Industry Updates

Is Canada’s eleventh-hour CASL PRA halt good for senders?

canada-2026425_640You’ve probably already heard the news.Maybe it was in your Twitter feed, or on LinkedIn, or even gossip around the water cooler this morning: CASL’s Private Right of Action is (temporarily) dead.

The announcement triggered a collective sigh of relief from marketers in North America and beyond, even eliciting a happy dance or two.

But what does this announcement actually mean? Matt Vernhout of EmailKarma details the next steps, which include a parliamentary review of the CASL provisions and a pronouncement of the new effective date.

It’s possible the legislation could remain unchanged and simply take effect at a later date, but that seems unlikely given the concerns raised by the industry in response to the pending provisions. Per Return Path, some of the key concerns included:

  1. potentially bankrupting small and medium-sized businesses (due to the legal costs of defending a class action)
  2. inordinate court time and court resources being devoted to frivolous claims
  3. litigation counsel receiving a disproportionate share of damage awards (or settlements), and
  4. negative impact to consumers where businesses (both foreign and domestic) avoid electronic communication, delay the introduction of software technologies, and pass along the cost of PRAsettlements or rulings in the pricing of consumer goods

For the past 3 years, we’ve been hearing opponents of CASL voice many of these concerns, and it appears their cries have finally made it to the ears of the Canadian government. Unfortunately it’s still too early to tell if this is a full-on reprieve or merely a temporary stay of execution.

With the deadline looming so closely, it’s likely most senders have already double- or triple-checked their compliance processes. If you fall into that camp, stay the course. Even without the PRA, the CRTC can and has levied hefty fines against CASL violators, so making sure your processes are airtight can only help minimize your risk.

Based on my interactions with senders, there are many who haven’t completed their compliance efforts. If you’re one of those who was still scrambling to beat the deadline, don’t lose that head of steam. The delay of the PRA provides a bit of breathing room, but if you’re not 100% sure you’re compliant the risk of complaints and fines isn’t going away anytime soon.

– BG

 

Delivery Essentials, best practices

Smooth transaction; highly recommended; great sender!

euro-1144835_640

Earlier this month I attended the Email Evolution Conference in New Orleans for the second year. It was a great event with hundreds of marketers and featuring excellent content, particularly in the Technology and Deliverability track. In addition to the content, listening to the questions asked by marketers during these sessions really helped to illustrate some of the common challenges seen on the sender side.

One particular question that stuck in my mind was regarding transactional messaging. Following a raised hand was a statement to the effect of, “All the best practices on the web are for marketing messages. What about transactional mail? Where are the best practices for that?”

As email experts we often tout separating transactional email from marketing mail, but we don’t often provide tips for optimizing those transactional emails. Today we intend to make that right with 3 key tips on managing your transactional emails.

1. Determine if the mail is truly transactional

The definition of a “transactional” message is likely to vary depending on who’s answering. There are many definitions of transactional – some senders consider anything sent to a member to be transactional, while others strictly limit the category to things like receipts and shipping notices. In their CAN-SPAM Compliance Guide, the US Federal Trade Commission describes a transactional message as one that:

  • facilitates or confirms a commercial transaction that the recipient already has agreed to;
  • gives warranty, recall, safety, or security information about a product or service;
  • gives information about a change in terms or features or account balance information regarding a membership, subscription, account, loan or other ongoing commercial relationship;
  • provides information about an employment relationship or employee benefits; or
  • delivers goods or services as part of a transaction that the recipient already has agreed to.

All of these types of messages require the recipient to have some sort of commercial transaction with the recipient – either a purchase or membership, but beyond that the waters can get a bit murky. The general consensus is that things like membership renewal notices, legally required notifications, and purchase receipts are considered transactional.

As a side note: if you’re sending to or from Canada, the Canadian Anti-Spam Law’s rules on transactional or relationship messaging are similar to those imposed under CAN-SPAM.

2. Stick to the 80/20 rule

To avoid issues when sending transactional messaging, you always want to be sure the primary purpose of the message is transactional in nature. While the definition of “primary purpose” is subject to some legal interpretation, the most commonly cited guideline is known as the 80/20 rule. This rule indicates that no more than 20% of a given message’s content should be promotional, with 80% or more transactional in nature.

In addition, most email professionals employ the less-scientific “sniff test” to determine if a message is transactional. This test looks at the most prominent elements of the message: subject line, preheader, the content presented first in the message body. If any of these elements is promotional in nature, the message would likely fail the “primary purpose” test. As a good rule of thumb, any promotional content should be presented below the transactional content of each message and should not be the focal point of the email.

In Canada, however, the 80/20 rule is not as relevant. Any amount of promotional content in a message may render it a “Commercial Electronic Message” and likely subject to the consent requirements of CASL. If you’re sending to or from Canada, we suggest avoiding any promotional content in your transactional messages unless you’ve consulted your legal counsel on potential implications.

3. Employ total separation between promotional and transactional streams

You’ll often hear a recommendation to have transactional (and other high-value relationship) messages sent from a separate IP address from your promotional or marketing emails. In theory, this separation prevents any potential issues with marketing emails (spam complaints, high bounce rates) from impacting the highly valuable transactional stream, which typically sees very high engagement and low complaints. However, best practices dictate going even farther and using separate subdomains for each stream.

With the impending flood of IPv6 IP addresses, major mailbox providers are relying more and more on domain reputation. If your transactional and promotional mail streams all originate from yourdomain.com, the reputation of the two streams will intermingle. One of the best ways to manage sending domains is to leave the top-level domain yourdomain.com for your corporate mail system, then use subdomains like promo.yourdomain.com and transaction.yourdomain.com for your marketing and transactional streams, respectively. This will help insulate your transactional traffic from any delivery speed bumps that might occur with your promotional sends.
Transactional emails can be a vital tool for maintaining customer loyalty and consistently see among the highest engagement rates of any email stream. They are also often underutilized. How are you managing your transactional streams? Have feedback on any of these tips, or have some of your own to share? Let us know in the comments!

– BG

 

 

Industry Updates

Verizon email is gone, but when?

verizonThere’s been a lot of industry buzz recently around Verizon’s announcement they are in the process of shutting down their email business. Most in the email industry knew this was coming, but with no solid details the ‘when’ remained a bit fuzzy. Even now, the official FAQs don’t provide a concrete timetable for the shutdown, and it seems likely it will happen in phases.

According to MediaPost, Verizon account holders have been receiving email notifications informing them of a 30-day deadline to take action. These actions include choosing to keep their verizon.net address (serviced by AOL going forward) or migrating to another service provider altogether. If no action is taken during that 30 days, the customer loses access to the account and all associated services.

Once account access is terminated, the email account is subject to Verizon’s typical account deletion timeline of 180 days of inactivity. The FAQs don’t specify, however, if the 6-month countdown starts from the most recent login or from the end of the 30-day window when access is terminated.

Verizon spokesman Raymond McConville estimates that, of its 4.5 million total accounts, 2.3 million have been active within the past 30 days – though that’s no guarantee they’ll take action on the shutdown notice.

What does that mean for senders? Sometime within the next 6 months you’re likely to see a large portion of your verizon.net subscriber addresses disappear as over 2 million Verizon email accounts are deleted. Most senders don’t have a huge component of verizon.net addresses, but it’s certainly a good idea to check now so you’re not taken by surprise by an abnormal bounce rate.

– BG

Deliverability 101, Delivery Essentials

Deliverability 101: Spam traps

It's a trap!Recently we presented a basic guide to blacklists using a rather colorful example ripped from today’s headlines. In that post we described what happens when you’re on a blacklist, but as a sender you probably want to know how to avoid getting blacklisted in the first place. And if you’re already blacklisted, you’ll certainly want to find out how you got there. Understanding spam traps can help with both.

What is a spam trap?

While the name might conjure thoughts of being lured into a sticky situation via canned meat, a spam trap is actually an email address. Sometimes referred to as honeypots, spam traps are addresses that exist for the purpose of identifying senders who are not following best practices.

A spam trap isn’t used by a real person to send or request email. Each trap is monitored by the trap operator (typically a blacklist or mailbox provider) and any mail sent to the address can cause the sender to be put on a blacklist. While the potential exists for blacklisting based on a single message sent to a trap, providers most often look for patterns of repeated hits. This could mean multiple mails to the same trap address, mail to multiple distinct trap addresses, or both.

There are two main types of spam traps in the wild: pristine and recycled. Pristine traps were created for the sole purpose of being a spam trap. These addresses have never been used by a real person and have never requested any emails. If you send mail to purchased lists or scrape addresses from the web, there’s a good chance you’ll run into this type of trap.

Recycled traps, by contrast, are the type most commonly seen by legitimate email marketers. These email addresses did, at some point in the past, belong to a real person. That person likely sent emails, signed up for mailing lists, and provided the address to others as their point of contact. Then, for whatever reason, that person abandoned the address – maybe due to an organizational change or migration to a new mail provider.

Once the recipient abandoned this address it sat dormant for some period of time (generally at least 6 months), during which time the address would have rejected all mail. After that period, the address was reactivated and became an active spam trap.

How do spam traps get on my list?

Since spam traps are designed to identify senders not using best practices, it stands to reason that failure to follow best practices typically leads to their presence in your database. Mailing to recipients who have not given opt-in permission, sending to old or outdated lists, and lack of proper bounce handling are some of the most common reasons spam traps end up within your list. In addition, typographical errors at the time of address collection can introduce traps into your list – particularly with less accurate address collection methods such as point-of-sale address transcription or collecting addresses via telephone.

What happens if I have spam traps in my list?

When you send mail to a spam trap address, the trap monitor will note the sender of the message and typically take some action against that sender. Most trap monitors also maintain their own blacklists, and in many cases these blacklists are publicly used by many ISPs and mailbox providers to filter mail. In short, sending to spam traps will probably get you on a blacklist, and that blacklisting will probably get your mail rejected by at least one major email provider.

I’m not being blocked. Why does it matter if I have spam traps in my database?

If you receive word (from your ESP, delivery monitoring service, or a trap owner) that you are sending to spam trap addresses, it’s tempting to gloss over the warning if you’re not seeing any large-scale delivery issues. A word of advice? Don’t ignore spam traps.

The presence of spam traps in your contact database is an indicator of an underlying issue with either your email acquisition practices or your list maintenance protocols. When you have spam traps in your list, you are sending mail to contacts that don’t want it or never requested it. This means that alongside the traps, you are also mailing real people who will (at best) ignore your message or (at worst) report you to their mailbox provider or a third-party spam filtering service. Even if the spam traps haven’t gotten your mail blocked (yet), you can bet the spam complaints and low engagement are keeping you out of your recipients’ inboxes.

How do I get the spam traps out of my list?

Removing spam traps from your list is, by design, a difficult process. A spam trap doesn’t (usually) bounce or reject mail. It doesn’t provide any signs or signals that it’s a trap. The trap operator doesn’t want you to be able to spot the traps in your list, because then you could simply remove the traps and not address the underlying issue.

If you have traps in your database, the best place to start is typically contacts who haven’t engaged with an email (opened or clicked) recently. Typically, we recommend targeting contacts who haven’t opened in 6-12 months. Send a confirmation request to those non-openers, asking them to confirm they are real and they still want your messages. Once that message is sent, you’ll want to suppress from your list anyone who doesn’t respond. It’s also a good idea to repeat this process at least once a year.

In conjunction with addressing spam traps already in your list, you want to make sure you cut off traps at the source. Check your list acquisition practices to be sure all of your incoming recipients have opted in for your mailings. Add CAPTCHA to any public-facing web forms to prevent automated sign-ups. Think about adding a confirmation step to your opt-in process. This could be a traditional confirmed opt-in (COI) where recipients have to click a link to be confirmed, or it could be a “soft confirmation” that considers an open to be a confirmation action.

If you can take actions that make it harder for spam traps to end up in your list, you’ll proactively decrease your risk of dealing with the difficult process of culling your list to get rid of them later.

Have a war story or questions about dealing with spam traps? Leave a comment or shoot me an email to chat!

– BG

Industry Updates, Laws and Regulations

CRTC levies first CASL fine against an individual

Last week the CRTC, the Canadian regulatory body tasked with CASL enforcement, issued notice of yet another notice of action for violations of the Anti-Spam Law. The Commission imposed a penalty of $15,000 against William Rapanos, alleging that messages sent by Mr. Rapanos in mid-2014 were in violation of multiple provisions of CASL.

This decision is noteworthy because it represents the first time a CASL penalty has been levied against an individual. All previous actions to this point have been issued against companies or corporate entities: names like Compu-Finder, Porter Airlines, PlentyofFish, and Kellogg Canada are among those hit with prior penalties.

The CRTC decision indicates that messages from Mr. Rapanos were sent without the recipient’s consent, did not clearly indicate the sender of the message, made it difficult or impossible to contact the sender, and (in at least one case) included no unsubscribe method.

Another interesting tidbit is that the Spam Reporting Centre received a total of 58 complaints about Rapanos’ messages. These complaints were mostly unique, with 50 different recipients lodging complaints to the SRC.

In discussions about CASL, I’ve heard quite a few people theorize that the CRTC is only looking for large-scale violations and penalties against smaller senders or individuals are unlikely. William Rapanos may have thought the same thing. Or he may have thought the effort and cost involved in CASL compliance weren’t worth it. Then 50 people complained, and now he’s on the hook for $15,000.

I think this decision – and the resulting penalty – proves to Mr. Rapanos and to all of us that compliance is definitely worth it.

Have questions about CASL compliance? Disagree that compliance is paramount for every sender? Leave a comment or email me to keep the discussion going!

Delivery Essentials

Know your Role: Why you should avoid role addresses

dicerole I’ve had a lot of discussions with clients who have (or should have) concerns about the role addresses in their lists. Most discussions revolve around the presence of these addresses in the subscriber database and why Real Magnet prevents them from being loaded by default.

To provide some context, let’s clarify what we call “role addresses.” They’re typically defined as any address that is assigned not to a specific individual, but instead to a role within an organization. These addresses include, but are not limited to:

  • sales@
  • info@
  • admin@
  • hostmaster@
  • abuse@

…and the list goes on and on. There is no definitive list of role address prefixes, because domain admins can set up role addresses for literally anything. However, there are really just a couple dozen role addresses that are most commonly seen, including those examples above.

Even when these addresses are provided via a clear opt-in method, they are still more likely to cause delivery issues. As a result most providers block them from being imported into email lists. In fact, some ESPs have reported that role addresses are 2-3 times more likely to unsubscribe or bounce than non-role addresses, and lists containing high numbers of role addresses typically see sharp declines in engagement.

So what’s the big deal? Why exactly are role addresses problematic? Most (but not all) of the problems with role addresses hinge on the fact they often route mail to a group of people instead of a single contact. Let’s look at some of the biggest concerns:

  1. Permission is often impossible to confirm. With multiple recipients at the same email address, opt-ins are murky at best. Let’s say you get an opt-in request from sales@example.com, which includes everyone on the Sales team at that domain. That request was made by only one of the people who actually receives those mailings. Even with a confirmed opt-in, it’s possible that the other recipients of that address do not want to receive your mailings. They are more likely to report the message as spam or unsubscribe, which brings us to…
  2. Unsubscribes get applied too broadly or reversed too easily. With a role address, one of the recipients of the message may choose to unsubscribe even while others want to continue receiving your mailings. If you use an unsubscribe method that is linked to a custom recipient ID (as most ESPs provide), that person will be unsubscribing the group instead of just his own address.In addition, recipients often send an email request to unsubscribe (or report spam). This email will likely originate not from the role address, but from their personal address that actually receives the mail. If the recipient fails to include message headers or the headers have been distorted by their email client, it is sometimes tough to know what address actually received the mailing. The personal email address may be added to a suppression list, but the recipient will continue to receive your mailings.
  3. Roles (and the people who fill them) change regularly. Let’s say you have a role address that directs to a team of employees, and let’s also say that each of those employees has made it clear they want to receive your emails. Great! Now what happens when a new person joins that team? Or a member of another department is added to that role address group to be kept abreast of team-related emails? To avoid all issues, you’d have to get a new consent each time someone new joins that address. That’s certainly possible, but not really practical and nearly impossible to track.
  4. Bounces are more difficult to process. If one of the recipients of your email leaves the organization and their address goes dark, there’s a chance the bounce response never reaches you (depending how the org handles bounces and routing). But even if you do receive the bounceback, you may not know how to process it. The address returning the bounce will not be the one that’s in your mailing list, which will cause most automated bounce handling to choke. If you continue to send to invalid addresses domains may block all your mail or, even worse, one of those addresses may roll over into a spam trap and get you blacklisted.

Now that you know the problems with role addresses, how do you avoid these issues? If you’re building a new list, you should require that recipients enter a non-role address. There are a couple of ways to do this depending on your technical resources. The most effective method is to implement real-time address checks that will reject role address submissions, but this also requires the most technical overhead. Many senders choose instead to simply inform their subscribers that role addresses cannot be used. Then, those addresses will be discarded upon list import and will not receive email.

For senders who already have a list containing role addresses, the next steps may be a bit less clear. If your list contains only a few of these addresses, it may be best to reach out to the individuals to ask them to provide a different address. This can be accomplished through a one-to-one email, phone call, or even a face-to-face conversation.

When you have a larger number of role addresses, we typically recommend sending a bulk campaign asking these recipients to update their information. Most senders do this via email (outside their ESP in many cases) or a postcard encouraging users to update their preferences to continue receiving mail.

Typically, recipients who want your emails will be willing to update their information. However, if you have some recipients who can only use a role address, many ESPs will evaluate on a case-by-case basis whether or not those addresses can be allowed in your list.

– BG

Delivery Essentials

Is my ESP lying to me?

Collodi_PinocchioIf you use an email service provider, you most likely have tracking reports that tell you the disposition of each message you send. These reports usually indicate the message falls into the broad categories of “delivered” or “bounced“. While many ESPs use more detailed categories, you just want to see if your email made it to the recipient or not…right?

Of course. So what happens when you send out that nice shiny new email and you get a response rate far lower than what you were expecting? Naturally, you check in with some of your best recipients to make sure they got the message. Your tracking shows delivered, but when you reach out they say they didn’t see the message at all. Not in the inbox. Not in the spam folder. Not even in quarantine…now what?

Why is your ESP telling you the message was delivered when it clearly wasn’t?

To answer this common question, let’s dive a bit deeper into what that “delivered” status really means.

When you hit the Send button at your ESP, your mail server will attempt to hand off your message to the mail servers for each recipient. The initial contact between the sending mail server (your ESP) and the receiving mail server (your recipient’s email provider) is often referred to as the “handshake.”

At the time of this handshake, the ESP server will attempt to hand off the message to the receiving server. When this happens, there are a few potential outcomes:

  1. The receiving mail server rejects the message due to the address not existing, the sender being blocked, or other errors considered permanent. These are hard bounces, and usually the receiving server returns a code in the format 5xy, where x and y are additional digits that indicate the specific type of hard bounce. This error typically causes a bounced status in your ESP reporting.
  2. The receiving mail server returns a temporary bounce or deferral. These bounces indicate the mail cannot be delivered at this time, but the sending server should try again later. These are soft bounces, and are typically accompanied by a 4xy error code. These can generate a bounced status in your ESP reporting if the subsequent delivery attempts are not successful. If the later sends do make it through, these will show as delivered. 
  3. The receiving mail server accepts the message for delivery. This is considered a successful delivery, and is accompanied by the code 250 OK. These are reported by your ESP as delivered. 

Once this handoff takes place, the sending server (your ESP) has no further visibility into the delivery of the message. There could be additional spam filters in place after the message is accepted, or individual user settings could cause the message not to be delivered, with no further notification to the sender.

While it’s not extremely common, even major ISPs have been known to have messages “dropped on the floor” if the sender’s reputation is not up to their standards. This is the (highly technical) term for a message that is accepted by the receiving server, but then essentially disappears. It’s not returned to the sender, but it’s also not delivered to the recipient’s inbox or spam folder. It’s simply deleted.

So how do you find out what really happened?

That can be the tricky part. Since the information is not shared with the sender or ESP, the only way to find out for sure what happened to one of these messages is to check the mail logs for the receiving server. In most cases, this will require working with IT staff on the recipient’s side who can search for the message(s) in question and provide a definitive answer on what happened to the message and why.

If the recipient’s IT team isn’t an option, you can also check the content of your message, as well as the reputation of your domain and the domains of any links within the message body. In many cases the initial handoff looks primarily at the reputation of the mail server (IP address), while the subsequent filters can include message content, link URLs, domain reputation, and other factors.

Check out the Resources page for links to some of the most popular reputation tools, and feel free to comment with any additional questions.

– BG