On Political Speech, DOI, and Mr. Poopyhead

Ken Magill (or shall I say, Mr. Poopyhead) makes a funny, yet very insightful point, in his recent article about an email he recently received from the Obama campaign. His article is fun, and silly, and it accurately highlights what can go wrong when you don’t confirm or verify information received from a web form.

A bit surprisingly, an email marketer has an issue with Ken's article. In his response, Dylan Boyd takes Ken Magill to task. He asks, “When you do this, do you realize how many hours a year the marketing and email marketing industry is spending to clean out crap like this?” He explains that “people that mess with email marketers data with false names, fake names, friends names, or my favorite asdf@asdf.com (look at your keyboard) make our jobs hard.”

Who, exactly, is responsible for that verification? Let’s ask Laura Atkins. She very simply says, “the problem is not that Ken gave the Obama campaign Stupid Poopyhead as his name, the problem is that the Obama campaign is not doing any data verification. Ken did give the campaign a valid email address, but there was no reason he needed to do so. Anyone could have signed up Stupid Poopyhead and put in Ken’s address.”

Very true! I'm sure Dylan is not the first or last person to ever suggest that this job wouldn't be so hard if it weren't for all those darn users. But, Dylan's argument about end consumers being the problem, polluting marketers' email streams, it just doesn't make sense to me. As Laura points out (and I agree with), Dylan's response leaves us with an incomplete understanding of what the actual problem is, and I also think that it leaves us without a solution.

Running a web form, especially one that requires that an Internet user provide information before handing over something, whether it be a login to a website, a free download, or a subscription to a political newsletter, is a bit like putting a box in the middle of the sidewalk, somewhere up the block, and writing “Please put my free kitten here!” on the side of the box. You might end up with something in it, but it most certainly is not going to be that kitten you were hoping for. No matter how hard you wish, there is no agreement between you and the people who stumble across that form that they must behave, and must act a certain way. And, if you’re a savvy marketer, if you know how email works, you already know that certain people who stumble across your form are NOT going to behave. (Unless you're just going to blindly assume that whatever you received must be a kitten, because that's what the box is for. Duh!)

So, what’s the right thing to do? Continue to complain about how unfair it is that somebody put garbage into your web form? That strikes me as unproductive. Just getting frustrated about something doesn’t fix it. You have to do more than just call out to the broader internet, or to any certain reporter, and complain that they’re not doing what you want, if you want things to get better. You need to actually take action. You need to figure out what’s broken, quantify the problem, and come up with a plan to fix it. You need to, as somebody somewhere once mentioned, TAKE A STAND.

What better way to take a stand, than to take positive action? What better way, than to share information on how to do the right thing? That way, people looking for guidance can find it. That’s my goal here; to raise the bar overall, by making sure people looking for information can find that information. By actively sharing that guidance with the people I work with, day in, day out. For everybody who fights spam, who cares about the future of email, that’s their goal – to "rise the tide" of email overall, raising everybody up to a better level, more aligned with best practices.

It strikes me that this is also an excellent goal for email marketers. Figure out how to address issues like these, to prevent bad signups, to prevent bad data. Doesn't that help them further their own marketing objectives? It seems obvious, from where I sit: Avoid bad data, discard bad signups, and you don't end up sending spam. Avoid sending spam, and more of your email gets delivered, and you make more money. Duh!

In a comment on Laura’s follow-up post, Dylan asks, “when people continue to expect to get things with false data, where does that leave us?" Uh, what? That’s actually a very easy question to answer. When people continue to expect to get things with false data, it’s time to step up, to shore up your own processes to eliminate opportunities for false data. To guide others on how to fix their processses similarly.

It sounds hard, but it’s not. It’s easy. In the case of signup forms for political email lists, it’s time for double opt-in. Going all the way back to the original article from Ken Magill, Dylan’s complaint was that Ken had entered “Stupid Poopyhead” as his name when signing up.

The true point, though, has been missed. The real issue here isn’t that Ken put in a funky name. Like Laura said, the issue is that anybody can put in a funky name for anyone else. You could go sign me up as Mr. Poopyhead. I could do the same to you, or worse. When that mail is sent, it’s horribly insulting to the recipient, and the campaign, if notified, is likely to be embarrassed. This is the primary pitfall of personalization. I’ve been down this road before, and I know how you prevent and minimize this kind of problem.

To fix it, all they really need to do is move this process to double opt-in. Duh! Why?

1. People tend to put less garbage into a double opt-in signup form. Why? Because you tell them it’s going to be validated, they see that, and they tend to abuse it much less. Many web surfers, who were going to put in some sort of cheeky data, realize that it’s going to get them nowhere, so they don’t bother. This is one of those “I don’t know why it works, but it does” kind of things. I have been there, done that, and I have the t-shirt to prove it. When I worked for a large e-commerce service provider lo those many years, I saw ample evidence, multiple examples, time and time again, that when you confirm signups through double opt-in, or even if you ask for a credit card number during a purchase, end users are less likely to fill in your forms with garbage.
2. People who continue to try to put garbage in a double opt-in form are less successful at their efforts to be cheeky and/or harassing. A colleague of mine at a past job thought it was funny to sign me up for various email lists run by the party the opposite of my personal political extraction. Thank goodness I’ve left that job; I’m sure that email address is still making the rounds between data-whoring political organizations. The fact of the matter is that a significant non-zero amount of the people on a political list are people who do NOT want to be there, signed up by some friend, or more often, by an enemy. Somebody who thought it would be funny to sign them up. Along with that, those merry pranksters often put in cheeky or offensive data in other fields, either just to tease their friend, or upset the target of their harassment. Move the signup process to double opt-in, and the target victim never confirms the fraudulent submission, and they never receive any emails addressed to Mr. Poopyhead.
3. If you do end up with a Mr. Poopyhead on your list, you have verifiable, absolute proof that the end user did it to themselves. If a user signs up for your list calling themselves a bad name, that’s entirely their problem. It's not your problem, and it's not your fault. Yeah, it might be good to have a profanity filter, but even so, somebody will find a way to get a strange variant of an uncommon swear word past the filter. Make sure that when this happens, that you’re covered, because you use a process that ensures that the only person any idiot can do this to is themselves.

Look, I hesitated to even blog about this. But others took it and ran with it, and I figured I had better throw in my two cents as well, to make sure something really important wasn't missed. I don't know how I can make it any clearer: Ken Magill wasn't the problem, Obama's signup process is the problem. If you think otherwise, you've missed the boat.

Stuff like this isn't really rocket science. It's information I already share with the list managers, marketers, and organizations I deal with every day when talking to them regarding policy compliance issues and offering up best practice guidance. But, apparently, something this obvious hasn’t spread as far or wide as it needs to. That's why I’m doing my bit-- I’m stepping up, to get the word out. I am, as has been suggested, taking a stand.

Here’s a challenge to everybody else reading this. Now, it's your turn: Take a stand. Positive action is what counts, more so than just words. You can’t change the world, but you can change one list, you can stop one spam issue. When’s the last time you’ve done that?

Godaddy misusing the PBL?

According to Justin Mason, domain registrar (and email/web hoster) Godaddy is misusing the Spamhaus PBL: Using it as a URL filter. This is where you convert a URL hostname to its IP address, then look up that IP address (or its nameserver) on an IP-based blacklist. Great idea. I do it with the SBL. It's a horribly bad idea for the PBL, though, because the PBL is not meant to be a list of things that aren't allowed to have web servers. Using it this way is going to cause false positives like mad.

Ow, my Irony hurts!

Hey, what? Did I really just read that?

An email appender sending out a press release about how to combat spam?

Wait...the company name sounds familiar. Is it the company Ken Magill talks about here?

Ha. Methinks somebody is trying to spread some fluff around in an effort to modify what people find about them when searching online.

What is a Sender?

Somebody just asked me what I mean when I say "sender." I often refer to senders in contexts like this: A good sender should always do X. Somebody who does Y will always be labeled as a bad sender.

In my mind, a sender is simply somebody who sends email. Someone who causes email to be sent. If you are a list manager, a marketing manager, a list owner, or anything along those lines, you're a sender. If you have a list, people sign up for that list, and you send to that list, you are a sender. I'm a sender, through the list I set up and manage for my friend's jazz club.

On the other side of things, you have "receivers." A receiver is somebody who receives email. AOL and Hotmail and Yahoo are receivers. I tend to use the term "receiver" instead of saying internet service provider, because some sites that handle email only provide email access (webmail, for example), and don't actually provide internet connectivity.

I hope that gives a little more insight as to where I'm coming from when I use terms like sender and receiver.

More on Pizza Hut

Dylan at email service provider eROI points out that Pizza Hut's email sign up process is substandard: You have to opt-in to receive emails just to order a pizza online.

This is seemingly another sign of people who have ... interesting ... ideas about email best practices. Here's another FAQ question for my imaginary best practices FAQ.

Question: We want to grow our lists aggressively. Can we make people opt-in to receive emails from us when they register or make a purchase online?
Answer: You could, if you like pain. If you make people opt-in, you end up sending them emails they don't want. They report those emails as spam, and ISPs like Hotmail and Yahoo will come down on you like a ton of bricks.

Here's the deal. Recipients are looking to you to be a good list mom. Don't force people to get emails they don't want. Don't send emails people didn't explicitly sign up for. If you fail to be a good list mom, the ISP steps in and does it on your behalf. Look back to what I wrote in January: A sender started sending me extra emails. Made it hard to unsubscribe. What did I do? I marked the mail as spam, and appropriately so. If enough of us pebbles (recipients) vote that mail to be spam (and we often do), an ISP decides that the sender is not being a good list mom, and stops putting their email in the inbox.

This process is repeated thousands of times a day across hundreds of internet service providers.

Don't Spam to Apologize for Spam

The Consumerist headline says it all: Pizza Hut Sends Unsolicited Email To Apologize For Sending Unsolicited Email

Or does it? Let's talk it through.

Look, I can see something bad happening accidentally. For as many email platforms I've worked with, there are just as many ways to accidentally send the wrong thing to the wrong list. I've seen it happen more than once (far more than once). And since CAN-SPAM came into effect, sometimes a legitimate, non-spamming company has to do things like receive a suppression list (and keep it, and use it as such) from another company, if they're going to advertise that company's product. (Example If a pizza restaurant chain were going to send out an ad that advertised a specific cola, they'd probably be required, under CAN-SPAM, to take the cola company's suppression list and ensure they send no email to anybody on the list. The transfer of data involved irks me, but it can't always be avoided.)

So, sometimes somebody will send an email to the wrong list. Or to a list of people that was never intended to be mailed. People who didn't opt-in to receive emails from that company, or didn't opt-in to that list. What do you call that? Spamming. So, if everything I've read is correct, then Pizza Hut apparently spammed people.

That sucks. That's not good. But, they recognized that they made a mistake. They fixed whatever happened, and hopefully, it'll never recur. Great? Great. Almost....

Almost, except for the fact that they spammed again to apologize for their original act of sending spam.

I don't know who served the Pizza Hut email; if it was some internal system or some email service provider. But, if it was sent via an email service provider, and if they have an online help section, there apparently needs to be a FAQ question & answer like the following:

Question: We accidentally emailed people we don't have permission to send email to. Should we email them an apology?
Answer: No. You don't have permission to email them to begin with. Sending them email is sending spam. Don't send spam! The way to fix an accidental spam issue is not to send more spam intentionally. Vet your practices, fix your issues; stop retaining data you shouldn't be retaining. But, do not send more spam!

It seems obvious....to me. Apparently not everyone sees it that way.

ReturnPath Buys Habeas

ReturnPath has purchased Habeas, according to all of the industry sources in the world, all of whom have sent me separate emails giving me a heads up about the acquisition.

Let the goofy haikus commence! My favorite:

It took Habeas
Millions to figure out that
Haikus don’t pay off

Also, don't miss Ken Magill's take on the sale.

Political Sending Reputation

Ever wondered what the sending reputation was for your favorite presidential candidate?

Here's the IP addresses and Sender Score ranking for the last three mailings I've received from each of them. The Sender Score number was noted at the time I originally received the message.

Candidate	IP	Score
Barack Obama	69.25.74.173	80
Barack Obama	69.25.74.172	70
Barack Obama	69.25.74.186	70
John McCain	64.203.105.82	65
John McCain	64.203.98.31	55
John McCain	64.203.105.83	65

A higher Sender Score number is usually considered better. Looks like very generally speaking, Obama's sending reputation may be a bit higher than McCain's. Of particular concern to me is both candidates seem to be mailing from multiple IP addresses. Why is that? I hope it's not to avoid blocking.

Beware the Fake News Spam

Terry Zink reports on the most recent ball of spam that he (and most of us) have been receiving: Fake news alerts that claim to be from CNN.

Yahoo Insights and Subcriber Engagement

Mark Brownlow talks about Yahoo's take on subscriber engagement here. After you read that, check out Mark's more generalized theory on what ISPs consider when determining whether or not email is unwanted. Comments from Yahoo's Mark Risher confirm what many of us already knew -- subscriber engagement matters.

Anti-spammers and deliverability people both get hung up on opt-in (alone) sometimes. A sender will say, this mail is opt-in, how dare an ISP choose not to deliver it. Various blacklists will harp on confirmed opt-in (alone) as the sole arbiter of whether or not mail should be delivered.

Truth is, they're both wrong.

Sure, opt-in matters. Your mail has to be opt-in, and confirmed opt-in is the best way to do it. If your mail isn't opt-in, all bets are off.

But, ISPs care about *more* than just that. They're figuring out whether or not recipients care about mail from any given sender. If the people on your list don't care about your mail, the ISP doesn't care about your mail, and that doesn't bode well for your ability to deliver that mail.

List Reconfirmation Example

Hey, fellow anti-spammers: "Re-Engagement Strategy" is what email service providers or deliverability people would call a reconfirmation email or a permission pass.

DJ Waldow has a good write up over on Bronto Blog of a recent re-engagement email he received from Shop.org. It's chock full of good tips you should share when you're working with some list manager having problems, and you want to convince them to reconfirm their list.