Laura Atkins
When someone sends a complaint to your compliance desk there are a range of things you want to do, but one thing you always want to do is ensure that the recipient doesn’t receive any more unwanted email from your customer. Or, at least, not from your network. There are usually several different ways you can make sure that happens. There are big hammers a compliance desk can use in egregious cases – if the customer is immediately terminated, or has their ability to send mail suspended then there won’t be any more unwanted email to anyone, including the person who has reported unwanted mail. More normally, though, you’ll want to stop all mail from your customer to just the person reporting them immediately, at least while you look at the customers statistics and investigate further. If the report includes a copy of the offending email then there’ll be an
Eventually our subscribers won’t want our email in their inbox any more. They can stop the mail either by unsubscribing from it, or by marking it as spam. We’d far rather they do the first so we should make it as easy as possible for them to unsubscribe. Also in most jurisdictions you’re legally required to offer a functional, easy to use unsubscription channel. So, how to do that? There are a few different ways to accept unsubscription requests, and most legitimate bulk mail should offer several of them. Reply to unsubscribe The recipient replies to the email, the person handling replies removes them from the list. This is a problematic way of handling unsubscription requests. On the one hand, sending mail that recipients can’t reply to, or where replies are bounced, responded to automatically or silently discarded is fairly recipient-hostile. It’s better if those replies go to a customer
I stumbled across this story again this morning, and it’s such a lovely delivery yarn I thought I’d share it. It’s from Trey Harris, and it’s set in the mid 90s. Here’s a problem that *sounded* impossible… I almost regret posting the story to a wide audience, because it makes a great tale over drinks at a conference. 🙂 The story is slightly altered in order to protect the guilty, elide over irrelevant and boring details, and generally make the whole thing more entertaining. I was working in a job running the campus email system some years ago when I got a call from the chairman of the statistics department. “We’re having a problem sending email out of the department.” “What’s the problem?” I asked. “We can’t send mail more than 500 miles,” the chairman explained. I choked on my latte. “Come again?” “We can’t send mail farther than 500
I’ve heard quite a bit of concern about what iOS 17’s automatic removal of click-tracking parameters means, but less discussion of what it actually does. Broadly it’s Apple trying to improve user-privacy by making it harder to do cross-site tracking at scale. Cross-site tracking is the basis of a lot of privacy-violating tracking technologies, and tracking parameters added to links evade Safari’s technologies that mitigate tracking via cross-site cookies or other forms of session storage. (As partial compensation, Apple is supporting Private Click Measurement. That’ll allow ad click measurements without sending PII to the advertisers.) But, what does it actually mean? I’ve not seen much in the way of documentation, so I built a test harness, installed an iOS 17 developer beta on a spare iPad and looked at what it does. The test setup is very, very simple. I have a custom webserver that accepts clicks and logs the
One of the most common refrains I hear from folks with delivery problems is that the filters must have changed because their mail suddenly started to go to the bulk folder. A few years ago, I posted about how even when there is no change in the sender’s behavior, reputation can slowly erode until mail suddenly goes to the Gmail bulk folder. Much of that still applies – although the comments on pixel loads (what other folks call ‘open rates’) are a bit outdated due to changes in Gmail behavior. While it is often true that reputation drives sudden delivery problems there are other reasons, too. Filters are always adjusting and changing to meet new challenges and threats. We’re seeing these changes rolling out at some of the consumer mailbox providers. Steve recently wrote about changes that Yahoo! was making related to domain existence. He also posted about Microsoft getting
As a consumer there are several different sorts of email address that are described as “disposable” or “temporary”. Some of them are what we might call tagged addresses – addresses that are unique, created to be given to a specific vendor. If it’s misused by the vendor, or if it’s leaked to spammers, then the address can be disabled, either by rejecting or by silently discarding mail sent to it. Others are created for a specific use, and will only be briefly valid, either for a single email or for a short period of time (ten minutes, an hour, something like that). They typically don’t have any connection to a users “real” email address, and are just accessed via a web page. A user might use this when they’re being required to give an email address to access some sort of service but there’s no ongoing use of that email
Trekkie Monster. He’s obsessed by social media and isn’t owned by Children’s Television Workshop. What is a Cookie? I’m not talking about biscuits, nor about web cookies, at least not exactly. When you’re talking to a protocol developer a cookie is a thing you’re given, that you hang on to for a while, then give back. If you leave your suitcase with your hotel concierge they’ll give you a paper ticket with a number on it. That ticket and the number on it aren’t of any intrinsic value, nor do they really mean anything. The only thing you can do with it is give it back to the concierge to get your suitcase back. The ticket is a cookie. Conceptually a cookie isn’t something that’s meaningful except when you give it back to whoever gave it to you – so if you’re a client program and a server sends you
Seen this recently? 451 Message temporarily deferred due to unresolvable RFC.5321 from domain; see https://postmaster.yahooinc.com/error-codes This is Yahoo doing some extra work to identify that the 5321.From domain1 of the mail is acceptable to them. Yahoo are going (slightly) beyond what’s required for the return path to be valid in SMTP terms. SMTP just requires that the return path be syntactically valid – i.e., looks like an email address – and that it be deliverable. The basic DNS check you might do would be to check if the right-hand-side of the email address has an MX record2. So for a bounce address of bounces@email.example.com you’d check to see if email.example.com had an MX record. Yahoo want to also check that it looks like a legitimate address in another way, that the organizational domain of the right-hand-side looks legitimate. The organizational domain is what you might think of as a “domain”
Several times recently I’ve heard about something unusual happening email delivery-wise at academic domains that was new, and wasn’t being seen at non-academic domains on the same lists. Most recently it was aggressive following of all links in an email at delivery time, seen at several .edu domains, all using the same mail provider. Not that unusual a thing in itself, we know that corporate malware filters have done this for a while. But this seemed more aggressive than just “this mail looks iffy, lets sample a few links and look for malware”, and the new behaviour was only being seen on .edu recipient domains, not on any of the non-academic domains using the same mail provider. If any .edu postmasters can explain, please, do, but my speculation is that one big difference between academia and the corporate environment is how much control the IT security folks have over recipient
There is an ever increasing amount of spam I am getting from various companies asking for links here on WttW. The Answer is No. We do not have paid links. We do not have sponsored posts. Any links on the site are done at our whim and because we have something to say about your company. The only place we offer links is on the ESPs and Purchased Lists post. And, I gotta tell you, if you buy my address and then send me spam asking to be added the answer will be No because it’s clear you don’t have a policy that meets the criteria for addition. And, yes, folks have done this. We do not work with spammers, and we certainly don’t promote their services, not publicly and not to our clients.