2011, dayah.com 2009). It doesn’t matter that many mailers treat “this is spam” button hits the same way they handle unsubscribe requests. The myth still persists.

TWSD: Don't honor opt-outs

One of the big arguments various mailers make is that they make it easy for users to opt-out of mail, so it’s not a big deal. Users who don’t want to receive the mail, can make it stop. This was one of the guiding principles of CAN SPAM. The sender can make the decision to send mail to any recipient but they have to offer an opt-out.
The problem is there are a lot of major companies out there that don’t honor opt-outs. Since earlier this year I’ve been tracking when I opt-out of mail. Why? Because I kept getting the feeling that I’d opted out of mail before, but kept getting it.
The good(?) news is that it wasn’t my imagination, some of these companies aren’t honoring their opt-outs. The bad news is that major companies are not honoring opt-outs.

New unsubscribe methods in the news

The folks at The Daily Show, who brought us the wonderful term “High Volume Email Deployer” so very long ago, are once again leading the way in new unsubscribe technology. Unsubscribe by television.

Meanwhile, the folks at The Daily Mash have a different unsubscribe suggestion.

Barracuda filters clicking all links

Earlier this month I mentioned that a number of people were seeing issues with multiple links in emails being clicked by Barracuda filters. I invited readers to contact me and provide me with any information or evidence they had. Not only did a number of senders contact me, but one of the support reps at Barracuda also contacted me.
At issue is a part of the Barracuda email filter call the intent filter. There are 3 different modules to this filter.

Bad unsubscribe processes

We recently renewed our support contract with VMWare. It’s a weirdly complicated system, in that we can’t buy directly from VMWare, but have to buy through one of their resellers. In this case, we purchased the original hardware from Dell, so we renewed our contract through Dell.
Dell sends my email address over to VMWare as part of the transaction.
My only role in this is as CFO. I approve the purchase and pay the bill. I don’t do anything technical with the license.
The email failures start when VMWare decides that I need to receive mail about some user group meetings they’re holding all over the US. First off, I’m not the right person to be sending this mail to inside our company. I’m the billing contact, not the user contact. Then, they send me mail about meetings all over the US, when they know exactly where I’m located. Would it be so hard to do a semi-personalized version that highlighted the meetings in my local area then pointing out the other locations? Apparently, yes, it is so hard.
The biggest failures, though are in the unsubscribe process.

The unsubscribe page is no big deal. I get to unsub from all VMWare communications, and submit that request without having to figure out what my VMWare password is or anything.
After I hit submit, I’m taken to this page.

Wait? What?
“Thank you for registering?” I didn’t register! I don’t want you to contact me. Plus, this is a HP co-branded page when I’m not a customer of HP. VMWare knows this, they know they got my address from Dell.
The biggest problem is that I’m not sure that my address was actually unsubscribed. I suspect that someone copied a form from elsewhere on the site to use as an unsubscribe form. This person forgot to change the link after the “submit” button was clicked. But what else did they forget to change? Is the unsubscribe actually registered in the database?
I suppose only time will tell if VMWare actually processed my unsubscribe. If they didn’t they’re technically in violation of CAN SPAM.
The lesson, though, is someone should check unsubscribe forms. Someone in marketing should own the unsubscribe process, and that includes confirming that unsubscribe pages work well enough.

Does CAN SPAM require multiple opt-outs on emails?

Today’s Wednesday question comes from M. B.

My company sometimes sends mail to our list on behalf of 3rd parties. A recent 3rd party told us that CAN SPAM requires the email contain their opt-out link as well as ours. Is this correct?”
Read More

Check your unsubscribe process

When was the last time you actually tried to unsubscribe from one of your mailing lists? Have you ever even checked to see that your process works?
For whatever reason, unsubscribe processes don’t always work. Sometimes the problem is on the client end. Sometimes the problem is on the ESP end. But in either case, continuing to mail recipients who have attempted to opt-out from your mail is a recipe for disaster.
I mentioned last week about our new mortgage company that can’t process my unsubscribe. Today I contacted their ESP and pointed out I’d tried to unsub a few times, but was still getting mail. The ESP thanked me, pointed out that was not an ESP managed unsubscribe page and did a little digging. A few hours later their delivery guy told me that he saw my multiple unsubscribe attempts (June, July, 2 in August…) and they were all marked as “trashed.” But he’s going to make sure I’m not mailed any more and follow up with his customer.
Now, there are a lot of reasons this unsub process could have failed. It could be that the website doesn’t handle my tagged addresses well and this is a bank, it’s very possible security is locked down. But that means they shouldn’t have accepted my tagged address in the first place.
There are a couple things to take away from this story.

Misdirected email

Al has another post about another company sending mail to a customer that gave an email address that didn’t belong to them. The person receiving the misdirected email has no effective way to make it stop, and is getting more and more frustrated with the ongoing spam. (Consumerist article)

Letting people stop transactional mail

The question of putting unsub links on transactional messages came up on multiple lists recently. As with any question that has to do with email and controlling it, there were a lot of different opinions.
A number of people believed that transactional mail should never, ever have an unsubscribe. Their argument was that transactional mail is too valuable to allow recipients to unsubscribe from it.
Other people argued that the recipient should always be able to stop mail and that an unsub link was important, even in transactional mail.
A third group pointed out that under CASL transactional mail to Canadian residents may have to have an unsub link, even if the sender doesn’t want to add one in.
As with most questions, I don’t think there is necessarily a single answer for every mailer or sender.
There are absolutely cases where transactional messages should have an unsubscribe. Twitter notifications and Facebook notifications are just some of the examples of mail a lot of people just want to stop.
But should companies allow recipients to unsubscribe from receipts? Some people feel very, very strongly that recipients should never be allowed to unsubscribe from receipts.
The problem with that stance is it ignores the fact that people don’t always correctly type their email addresses and end up giving the address of another person as part of a purchase. Al found a report at the Consumerist where someone is getting flooded with receipts for Nook books she’s never purchased.
This isn’t the first time this has happened, not by a long shot. In fact, in the past year I negotiated a Spamhaus delisting for a very large company that wasn’t confirming email addresses of their customers. This company sells a service that sends email alerts triggered when certain actions happen. Because they were not confirming their customer’s email addresses, they ended up sending alerts to spamtraps. The alerts triggered a SBL listing.
I don’t think that the Nook owner or the alert purchaser are actually malicious or that they purposely gave the wrong email address to their vendors. But it happens, and it happens not infrequently.
What do I recommend?
Transactional mail that is only ever a single event and where that address is not associated with an account don’t need to have an unsubscribe link. If it’s a one-time email, then it’s OK to not have an opt-out link. It’s OK to have an opt-out link, but not necessary.
Transactional mail that’s associated with some sort of account should have a process in place to make sure that mail is going to the right person and if it’s not, that the wrong person can make the mis-directed mail stop. There are multiple ways to do this. One is to confirm the email address associated with the account during the account creation process. Or you can allow anyone receiving the mail to click on a link and opt-out of receiving mail.
Whatever it is, it needs to be effective and protect everyone involved. Requiring the victim recipient to hand over a bunch of personal information, like Virgin Mobile does, helps no one. Continuing to send purchase receipts to an unrelated third party is poor business practice, particularly when you’ve been informed that this is the wrong person.

Leaving money on the table

On August 1 two domains in the Netherlands are going away: wanadoo.nl and orange.nl. Current users of these domains are being transitioned to new addresses at online.nl. Mailchimp has more information and links.
This is a good time for all of us to consider how easy it is for a subscriber to change their address of record. Some senders just have the subscriber unsubscribe from one address and resubscribe for another. This sounds like the simplest way to do things, and it certainly doesn’t take much engineering effort.
But what information do you lose by simply asking subscribers to unsubscribe and resubscribe? It depends on what you’re tracking, but you do lose everything that you track. Preferences, interaction history, purchase history, it’s all gone. Providing a simple way to change an email address of record preserves the information related to that subscriber.
For some senders, keeping subscriber information through different ISPs and email addresses will pay for the development of a preference center. For others, there’s no real value there. How much money are companies leaving on the table by not providing a mechanism for recipients to change their email address?

One Click, Two Click, Red Click, Blue Click

I’ve seen a lot of discussion and arguments over the CAN SPAM rule about whether or not an unsubscribe needs to be a One-Click unsubscribe. It’s gotten so common, I have a stock email I use as a template when wading into such discussions. It’s probably useful for a lot of other people, too, so I thought I’d share.
The regs say:

Expectations

One of the themes I harp on with clients is setting recipient expectations. Senders that give recipients the information they need to make an informed subscription decision have much higher inbox and response rates than senders that try to mislead their recipients.
Despite the evidence that correctly setting expectations results in better delivery and higher ROI on lists some senders go out of their way to hide terms from recipients. I’ve heard many of those types of comments over the years.

Fines for not honoring unsubscribes

Virgin Blue has been fined $110,000 by the Australian government for not honoring unsubscribes.

Irrelevant emails drive unsubscribes

A new study published by the Chief Marketing Officer Council and and InfoPrint shows that nearly 50% of all unsubscribes were driven by a lack of relevancy.

Subscription practices in the wild

It’s always interesting to look at what other email marketers are doing and how closely their practices align with what I am recommending to clients.
Today’s example is a welcome message I received from Marriott. During my recent trip to visit a client, I gave Marriott my email address. They sent me a welcome message, primarily text that looked good even with images turned off. The text of the email told me why I was receiving the email and what I could expect.

Unsubscribe rates as a measure of engagement.

Over at Spamtacular Mickey talks about the email marketers’ syllogism.

Anyone who doesn’t want our mail will opt-out.
Most people don’t opt-out.
Therefore, most people want our mail.

This clearly fallacious reasoning is something I deal with frequently with my clients, particularly those who come to me for reputation repair. They can’t understand why people are calling them spammers, because their unsubscribe rates and complaint rates are very low. The low complaints and unsubscribes must mean their mail is wanted. Unfortunately, the email marketers’ syllogism leads them to faulty conclusions.
There are many reasons people don’t opt-out of mail they don’t want. Some of it may be practical, the mail never hits their inbox, either due to ISP level filters or their own personal filters. Some people take a stance that they do not opt out of mail they did not opt-in to and if they don’t recognize the company, they won’t opt-out.
In any case, low levels of opt-outs or even this-is-spam hits does not mean that recipients want that mail. The sooner marketers figure this out, the better for them and their delivery.

CAN SPAM compliance information in images

A fellow delivery specialist sent me a question this morning.

Confirmed unsubscribe

Whatever one might think about confirming opt-ins I think we can all agree that requiring someone to jump through hoops and confirm an unsubscription request will just annoy that person.
Today I attempt to opt-out from a discussion list. It’s one I *thought* I had opted out of previously, but I could find no record of the request anywhere. OK. So I imagined unsubscribing, I’ll just unsub again and keep better records.
After digging through the headers, I find the unsub link and dutifully mail off my unsubscribe request. I then receive an email that requires I click on a link to confirm my unsub request. This causes me to grumble a bit. I have heard all the arguments about forged unsub requests and the various reasons this is good practice. I believe none of them. Requiring people to confirm an unsubscription request is bad practice.
In this case, the mailing list is a discussion list so there is no CAN SPAM violation. However, I know that some commercial mailing lists have also implemented confirm your opt-out request. For commercial mailing lists, this is a CAN SPAM violation. It’s also just plain rude. If someone says, “Stop!” then you should stop, no questions asked

Paypal fixes unsubscribes

Through the grapevine, I have heard that PayPal is actually complying with the new CAN SPAM rulemaking and offering one-click unsubscribes.