Senders: How to avoid false positives

As I often say, listen to as many sources of information as possible, and learn as much as you can from all of them. Don't be afraid to search for a second or third opinion on how to handle a deliverability problem or list management issue.

To that end, it's worth checking out this page. This information from the makers of the popular SpamAssassin spam filter offers valuable insight into how their system works. If you’re a mail sender, it’ll help guide you on how to finesse your legitimate mail, to reduce the likelihood that it'll be incorrectly classified as spam.

I don't agree with every suggestion it makes (many non-spammy senders use open detection that sets off their "web bug" detector, for example), but overall, there's some good info here. Read it, learn from it, and see what easy steps you can take to comply with these guidelines.

About the author, Al Iverson

Helping people deal with spam, list management, and deliverability issues is what I've been doing, first as a hobby, and now as my career, for the past ten years.

Since August, 2006, I've been the spam policy enforcement and deliverability guy for an email service provider located in the midwest. Prior to that, I spent just under six years working for a very large e-commerce service provider as the point person for spam and list management issues across the company's thousands of clients and dozen plus divisions and subsidiaries.

Before that, I worked for the Mail Abuse Prevention System (MAPS), one of the first anti-spam blacklist groups. There I created the MAPS RSS (Relay Spam Stopper) blacklist, to help address the scourge of spam being vectored through open-relaying mail servers. I also handled investigation and listing issues as a member of the RBL (Realtime Blackhole List) team.

Stopping spam is important to me. I do my part by guiding senders on how to send mail without sending spam, and guiding end recipients and system administrators on how to most effectively reduce the amount of spam they have to deal with.

I've been called the "baron of blacklists" for "waxing lyrically" on the topic of blacklists here and over on my other site, DNSBL Resource. There I publish news, information, commentary and reviews on the subject.

SPEWS Current Status

The SPEWS blacklist seems to have gone AWOL. A lot of people haven't realized this, and still believe they're being impacted by way of being listed on SPEWS. Over on my other site at dnsbl.com, I've posted two new articles that aim to help people dealing with this situation:

How to deliver mail to AOL

Are you having problems delivering mail to AOL? Does it sound to you like AOL's engaged in extortion and racketeering? If so, it's time to do a bit of learning and a bit of listening. Like it or not, I suspect that you probably don't know a ton about how the email infrastructure of the Internet actually works, and you're quite possibly listening to the opinions of other folks who are similarly inexperienced in this realm. Instead of debating myths and questionable opinions on how AOL is party to some secret conspiracy to make you pay to deliver your mail, lets talk facts about what causes AOL delivery problems and how to fix them. I know what I'm talking about. I actively deal with this kind of stuff every day. Read on and I’ll set the record straight.

There are three primary things that cause delivery issues when sending mail to AOL:

  1. You're not whitelisted,
  2. Your bounce handling is broken, or you're not looking at bounces; or
  3. You're generating too many complaints or too many bounces.

Allow me to break them down below. This is a bit quick and high level, but hey, that's the kind of advice you're going to get for free from some random guy on some random website.

You're not whitelisted. Fix that! Go here. Read it. Agree to the terms. Fill out the form. Work through this simple process and AOL will respond with a yay or nay. If yay, you're on track to be exempted from some of their basic spam filtering. This will resolve some of your issues, potential or actual. If nay, see steps two and three below, as they're probably preventing you from getting whitelisted.

To get whitelisted, you need to make sure you're mailing from an IP address that is being used just for your mail. If you're small enough to share a sending IP address with other people sending mail, you’re not really a sender. You’re a customer of a sender. Whoever owns, maintains, or supports that IP address should be filling out the whitelist form on your behalf.

Look at it this way. If you’re Bob at AOL and you can't mail Tom at Yahoo, then Yahoo and AOL are the folks who have to work it out…not you. It's the same kind of deal if you're sending to a tiny list off of a shared resource. You should nudge your service provider to address the issue, but if you don’t have your own IP and domain, and you don't have your own mail server, then you’re Bob the customer, not Bob the sender. The people griping don’t get that, or don’t agree with it, but that is ultimately the way the world works. It's not new, and it's not AOL-specific, and it didn't just appear as part of AOL's rollout of the Goodmail program. Simply put, it's been that way for the entire time I've been active in the email realm, over ten years.

Your bounce handling is broken, or you’re not looking at bounces.
I say this because every email AOL bounces back to you (over this type of an issue) contains a URL linking you to more information. AOL always includes this. So if you don't know what's going on with your AOL delivery, you probably don't have access to this data, or aren't looking at it. Make it a priority to change that!

Here's an example of an informational URL contained in an AOL bounce message: http://postmaster.aol.com/errors/554rlyb2.html

These URLs lead to pages that give you clear information about what’s going on. If your message is incorrectly formatted, they tell you. If you have a weird URL specified in a way that only spammers use, they tell you. If you’re generating too many spam complaints, they tell you. It’s that simple. AOL's the good guy here; they give you a lot more information than most receiving sites do. AOL puts a lot of effort into this process; they try hard to correctly report back to you about why they're blocking your mail, and there are many ISPs who are far worse at it. AOL's actually one of the good guys here.

You’re generating too many complaints or too many bounces.
If you get whitelisted, and are reading bounces correctly, and are still having blocking issues, then the information provided in bounces probably indicates that your mail is causing too many bounces or too many spam complaints. AOL (and many other ISPs) can tell how much of your attempted mail is undeliverable, and how many of your recipients report it as spam. These are important measures used by AOL (and others) to decide which mail gets through, and which mail gets bounced.

How to reduce your bounce rate: Don't attempt to remail bounced names. They’re not going to magically go through next time, and your failed attempts will actively damage your email reputation. If you don’t filter out bounces, your bounce rate will grow with each mailing, and you will quickly exceed AOL's spam-measuring bounce threshold. (Spam mail bounces at a high rate; spammers generally have very poor bounce handling. ISPs consider it a valid measure.) If you're doing this and still having this problem, then your signup/opt-in practices are broken, and they are resulting in too many invalid addresses being added to your list. It's making you look like a spammer.

How to reduce your spam complaint rate: Don't send mail to people who don't want it. Don't obtain lists from third parties. The people on those lists didn't opt-in to mail from you, and don't know who you are. Many of them will report your mail as spam. It doesn't matter if it's legal; it's just as legal for AOL to notice the high number of complaints and choose to block your mail. The most useful thing you can do is fix this. The most useless thing you can do is complain about it to the world at large. Don't tell the world you're not spamming and everybody's out to get you. As far as the recipients and receiving ISPs are concerned, you are sending spam.

Also, it's very important that you sign up for a feedback loop from AOL. This will provide you with copies of spam complaints brought against you by AOL users. You can (and should) ensure that these people are unsubscribed from your list. If you don't, you're not going to reduce spam complaints. This isn't a secret trick that makes it okay to suddenly buy lists or do other bad things--if you buy lists or harvest addresses, no amount of opting-out is going to save you--but handling feedback loops properly is a necessary part of managing your mailing list.

In closing, I would ask that you don’t be fooled by the fear, uncertainty and doubt (FUD) being spread by sites like DearAOL.com. In particular, that site appears to be supported by the Electronic Frontier Foundation (EFF), whose out-of-touch spam policy is guided by folks like John Gilmore, whom I've talked about here previously. A quick review of some of the supporting groups reveals at least one where I know that they utilize email practices that inherently cause deliverability issues. Wipe away the supposed "email tax," and many of these groups are still going to have trouble sending email, because their practices run them afoul of spam filters. (Don't just take my word on the questionable facts put forth by the anti-email tax crusaders-- Snopes has a very level-headed overview as well.)

In the interest of full disclosure, keep in mind that I currently work for an ESP (email service provider). Dealing with email delivery issues is what I do all day, every day. One of the reasons people outsource their mail to ESPs is to get expert assistance with these kind of issues. Though, I'm not trying to sell you anything. ESPs can certainly help if you’re having problems, and some problems are more complex than what I've touched on here. But, AOL's one of the easiest ISPs to deal with. My experience in this industry, and with AOL in particular, clearly tells me that it's not anywhere near as bad as some folks would lead you to believe.

The Story of "Nadine"

(Note: David Hutchens contacted me today, looking for access to the Story of "Nadine" website. I sent him an email reply, which bounced. Gotta love those aggressive spam filters. I don't know any other way to contact him, so I figured I'd post about it here.)

For those of you looking for the Story of "Nadine" website (which used to be hosted on SpamResource.com): My apologies. My hosting situation changed a number of months ago. This site is now hosted on Blogger, and I don't quite know how to get the files hosted in the same location again.

In the mean time, I'd like to direct you to the master site for the Story of "Nadine":

http://www.honet.com/Nadine/

If you're not familiar with the site, it provides some interesting data about what can happen with somebody's personal information. A woman gave her email address to some entity, with a couple of problems inherent. One, the entity did not confirm the validity of the address, so they didn't catch that she typo'd the address when entering it. Her personally identifiable information is therefore now regularly leaked to the site that owns the typo'd address, and two, the entity seems to have distributed that information far and wide. The net result is that a non-existent email address is now seemingly attributed to somebody whom it shouldn't be, and senders both great and small continue to hit the address regularly, intending to mail "Nadine."

Quick Update: Scott Richter Makes the News

This isn’t the first time he’s run into legal issues over advertising. As I mentioned before, he’s had to settle with both Microsoft and the State of New York regarding allegations relating to spam.

This time around, Richter, CEO of MediaBreakaway, (previously known as OptinRealBig), is being accused by MySpace of having "arranged for millions of spam 'bulletins"' to be sent from MySpace users' accounts without their knowledge by gaining access to them illegally, according to the lawsuit.

Read more about it here or here.

If you want to learn more about Richter, Wikipedia and Google are both great places to start.