Practical Ecommerce

Email Deliverability: Blacklists, ISP Blocks, Spam Triggers

Email marketing is critically important to many ecommerce merchants. But what happens if a merchant’s email is blocked by an Internet service provider? Or, worse yet, what happens if the merchant’s name or IP address lands on a so-called “blacklist”?

Email deliverability was the topic when we recently spoke with Laura Atkins. She’s co-founder of Word to the Wise, an anti-spam consulting and software firm that advises ISPs, email service providers, and private companies on email deliverability.

Practical eCommerce: What exactly is an email blacklist?

Laura Atkins

Laura Atkins

Laura Atkins: “These days, an email blacklist typically refers to a public list of IP addresses that are known to send spam or bad mail. An IP address is the unique number assigned to each computer on the Internet. It is the number that identifies the source of an email, so you know when you get connected from a sender exactly who that is on the Internet, and that identification is an IP address.”

PEC: You say it’s a public list of known IP addresses that sends spam. Who maintains that list?

Atkins: “There are actually a number of public blacklists that are accessible on the Internet. There’s one primary one that a lot of places use called Spamhaus, and they actually maintain a number of different lists. Some of them are lists of virus-infected machines. Some of them are lists of home computers that shouldn’t be sending email directly to the server. Some of them are lists of IP addresses that are directly under control of the spammer. Then there are also IP addresses that they’ve sent spam from, things that the owner of that IP address can resolve and fix and stop sending spam, and then it gets de-listed. There are also a number of lists controlled by the spam filtering companies and those tend to be private, in that you have to be a customer of that company in order to access that list.”

PEC: For Spamhaus or another of the spam filtering companies, how does an offender or a company get on that list? Does it require a complaint?

Atkins: “Most of them do not require complaints. Many of the companies maintain a list of email addresses that are not ever used to opt in to mail. So, when they get email to that email address, they know that there’s no opt-in and there’s no permission associated with that mail.”

PEC: Say I’m a merchant and someone subscribes to my list in a legitimate manner. A year later I send that subscriber an email, the subscriber doesn’t remember opting in, and complains to either his Internet service provider or to something like Spamhaus. Does the merchant get added to a spam list if that happens?

Atkins: “It depends. Spamhaus does not normally take complaints from people, although there are instances where you can send mail to Spamhaus and say, ‘Look, this is spam.’ But generally, they use their own email addresses and their own spam traps in order to identify things. The ISPs on the other hand, particularly the major ISPs that have a “this is spam” button in their interface, use the information from a user clicking on the ‘this is spam’ button as part of an algorithm to determine whether or not to accept mail from that IP address in the future. So, simply hitting ‘this is spam’ in Yahoo!, hitting “this is spam” in Gmail can affect delivery from that user in the future.”

PEC: What else factors into that algorithm — from, say Yahoo! or Gmail — besides that “this is spam” button?

Atkins: “The ‘this is spam’ button is actually the user taking a step to say, ‘I didn’t ask this mail. I don’t want this mail.’ The other things that the ISPs look at are whether people open the mail, click on the links in the mail. Is there activity with this email that makes the ISPs think that this is really mail that their users want? ISPs are mostly interested in making sure that mail their users want is delivered. They identify mail that users want by mail that users interact with, mail that users do not hit ‘this is spam’ for. If the mail goes into the bulk folder, does the user go to the bulk folder and say “this is not spam” and that’s actually one of the major ways that they identify not spam when they’re not really sure whether or not this is wanted or not wanted mail.”

PEC: Since ISPs monitor activity, what’s an acceptable open rate or an acceptable click-through rate?

Atkins: “There are a couple things to remember. One is that the open rate the sender sees is different from the open rate to the ISP sees. When senders look at open rates, they’re actually looking at displayed images, not emails opened. The ISP on the other hand can actually say they opened this mail because the ISP is managing that interface for them. So, the ISPs don’t publish open rates. They don’t publish information about what they’re looking for in any specifics. It’s hard to make any comments about what is acceptable for the senders because we don’t have access to that data that the ISPs are using.”

PEC: As an expert in the business, do you have a professional opinion or feel as to what’s an acceptable open and click rate from an ISPs perspective?

Atkins: “I really don’t. It is one of the secret sauces the ISPs just don’t share with folks.”

PEC: Speaking of ISPs, what are the largest ISPs? You mentioned Yahoo! and Gmail.

Atkins: “Yahoo!, Gmail, Hotmail, and MSN Live are the big, free mail providers that handle a large percentage of peoples’ lists. Yahoo! and Gmail alone — for some of my clients — would be 40 to 60 percent of the list. The other ones you’re looking at now are the cable providers, such as RoadRunner, Comcast and Cox, and those are really the folks where the majority of ‘B to C’ list will store the addresses; those are really the folks that are important to getting good delivery.”

PEC: Do ISPs publish any sort of rules or guidance for senders of emails that can help companies that genuinely want to do the right thing and get their emails delivered? They don’t want to send spam. Do the ISPs offer guidance?

Atkins: “Yes, they do. Most of them have websites that are Postmaster.roadrunner.com or Postmaster.yahoo.com. They provide information for senders about what the acceptable standards are, such as, ‘We don’t want you to open more than these many connections. We don’t want you to send more than these many emails.’ Those kinds of standards, as well as, ‘If you’ve gotten mail rejected, here’s what it means and here’s how you resolve the problem.'”

PEC: Our audience is mainly ecommerce merchants. Email marketing is important to their businesses, typically. What are common mistakes that you see ecommerce merchants make when it comes to sending out emails?

Atkins: “One of the biggest problems that I see with companies is an ecommerce company that will collect email addresses over a period of months or years in anticipation of starting an email marketing program at some point in the future. They have these addresses that are a year old, 18 months old from people who did legitimately purchase from them. But the merchants have not been in communication with them since and then the merchants decide to start a newsletter program or a marketing program and just start sending mail to those addresses with no introduction, no reminder of the purchase or no reminder of the interaction with the company in the past. That causes a lot of delivery problems.

“Addresses can change. You can have addresses that are recycled and go to somebody completely different than your initial customer. Addresses can also turn into spam traps and are used to measure things like, ‘Does this sender have permission have to send this mail?’ That’s a really big problem for a lot of companies and generally, the right thing to do in that case is not to necessarily abandon the list, but to send an opt-in to that list and say, ‘You purchased from us in the last 12 months. We’re starting up an email-marketing program. These are some of the examples of the great offers that you can get. Will you sign up with us?’ Treat it as a sign-up and a welcome and a re-introduction to your company rather than just sending out the ‘we’re having a sale’ email.”

PEC: Lets take that thought a step further. Say a merchant actually makes a mistake and collects a list the way you described. Eighteen months go by and the merchant send a ‘we’re having a big sale’ email. It irritates a lot of people and the merchant lands on a Spamhaus’ blacklist or on an internal list maintained by Yahoo! or Gmail. What are the options then for the merchant?

Atkins: “The options somewhat depend on the circumstances. But if they ended up on the Spamhaus’ list, generally what will happen is you can contact Spamhaus and you can talk to the person responsible for the listing and you can say, ‘Okay, this was a list we collected over a period of years and we mailed to it once and we’d like to resolve this.’ What Spamhaus will probably tell them to do is to do an opt-in run to say, ‘We’re starting a newsletter. Would you like to opt in to our newsletter?’ And that will resolve it. For Yahoo! and Gmail, there are not very many people to contact. Most of the spam filters at the big ISPs run very hands off. It’s programmatic. It’s algorithmic. They make decisions based on the behavior observed by the ISP. So, there isn’t a person to go talk to and say, ‘We screwed up.’ But the good part about that is you can just start doing the right thing and the filters will adapt. So, if you’re consistently good, you can fix that single wrong pretty quickly.”

PEC: Let’s say I purchase a list of people that match my target demographic. The list provider is legitimate, and I have the names and email addresses of these individuals. I really want to email them. Do you have thoughts for merchants that want to do that?

Atkins: “There are a lot of issues going on there. Many of them involve fact that the ISPs typically say ‘We only want you to send the mail that our recipients have asked you to send.’ So, when you’re purchasing that list, you’re actually violating the standards that the ISPs have set for bulk mail coming into their system. That is in many respects why the email service providers don’t allow you to mail to that purchase list because the ISPs are going to say, ‘No, we’re not going to accept this mail,’ and it can cause problems for the ISPs’ other customers.

“The other issue is that long history has shown that purchase lists are often very problematic. There aren’t actually that many very honest sellers out there. I certainly have had — in the years that I’ve been consulting — worked with companies who have purchased a list from a legitimate sender and I’ve looked at it and it’s been like ‘No, this isn’t a legitimate list.’ In fact, there was one case many years ago where I did everything I could find out whether or not this was a legitimate list. I was looking at zip codes. I was looking at physical addresses, at spam traps, I was looking for a whole bunch of things on the list and I couldn’t identify anything on the list that showed that it wasn’t an opt-in list until I found my own email address on there.”

PEC: Wow.

Atkins: “My address was there as an opt-in for something and it was associated with an IP address in Mississippi. I’ve never actually been to Mississippi. There are a lot of supposed legitimate providers that aren’t as legitimate as one might hope and that’s mostly why the email service providers refuse to send to those lists.”

PEC: You would advise a client to not email to a purchased list, period?

Atkins: “That is generally what I would recommend, yes.”

PEC: Tell us about you and your company, Word to the Wise.

Atkins:Word to the Wise was founded back in 2001. We are a software and consulting provider. Our software system is a ticketing system specifically designed for use in security desks. So, if you send in a spam complaint to some of the bigger ISPs out there, that will actually go through our software and that will allow the ISP to handle their customers and the problem through their customers efficiently. It also gives this connection with the ISPs and keeps us somewhat in the loop of what’s going on, what changes they’re making, what they’re seeing in terms of incoming email. We can take that information and use it on the consulting side where we can say, ‘Okay, this is the problematic traffic. These are the things that we’re going to see coming down the line in terms of filters and these are the delivery challenges that are going to be facing customers as the consulting side of the business in the next weeks and months and years.'”

PEC: Using that data that you just referred to, are you able to say if offenders include ecommerce merchants?

Atkins: “It will sometimes. We don’t actually get the data back specifically. It just kind of gives us an idea into the general feeling from the desk. We don’t actually see the data, we don’t see who’s being complained about.”

PEC: Is there anything else on your mind in regards to email deliverability for ecommerce merchants?

Atkins: “Yes. The most important thing about email delivery is remembering that there’s actually a human on the other end of that mail client. You’re talking to someone who is an individual, someone who has his or her own wants and needs and schedules and priorities and budgets and things like that. So, when you mail to them, make sure that you’re mailing — not only to benefit yourself as the ecommerce merchant — them something that makes them feel good and it fills the need that they have. So really focus on, ‘What is my target market going to want from me in my email marketing?’ versus ‘What can I get out of email marketing?’.”

Practical Ecommerce

Practical Ecommerce

Bio   •   RSS Feed


email-news-env

Sign up for our email newsletter

Comments ( 2 )

  1. wiseclicker November 23, 2011 Reply

    Very informative and easy to understand. I believe everybody involved in email marketing, especially ‘beginners’ should read this.

  2. Carlos Rivera December 9, 2011 Reply

    Interestingly enough, Spamhaus recently blacklisted our IP address and I was dumbfounded as to how this occurred.

    It turns out, unknowingly to us, that one of the computers in our LAN had been infected and become part of the bot-net, which was being used to send out thousands of spam messages a minute.

    Takeaway: protect your computers, secure passwords, and scan them frequently. You never know when the bad guys will slip in the back door and destroy your business’ reputation.