|
Avoiding the Spam Can Making sure the email goes through By David Crooke, CTO, Convio Inc. Spam filters are a growing concern for all organizations using email as part of their communication strategy. Ensuring email delivery is an increasingly complex, ongoing challenge, and so Convio has made and continues to make a significant investment to offer state-of-the-art email services to the nonprofit sector. Convio provides the infrastructure, software tools and consulting expertise that organizations need to make their email initiatives successful as part of a tightly integrated suite of products tailored for the unique needs of nonprofits. The article below describes some of the issues and how to avoid them, and outlines capabilities that organizations should look for when selecting a vendor to handle their volume email. In the last six to nine months, spam has rapidly gone from a mere annoyance to a deluge, which threatens the very usefulness of email as a medium of communication. The volume of spam is growing more than twice as fast as that of useful email. Internet Service Providers (ISPs) have become engaged in a guerilla war with spammers, resorting to increasingly aggressive tactics to fend off this torrent and protect their email systems. People sending email for legitimate purposes often are caught in the middle. Organizations using email must be aware of these issues and take action to ensure delivery of their email. What is Spam? Spam is simply email that a recipient does not want. Spam is very difficult to automatically block because there is no technical definition for it and, consequently, no comprehensive, preventive technology solution. While most people would agree on whether a particular message is spam, there is a large gray area. Even with organizations applying best practices in managing mass email communication, a perennial handful of people will perceive legitimate communications as spam. Why has spam become such a problem? Email's cost-effectiveness and widespread accessibility are both its strength and weakness. Most spam advertises fringe services or outright scams because email is so much cheaper than postal mail and it only takes a handful of respondents to make it pay. Attempts to legislate against spam have been ineffective because the Internet is not subject to jurisdictional boundaries. It is just as easy to send spam from Korea as it is from Kansas, but it's much harder to hold overseas spammers legally accountable. The Internet originated as a network operated by and only accessible to a limited number of trustworthy people, so the protocols for delivering email do not verify its authenticity. Creating consensus to replace these protocols with something more secure and making the changes will take years. In the meantime, we must make the best of the technology in place. No Perfect Solutions Because identifying spam is tricky, no prevention technique can ever be perfect. Spam filtering and blocking techniques strike a balance, filtering as much spam as possible while rarely discarding or mislabeling email the recipient would want. Inevitably, some of an organization’s email will be incorrectly blocked. The goal should be ensuring delivery of the vast majority of email. Keeping to the Point The high cost of paper-based direct mail limits the volume that most organizations send. With email costing far less, organizations have to control how much they send to constituents. Over-emailing can sour people on the organization, increase complaints about spam, and drive up opt-out rates. An organization must coordinate its email communications across departments and make sure the content is relevant to recipients. Segment email recipient lists by topic and make it easy for constituents to select which mailings they receive. Content Filters Spam tends to be focused on a few "hot" topics -- favorites right now are mortgages and medications, and, of course, pornography is a stalwart. Content filtering detects keywords and phrases characteristic of common spam themes. Most modern content filters use advanced scoring algorithms, so rarely does a single, common English language word mistakenly trigger them. However, it is important to avoid use of more specific words typically found in spam. Spammers trying to defeat content filters often use uppercase letters, numbers and punctuation (especially in subject lines) to form misspelled variants of keywords which would otherwise trigger filters, for example, the brand name of a certain gentlemen's medication. So modern filters look for excessive capitalization. Avoid using a lot of punctuation or capitalization in subject lines. Also be careful not to trigger filtering by recipients themselves. Make subject lines concise, informative and literal; don't sensationalize, use clever puns or rely on generic statements also used by spammers such as "Your help needed." The “From” address should include a display name clearly identifying the organization so that the email stands out in a recipient’s Inbox, e.g., "The Helpful Society <info@helpful.org>" Playing it Straight Most spammers do not want replies from their targets or their email traced. They use open relays (insecure third-party servers) or temporary Internet connections, they forge and obfuscate email headers and URLs. Legitimate email has nothing to hide, and so all ISPs use automated filtering based on these characteristics. Your email host should ensure that all email has legitimate, traceable headers. Emails should be individually addressed. Using discussion list technology or "Bcc:" from a desktop email tool to send mass emails is no longer viable. Email distribution software which generates individual copies also typically provides superior data tracking and personalization capabilities, enhancing an email’s impact on the constituent relationship. Acquiring Addresses The most qualified additions to an organization's email house file are people who have expressed interest by signing up for email, donating, advocating or participating in other activities. When collecting email addresses, clearly inform people that the organization is collecting their address and how it will be used. Give them a chance to opt out, e.g., provide a checkbox that says, "I'd like to receive future mailings from Organization X" which they can uncheck. List Hygiene Always honor unsubscribe requests never send email without a clear, convenient and effective way for the recipient to opt-out of future mailings, and update the house file immediately upon receipt of requests, even if that means some manual processing. If sending email from multiple systems, aim to consolidate them into one and meanwhile honor unsubscribe requests across all email systems. Also weed out stale addresses, especially by automatically processing email bounces (delivery failure notices). Bounced email still consumes resources, and ISPs do not care to receive repeated emails to addresses already identified as bad. Spammers rarely bother with bounce processing, so ISPs will use a high bounce rate of inbound email as a spam indicator. Delivery Relationships Spammers and spam fighters are engaged in a constant, evolutionary "arms" race when new filtering techniques become available, spammers find new ways to fool them. But spammers cannot hide the quantity of email they produce. ISPs have been adopting a "guilty until proven innocent" approach to any source that delivers medium and large volumes of email. Companies hosting an organization’s email service must have "white list" relationships exemptions from volume-based filtering with the major ISPs to ensure email communications are not mistakenly blocked. Since nonprofit organizations typically email to home rather than work addresses, typically half a house file will have addresses for major consumer email providers such as AOL, Hotmail, Yahoo! and Earthlink, so these relationships are critical. More Extreme Filtering Techniques Among the more common, extreme anti-spam measures is a Realtime Black List (RBL). RBLs are services that maintain lists of servers and networks known or suspected as sources of spam. Individuals or email providers using RBLs install software that blocks or discards email originating from blacklisted servers. Zealous RBL operators sometimes incorrectly black list responsible email originators. Be vigilant to avoid falling victim to this type of mistake. If there is a problem, a provider should work quickly to contact the list operator and resolve the issue. The good news: use of RBLs is limited to a small proportion of email providers, typically small businesses and small, regional ISPs and a few individuals; also, an unreasonable RBL will lose its audience over time as people realize they are not receiving important emails. A more recent blocking technique is "challenge-response." An email from a new sender triggers an automatically generated reply asking the sender to respond in a way that would not be possible for a software agent, e.g., recognizing a picture. This stops almost all spam, but it also blocks legitimate machine-generated email, and there is no technical workaround. Since email addresses now have lifetime values of $1.00 or more to organizations, it is worth responding manually for now; if this technology becomes widespread, it should also become subject to white list agreements. Conclusion As the spam problem produces greater scrutiny of email, organizations must differentiate themselves from those who abuse email. The key principles for successful use of mass email are principles that come naturally to the nonprofit sector act ethically and responsibly, and respect people's wishes. Successfully managing mass email communications to maximize delivery is increasingly complex, and organizations must leverage external expertise. They should outsource mass email to a vendor who has what it takes: the software and infrastructure to implement effective technical measures as well as the human resources to maintain third-party relationships and stay abreast of new anti-spam measures. |
Copyright 2000-2008, Convio Inc.
All rights reserved.