AOL announces Alto, new mobile email app

On Thursday, AOL launched iOS and Android versions of "Alto," a "proprietary email intelligence engine built to analyze and restructure the mountain of valuable data buried across multiple inboxes," aka a fancy new email client with time-saving email-sorting functionality built in.

AOL aims to help you simplify dealing with massive amounts of emails, by having the Alto engine automatically organize messages into "stacks" based on message type. 

You don't have to be an AOL email user to use Alto. The Alto email client supports email accounts from AOL, Gmail, Yahoo!, Outlook, iCloud, Outlook, Exchange and "any other IMAP email provider."

Do we need another email client? I guess I'll download and test this one out and see, but I'm not holding out that it's going to be a magic replacement for my iOS Mail (of which I am a heavy user). I'll be curious to see if it renders emails any differently. I'm sure that'll give designers fits, if so.


For more about Alto, read the Fast Company article, check out the AOL press release, or click on over to the Alto Mail website.

Not receiving Yahoo FBL Confirmations? What to do

ISP Feedback Loops (FBL) are valuable for email senders and email service providers (ESPs). It provides valuable information on who is complaining about your mail. Not only does it (usually) allow you to unsubscribe people who complain, preventing them from lodging any additional black marks against your sending reputation, but it allows you to roll aggregate stats that can tell you which lists or list segments are causing your deliverability problems. List two has a 150% higher complaint rate than lists one and three? Then list two needs some attention, and quick, before those complaints cause you to get blocked or sent to the spam folder when attempting to send to Yahoo subscribers.

Signing up for the Yahoo FBL is a pretty straightforward process. You just submit your new domain to Yahoo via their Yahoo's ISP Feedback Loop form, along with some simple information about who you are and where complaints should be sent. As the final step, Yahoo will send an email message containing a verification code to the "postmaster" mailbox at the domain you are attempting to register. This proves that you have control over the domain, and that you're not trying to sign up somebody else's domain without their knowledge or consent.

Yahoo requires that you receive this email message, retrieve the verification code, and paste it into the Yahoo FBL registration form.

Sometimes folks don't receive that important email message, and are then unable to complete the FBL registration. If that happens, here's what to do.

In almost every instance where I hear of someone not receiving a Yahoo FBL verification code email, it has been due to one of two problems:

  1. You can't actually receive any mail at that postmaster address, so the verification code email is bouncing. This is easy to test. Go to an outside email client (Yahoo or Gmail), and send a message to postmaster@ (your domain). Does the message bounce? Does the message reach you in the inbox? Does it go to a mailbox that you can access? If you can't find this message, you've got a problem to fix before you can sign up for the Yahoo feedback loop.
  2. Your mail server is rejecting the verification code email message because the from line used by Yahoo is too long. In particular, this affects users of the PowerMTA platform. Laura Atkins explains why this happens and how to fix it, over on the Word to the Wise blog.

This is a question I get asked fairly regularly, so I hope you find this little blog post on the topic to be useful.

Note: To participate in Yahoo's Feedback Loop, there is a prerequisite: You must authenticate all mail by signing it with DKIM (DomainKeys Identified Mail). Keep in mind that your email platform must sign the mail with the "d=" and that complaints will not be sent about any messages that lack a DKIM signature.

Additional Note: From talking to folks at multiple email service providers, it sounds as though Yahoo does not always send back all complaints. I don't have information on why that is, but I would consider it a "fact of life" and something senders just have to deal with, from what I am hearing.

Spam Resource on Facebook

Hey, I hope you'll come over and "like" the Spam Resource page on Facebook. I'm hoping that eventually we can use it as a place for folks to ask questions and share info, maybe to inspire future blog posts. Thanks in advance!

DMARC Support in Mailman

Mailman is a very popular open source mailing list management software package. It's been around for a long time -- since the late 1990s, according to Wikipedia. Sites using Mailman to manage discussion lists were negatively impacted by the roll-out of DMARC, specifically when big ISPs (starting with Yahoo and AOL) began to implement "p=reject" DMARC policies, meaning legitimate mailing list mail, most commonly posts from Yahoo or AOL users, would start to be rejected by ISPs who filter based on DMARC policy.

Google Groups and Yahoo Groups both implemented header changes to workaround the then-new DMARC issue, by (and I'm simplifying here, forgive me) making the mailing list the sender of the message, as opposed to the prior method, which was that the person who submitted the post to the mailing list was considered the sender.

Mailman has done the same. All the way back in 2014, Mailman 2.1.16 included a feature called "from_is_list," that, when enabled, rewrote the email headers to help admins deal with restrictive DMARC policies.

Mailman version 2.1.18 takes it a step further, giving you a set of options under the label of "dmarc_moderation_action." This feature provides five different "actions": Accept, Munge From, Wrap Message, Reject, and Discard. My suggestion is to select the "Munge From" action.

Some mailing list managers are pissed about DMARC and want to keep users at DMARC-publishing domains away from their mailing lists, so they've chosen the "reject" or "discard" actions. That's not very friendly to end users.

The authors and team behind mailman put it thusly: "Mitigating the effects of the DMARC reject policy are difficult. All known mitigation techniques break some user expectations and/or degrade the user experience. Still, it's incumbent on the Mailman developers to try to reduce the pain our users feel, and to provide some options for site and list administrators who find themselves caught in the middle."

If you don't take any action here, you're leaving a subset of your potential subscribers out in the cold. Making them second class citizens, unable to participate in the mailing lists you're hosting. Be kind, and don't beat up Yahoo users because of a domain policy that Yahoo choose to implement (and that Yahoo user is stuck dealing with). I strongly recommend that you enable the "Munge From" action under "dmarc_moderation_action."

Gmail to Support Responsive Design + More

Litmus recently shared news that is sure to make email designers light up with glee: "On August 31, 2016, Gmail began supporting the CSS property display: none;. And today, Gmail announced they will begin supporting <style> and media queries later this month." Read all about it here.

Ken Magill: Time to switch to COI/DOI

Industry reporter Ken Magill has changed his mind. Long advocating against required double opt-in, he has now come around and suggests that it is time to implement it. Read more over at Magill Report.

Subscription Mailbombing: Must Read

SendGrid's Paul Kincaid-Smith's has a post up this morning about the "tsunami of unwanted email" generated by the bad guys out there using botnets to subscription bomb (aka harass) people and why you should secure subscription signup forms.

The bad news is, this abuse causes problems for otherwise good email senders. You didn't cause it, but you'll get caught up in it, if you don't take precautions. If you have an email signup form out there in the wild, it's time to add a bit of security to it to prevent the pain you'll run into if and when you get Spamhaus blacklisted because your signup page got abused.

TL;DR? If you have an email signup form, you need to enable COI/DOI (double opt-in) and also add a CAPTCHA-like process (reCAPTCHA is recommended), or else when the botnet bad guys get to you, they're going to sign lots of people up to your lists who don't want to be there, and pain is sure to follow.

Gmail providing easy-to-read Auth Results


This is pretty slick. When is the last time you selected "View Source" in Gmail to look at the raw headers and body content of an email message? As of a couple of days ago, Google has added some nice new info to this feature, showing an easy-to-understand summary of authentication results. In this example, it's highlighting that SPF, DKIM and DMARC are all working correctly.

This is all info you could find by looking through the email headers. But it's nice to see it called out in this way; it saves some digging and gives you a very clear understanding of how the Gmail platform sees the message.

List Unsubscribe in Apple's iOS 10

As I mentioned before, Apple has provided support for the "list-unsubscribe" header in the built-in mail client on the latest version of their mobile platform, iOS 10. Now that iOS 10 has been released to the world, I've reviewed how this process works and put together what I think you need to know.

Doing the Math on Purchased Lists

Back in 2014, MailChimp published data showing what happens when you mail to purchased lists. Though it is now a couple of years old, it's still solid research and quite relevant today.

Bye bye, SmartScreen

Microsoft recently announced that on November 1, 2016, they will stop generating updates for Microsoft Exchange's "SmartScreen" spam filters used in Microsoft Exchange Server and the Outlook (Windows) desktop client. Read more about it here.

What does this mean? This is probably a good thing. These were primarily content-related filters and content filtering isn't really "where it's at" when it comes to best practices with regard to spam filtering nowadays. I believe that this ultimately will drive users to newer solutions that are probably going to be more focused on sending reputation, meaning that us deliverability and email technology-related folks will eventually no longer have to deal with Outlook desktop client spam folder issues, which were often a confusing outlier when reviewing email deliverability results.

Click here to read more on this topic, from Laura Atkins of Word to the Wise.

Deliverability Problems: What You Can't Fix


If you're having deliverability issues, I can tell you from my experience that you aren't really going to be able to get back to the inbox if any of the following types of subscriber list sources are in play:

7 Common Deliverability Myths Busted

Kayla Lewkowicz of Litmus breaks it down: Seven common deliverability-related assumptions that just aren't true. She explains whether or not it's OK to use FREE in a subject line, or is Yahoo to blame when Yahoo blocks your mail, and provides even more solid explanations on how things actually work over here in deliverability-land. Great post!