EmailKarma.net

Gmail Boost Phishing Protection

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Mon, 13 Jul 2009 18:15:00 +0000

Bearly a week out of Beta and Gmail is already announcing new Lab features that enhance their current anti-phishing protection for users. After enabling this feature eBay and PayPal email messages (more financial services will likely follow) will display an icon of trust showing these messages are truly from the proper financial institutions. This is a visual tool that will make it that much easier for people to trust email messages being received from their financial institutions. Shown below are samples of what you can expect once you enable this Lab feature:

Notice the keys next to the display name showing these messages are being classified as "Super-trustworthy" in the Gmail interface. However do not confuse these key icons with the Yahoo Domain Key signed message icon as they do not necessarily mean the same thing (although the Gmail authentication tool checks for DKIM signatures as part of it's trust criteria).

Kudos's to the Gmail Security and abuse team for continuing to build these tools designed to help protect their users, however I would like to suggest this become an "enabled by default" feature for all users.

To enable the "Authentication icon for verified senders" feature login to your Gmail or Google Apps account and click on the "Settings" tab (top right) and then Labs from the options - some people may have a a little green beaker they can click on which is a labs shortcut. Once your there scroll down tht page until you see the "Authentication icon for verified senders" and select enable - then click "Save Changes" button and your set.

While we are talking Labs... What's your favorite Lab feature offered currently by Gmail? I'd have to say Quick Links is my current front runner for most useful lad extension.

Photo credit: Gmail Blog

Links for 2009-07-09 [del.icio.us]

Fri, 10 Jul 2009 00:00:00 PDT

Win the battle against spoofs, spam, pharming, and phishing | iMedia
Real of Fake campaigns - can you tell the difference.

Links for 2009-07-08 [del.icio.us]

Thu, 09 Jul 2009 00:00:00 PDT

Software Developer Pleads Guilty to Spam Charge | PC World
Quote: A Virginia software developer has pleaded guilty to charges related to creating and marketing software designed to send bulk commercial e-mail messages, in violation of the U.S. CAN-SPAM Act, the U.S. Department of Justice said.

Are You A Stupid Marketer?

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Wed, 08 Jul 2009 21:00:00 +0000

Kevin Nalts seems to think he is, and he's not afraid to talk about it, but at least he is enlightened enough to know the difference.

I really like the suggestion around book covers ;)

Links for 2009-07-07 [del.icio.us]

Wed, 08 Jul 2009 00:00:00 PDT

Canadians keep falling for Nigerian letter scam
10 Canadian a month on average... Be safe out there! - remember "if its to good to be true - it's probably a scam"
Q Interactive Announces Acquisition of Postmaster Direct
Stupid Marketer Watch: A Letter to Your Boss
Quote from Ken - "In order to help e-mail managers explain to their bosses why such behavior is wrong, I’ve decided to write an open letter they can print and hand to them. I say print because we don’t want to take the chance the boss in question doesn’t know how to use links." - Love it! LOL

Links for 2009-07-02 [del.icio.us]

Fri, 03 Jul 2009 00:00:00 PDT

Highlights of proposed Canadian spam legislation : BtoB Magazine
My interview with BtoB Magazine regarding the ECPA (Bill C-27).

C-27 Transcripts

noreply@blogger.com (Matt V - Mvern78) — Tue, 30 Jun 2009 15:02:00 +0000

The transcripts from my visit to Parliament Hill concerning Bill C-27, the Electronic Commerce protection act, is now available.

40th PARLIAMENT, 2nd SESSION
Standing Committee on Industry, Science and Technology
Thursday, June 11, 2009
Full transcripts here

Witnesses include:
Professor Michael Geist (Canada Research Chair, Internet and E-commerce Law, University of Ottawa, As an Individual)
Mr. Dennis Dayman (Secretary Treasurer, CAUCE North America, Inc.)
Mr. Matthew Vernhout (Director-at-large, CAUCE North America, Inc.)

Links for 2009-06-25 [del.icio.us]

Fri, 26 Jun 2009 00:00:00 PDT

Spamtacular | IP relisted despite no more mail being sent
Quote: Now, ordinarily you look at this and you say “well, they didn’t like your mail stream and so you got relisted.” And, ordinarily you might be right. However, this client is the only one using this IP, and they haven’t sent any more mail since 6/5. That means that the IP was listed, seemingly, on the strength of no evidence.

Links for 2009-06-24 [del.icio.us]

Thu, 25 Jun 2009 00:00:00 PDT

Outlook’s broken—Let’s fix it
Quote: Microsoft have confirmed they plan on using the Word rendering engine to display HTML emails in Outlook 2010. - send your feedback to MSFT via Twitter
The Power of Word in Outlook | #fixoutlook
Microsoft responds to the Fixoutlook.org campaign: "There is no widely-recognized consensus in the industry about what subset of HTML is appropriate for use in e-mail for interoperability. The “Email Standards Project” does not represent a sanctioned standard or an industry consensus in this area. Should such a consensus arise, we will of course work with other e-mail vendors to provide rich support in our products."

Links for 2009-06-23 [del.icio.us]

Wed, 24 Jun 2009 00:00:00 PDT

CMA Chooses to 'Plug in' with Online Marketing Community
ThinData will leverage its email marketing expertise to assist CMA with improved content and segmentation of its emails, the organizatins describe, as well as to refine the creative approach while enhancing email deliverability. With CMA’s monthly email volume, ThinData will drive the email strategy for all communications, including regular weekly updates, breaking news, notification of courses and events, in addition to ecommerce-related emails.
SORBS Blacklist on the Ropes | Magilla Marketing
The proprietor of controversial anti-spam blacklisting concern SORBS, or Spam and Open Relay Blocking System, has posted a note on her site claiming the Australia-based service is likely soon to shut down.

Possible SORBS Closure in July

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Mon, 22 Jun 2009 13:24:00 +0000

Via a number of discussion groups and email lists, I received the following bulletin from Michelle Sullivan, founder of the Blacklist SORBS, regarding the upcoming closure of this service.

SORBS is currently looking at a sale of the services, hardware and code base - and according to their website "A number of offers have already been made, we are evaluating each on their own merits".

Posted in full blow with permission:

All,

Please feel free to forward this message to any other location/mailing list.

It comes with great sadness that I have to announce the imminent closure of SORBS. The University of Queensland have decided not to honor their agreement with myself and SORBS and terminate the hosting contract.

I have been involved with institutions such as Griffith University trying to arrange alternative hosting for SORBS, but as of 12 noon, 22nd June 2009 no hosting has been acquired and therefore I have been forced in to this announcement. SORBS is officially "For Sale" should anyone wish to purchase it as a going concern, but failing that and failing to find alternative hosting for a 42RU rack in the Brisbane area of Queensland Australia SORBS will be shutting down permanently in 28 days, on 20th July 2009 at 12 noon.

This announcement will be replicated on the main SORBS website at the earliest opportunity.

For any hosting suggestions/provision, please be aware that the 42RU space is a requirement at the moment, and the service cannot be made into a smaller rackspace without a lot of new hardware, virtual hosting is just not possible. The SORBS service services over 30 billion DNS queries per day, and has a number of database servers with fast disk to cope with the requirements.

Thank you for all your support over the years,

Michelle Sullivan

Dutch ban all spam e-mails

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Fri, 19 Jun 2009 17:02:00 +0000

Radio Nederland Wereldomroep (Radio Netherlands World) is reporting that the Current Dutch Anti-spam legislation, focusing on Unsolicited Emails to individuals is being updated to also include emails sent to corporations.

Full report:
The economic affairs ministry says all spam e-mails will be against the law in the Netherlands from October. It was already illegal to send spam e-mails to private individuals but the ban will be extended to cover companies as well.

Deputy Minister of Economic Affairs Frank Heemskerk says the measure is not just aimed at nuisance e-mails but also against crime. Spam e-mails can be used to obtain information contained in computers. Under the new measures, Dutch companies which send spam e-mails will face fines of up to 450,000 euros.

Hat tip: @aliverson via Twitter

Presentation to the Standing Committee on Industry, Science & Technology

noreply@blogger.com (Matt V - Mvern78) — Mon, 15 Jun 2009 20:41:00 +0000

Originally published on CAUCE.org.

On June 11, 2009 Dennis Dayman and I set an afternoon with the Canadian Government's Standing Committee on Industry, Science & Technology to stand witness for the Electronic Commerce Protect Act in two capacities. First we acted as representives for CAUCE NA - an all volunteer organization representing the consumer and end user - and secondly as representatives of the legitimate email marketing community. Below you will find our opening statements to the Committee (and if you have two hours to listen here is the link to the audio recording of the entire session - transcripts to follow).

Mes dames et messieurs je m’appelle Dennis Dayman. I am the Secretary-treasurer of the Coalition Against Unsolicited Commercial Email, CAUCE, a group representing computer-users in Canada, and the rest of North America. CAUCE thanks you for the opportunity to speak to Bill C-27, The Electronic Commerce Protection Act.

As you can probably tell from my accent, je ne suis pas Canadien, je
suis un Americain, et je regrette que je ne parle pas français.

So why is an American here today addressing this esteemed committee?
Well, reflecting the way in that spam is a pan-global problem, some
years ago, CAUCE Canada merged with their American counterparts to
better serve our constituents. Spam respects no borders, and to best
represent computer users on both sides of our mutual border, we decided
to mount a coherent CAN-AM front against the blight of Spam 2.0

You heard me correctly ladies and gentlemen. CAUCE, once the exclusive domain of computer geek anti-spammers has openly embraced the marketing community for a decade now, and counts among its members and executives many individuals and companies who have an enlightened view as to why an anti-spam law works in all our favour.

My colleague Matthew Vernhout and I both work for large international ‘email service providers’, (myself for Eloqua, and Matthew at ThinData Canada’s largest ESP, both of these companies were founded and continue to operate in Toronto. Our companies provide sending infrastructure for marketing email, sending on behalf of such companies as Fidelity, Air Canada, American Express, and literally hundreds of small and medium-sized companies and we are very much in favour of this law.

Continue reading: "Presentation to the Standing Committee on Industry, Science & Technology / Comité permanent de l'industrie, des sciences et de la technologie (INDU)"

CAUCE North America Announces Renewed Corporate Sponsorship By Return Path Inc

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Mon, 08 Jun 2009 13:50:00 +0000

As a Director with CAUCE I'm happy to share this news - Original source CAUCE NA

Cauce North America Inc. -- The Coalition Against Unsolicited Commercial Email (http://www.CAUCE.org) -- Today announced at The Messaging Anti-Abuse Working Group meeting (MAAWG) that it has received additional financial support from Return Path Inc.

The viewpoint of computer end-users is often one missing from the anti-abuse discussions, CAUCE works to ensure they have a place at the table and these stakeholders' unique and vital perspective is considered when formulating policy to help stop Internet abuse. As well, CAUCE actively works to assist training law enforcement agents in the investigation of illegal spamming.

CAUCE, after a decade of purely volunteer ad-hoc operations, officially incorporated in 2007 and began to accept paid memberships from individuals and sponsoring companies and organizations to help defray operating costs.

"The ongoing, and generous financial support of Return Path by way of their renewed corporate membership in CAUCE will help us to continue to advance the interests of the true victims of Spam 2.0 (the blended threat of spyware, spam and viruses), the computer end-users" said CAUCE president Dr. John Levine

Matt Blumberg, CEO of Return Path inc. said, "Supporting the interests of consumers is vital to the health of the email ecosystem, and CAUCE is uniquely suited to work in this area. Return Path is delighted to support CAUCE in its ongoing efforts to create a clean, well-lighted place where consumers can feel safe and confident interacting through email."

"This renewed corporate membership will allow CAUCE to maintain a demanding travel and conference schedule in the coming months, including ongoing discussions with lawmakers and governments, The London Action Plan/EU Contact Network of Spam Authorities conference in Portugal, and of course, having representation at MAAWG" explained John Levine

Levine continued "CAUCE was actively involved in the Canadian government's Task Force on Spam in 2004-2005, the end-result of which was the recent tabling of Bill C-27 in the parliament of Canada; memberships such as that of Return Path Inc. allow us to continue to directly involve ourselves in the legislative process".

About CAUCEThe Coalition Against Unsolicited Commercial Email CAUCE North America was formed in March 2007 from a merger between the original CAUCE in the United States and CAUCE Canada, combining the strengths of the two sibling CAUCE organizations. CAUCE NA, as an all-volunteer consumer advocacy organization, has moved beyond its original mission of encouraging the creation and adoption of anti-spam laws to a broader stance of defending the interests of the average Internet user. CAUCE NA is led by a combined Board with a cumulative century of experience in the field of Internet advocacy.

CAUCE NA represents the interests of Internet end-users to the following organizations:

* The Anti-spyware Coalition (ASC)
* The Anti-phishing Working group (APWG)
* Digital Phishnet
* Internet Corporation for Assigned Names and Numbers (ICANN)
* Internet Governance forum
* The London Action Plan / EU Contact Network of Spam Authorities
* The Stop Spam Alliance

About Return Path
Founded in 1999, Return Path helps commercial email senders get more email delivered to the inbox. Our tools and services give senders the insight and resources to diagnose and prevent email deliverability and rendering failures by improving and maintaining their email sending reputations. Our Professional Services division then helps our client improve ROI and response by creating consistent and compelling subscriber experiences across the email customer lifecycle. Return Path runs the internet's most widely used third-party whitelist, the Return Path Certification Program. Return Path also invented the Sender Score, an email reputation measure based on data contributed by ISPs and other receivers of large volume email into the Return Path Reputation Network. We offer free access to our Sender Score to any sender, receiver or consumer of email at our reputation portal: http://www.senderscore.org Information about Return Path can be found at http://www.returnpath.net

See you at MARCOM - June 3 and 4th

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Tue, 02 Jun 2009 20:56:00 +0000

So I'm off to MARCOM tomorrow to talk on the topic "How to build email marketing campaigns that get the results you need". This should be fun - I aways enjoy these types of events. Getting out and educating people helping them understand the finer points or email marketing and the pitfalls for taking short cuts. I'm also planning on talking about C-27 to the group so if your attending your not going to want to miss this!

I will also be hanging out at the ThinData booth both days, so if your around drop by and say hi! I'll even try to live tweet the over at @emailkarma.

See you there!

EMAIL ALERT: China blocks Hotmail and more...

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Tue, 02 Jun 2009 15:32:00 +0000

The Guardian is reporting that the Chinese government has taken steps to block access to Hotmail, Window's live mail and many other applications (one can guess Yahoo is also included) as the 20th anniversary of Tiananmen Square approaches.

Marketers may want to identify these segment of their lists and hold off on mailing subscribers so inboxs are not clogged when (if?) the ban is lifted and to prevent unnecessary bounces that may effect the hygiene of your list.

This looks to be targeted towards a number of information sharing services including Blogger, YouTube and Twitter.

AS we gather more information we will be sure to share it with you.

Email Delivery is like a Night Club

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Wed, 27 May 2009 20:33:00 +0000

Today I was sitting down with a co-worker and they asked about whitelisting. More specifically why is it that you still need to ask the recipients to add you to their address book even when your whitelisted with an ISP. To complicate this, he asked "How do you explain it simply to a client so they would understand it".

Here is what I came up with in a simple to explain scenario that most people can relate to...

Whitelisting is like being on the guest list at a night club [ISP] - you get to by pass the longest part of the line [connection filtering] waiting to get in and generally get put in a much shorter line (or bypass the line all together). Now the bouncers [postmaster team] control the guest list for the club and decided if you get to access it, if you should be put on it or the blacklist. Usually they do this by reviewing your past participation in club activities [delivery metrics - Bounces, complaints]. If you have been good in the past and you get into the club your that much close to your recipients...

However this does not always mean you are getting direct access to the party host [subscriber] as many other things get considered; Did you remember to bring your ID [Authentication], are you dressed well enough to be in the club [content filtering], what was your past behaviour like while visiting this particular club and finally are you on the list [in the address book] for the VIP section [The inbox] to archive your goals.

I hope you enjoyed my little analogy on why you need to get in the address book as well as work with ESPs, Reputation Services and ISPs that have white listing agreements/services.

Remember you're an invited guest, party crashers will get bounced at the door.

Cartoon: Anti-spam Connection filtering

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Thu, 21 May 2009 20:29:00 +0000

A fun little video demonstrating advanced anti-spam techniques. Enjoy!

Brought to you by the people over at theemaillaundry.com

Alltel.net is now Windstream.com

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Thu, 21 May 2009 14:56:00 +0000

Not sure how this one slipped past me but as of May 15th users at the Alltel.net domain have had their email addresses changed to the Windstream.com domain.

This type of change has happened several times in the past with domains like home.com, and a number of RoadRunner/Comcast domains changing, however this time there seems to be a unique situation to the switchover that was not present in the prior domain changes. Email alias' are staying the same... an excerpt from the announcement to customers:

To help you through this transition, Windstream has created a new @windstream.net address that is ready for use today. Your new address will be the same as your existing address, except that we've simply replaced @alltel.net with @windstream.net. For example, joecustomer@alltel.net now has a new address of joecustomer@windstream.net. As a further benefit, messages sent to your current @alltel.net address will also be copied to your new @windstream.net address until May 15.

This type of change over doesn't happen often, but is possible if the new domain is one with no other users.

However this doesn't mean that everyone kept the same old alias so if you decided to simply replace the domain names I caution you to be very careful and to send an opt-in verification email after you modify the addresses to ensure the recipient:

A) is the correct person from the prior domain and,
B) can confirm that they still want to receive your email. Many people will use this type of change to rid themselves of an accumulation of spam from their old email address.

I'm hearing reports that the alltel.net addresses are still working - for now - if you hurry you can send an update your information email to your subscribers and get their new addresses. No information on when the bounces will begin but it could be any time - I will update when I see this start to happen.

OTA: Call for public and government input

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Wed, 20 May 2009 18:55:00 +0000

Seattle WA - May 20, 2009 - Today the Online Trust Alliance (OTA) released its 2009 draft Online Trust Principles for public comment. The Principles are a major step toward establishing business practices that afford greater consumer online protection and the long term vitality of online commence and interactive marketing.

After a 30-day comment period and subsequent ratification, OTA will work with business and regulatory agencies to drive adoption - focusing on leading ecommerce and banking sites that are stewards of significant amounts of consumer data and, therefore, at risk as frequent targets of online exploits. Those brands which show the highest level of support will be recognized and be eligible for OTA's annual online safety awards.

"Implementation of these Principles is not only achievable but required to ensure consumers' peace of mind and protect the online economy from abuse," said OTA Founder and Chairman Craig Spiezle. "We look forward to our continuing work with the world's leading brands and organizations to help them realize a new level of trust with their customers."

The Online Trust Principles are broken down into three categories:

1) Infrastructure, protection of servers, web sites, desktops and mobile devices
2) Data, that includes both sensitive and Personally Identifiable Information (PII)
3) User Control, Choice and Privacy

Taken together, these Principles will help prevent, detect and disable threats and business practices that can compromise consumers' online trust and confidence, including their identity and privacy.

Copies of the draft Principles may be found at https://www.otalliance.org/resources/principles.html.

Comments should be sent on letterhead to staff@otalliance.org.

I've been too quiet...

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Tue, 19 May 2009 19:19:00 +0000

Sorry for the lack of posts recently but our office has been moving and I've been busy preparing. Needless to say we have come out on the other side of the move unscathed and upgraded with more space and room to continue growing as a company.

Here are a few pics of my new space.

My desk as you walk in (already a small mess on day 1):

My bookshelf and from a sitting view (white board is yet to be hung):

My door - Yes I now have a door and a personal office ;) - Facing out:

Expect posting to return to normal now that my the office life has returned to normal.

DNSBL.NET.AU to shutdown April 1, 2009

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Wed, 29 Apr 2009 18:41:00 +0000

The Blacklist DNSBL.NET.AU will be shutting down very shortly, please review your spam filters to prevent a disruption of services.

A warning from the DNSBL.NET.AU:

Please note that as of Wednesday, April 1, 2009 the DNSBL.NET.AU blacklist will cease to exist. Prior to this date, please ensure that all MTA's that are utilising the DNSBL blacklists are reconfigured to no longer point to these servers.

WARNING!!!!!
What happens to your email system, after our protection system firewalls your dnsbl.net.au querying server is COMPLETELY BEYOND OUR CONTROL!!!! Email systems relying upon a timely response to DNS queries to dnsbl.net.au may timeout, delay email, or even prevent email delivery entirely. Please, if you do not understand this warning, cease using dnsbl.net.au services immediately, and consult your local technical support people.

Note the domain AU - Australia - and account for the time zone differance of UTC +8, +9 and +10 in comparison to Eastern Standard is UTC -5.

Hat tip: DNSBL.net
Photo Credit: DNSBL.NET.AU

Canada's Electronic Commerce Protection Act

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Tue, 28 Apr 2009 15:04:00 +0000

NOTE: This is NOT LEGAL ADVICE - just my own personal interpretation and understanding of the proposed law. Please read this law yourself and also have your council review it for your protection.

Recently the Canadian Government introduced the Electronic Commerce Protection Act [ECPA] (aka: Bill C-27), an Anti-spam act that covers; email communications, unauthorized installed applications and the alteration of data during transmission between senders and recipients. This post will only deal with the Email portions of the Electronic Commerce Protection Act, and does not include information on installed software or data alteration.

What is the Purpose of the ECPA?

The ECPA is a law designed to promote and protect electronic communications while discouraging the abuse of these resources that threaten to; impair the reliability, efficiency of electronic activities, prevent additional costs to businesses and consumers, protect the privacy and the security of confidential information and strengthen the confidence of Canadians in the use of electronic means of communication and commercial activities. This enactment also makes several amendments to related laws; the Competition Act, Personal Information Protection and Electronic Documents Act (PIPEDA), the Canadian Radiotelevision and Telecommunications Commission Act and the Telecommunications Act.

What is considered a Commercial Electronic Message under ECPA?

The ECPA defines a commercial electronic message as an electronic messages that consists of: the content, the hyperlinks, the contact information, where the purpose is to encourage participation in a commercial activity that;

(a) offers to purchase, sell, barter or lease a product, goods, a service, land or an interest or right in land;
(b) offers to provide a business, investment or gaming opportunity;
(c) advertises or promotes anything referred to in (a) or (b);
(d) promotes a person, including the public image of a person, as being a person who does anything referred to in any of (a) to (c), or who intends to do so.

Also the ECPA clearly states that An electronic message that contains a request for consent (READ: Confirmed opt-in notices) are also considered to be a commercial electronic message. The ECPA also lists several types of excluded communications like; responses to customers service enquiries and applications, law enforcement, public safety, the protection of Canada, the conduct of international affairs or the defence of Canada and personal communications.

Who is governed by the ECPA?

After reading through the act, it looks like every corporation registered under a Federal or Provincial licence for the purposes of Commercial Activity are going to be effected by this law. I also understand this covers Non-profits, co-ops, sole proprietors and partnerships.

What are the Requirements for Marketers under the ECPA?

When sending commercial email you can only send to a recipient has consented to receiving it (express or implied - def'n below) and the message complies with the purpose of the ECPA described above.

All messages being sent must;

Clearly identify the person who sent the message and the person (if different) on whose behalf it is sent - Add your physical postal address and company name to all emails
The messages must provide a method where the recipient can readily contact the person(s) responsible for sending the message (MUST be active for 60 days after the messages was sent) - Enable replies to go to your customer service and stop using No-Reply
Provide a working unsubscribe mechanism (more below) that removes an address within 10 days - the faster the better.

An important thing to note is that the ECPA states that an electronic message is considered to have been sent once its transmission has been initiated (by the sender) and that it is irrelevant if the intended recipient address exists or if message reaches its intended destination. This reference makes bounce management even more important for mailers to monitor and clean from your list.

When your working with your clients/members/subscribers and asking for their consent there are several things you should remember and incorporate into the process (I've talked about these types of things before);

(a) Clearly state the purpose(s) for which the consent is being sought
(b) Clearly identify the person(s) seeking consent
(c) Clearly define any other prescribed information about how data is collected and plans to be used.

How are express or implied consent different under the ECPA?

The definition of Implied Consent when the person(s) responsible for sending the messages has an existing business relationship or an existing non-business (def'n below) relationship with the recipient. While the “existing business relationship” means a business relationship (within the 18-month period preceding the day on which the message was sent) between the person to whom the message is sent arising from;

(a) the purchase or lease of a product, goods, a service, land or an interest or right in land
(b) the acceptance by the person to whom the message is sent of a business, investment or gaming opportunity
(c) the bartering of anything mentioned in paragraph (a) between the person to whom the message is sent
(d) a written contract entered into between the person to whom the message is sent and any of those other persons in respect of a matter not referred to in any of paragraphs (a) to (c), if the contract is currently in existence or expired within the 18 month period
(e) an inquiry or application, within the six-month period immediately, made by the person to whom the message is sent

A non-business relation is clarified to include a person that made a donation, a gift or performed volunteer work with; a registered charity, a political party or organization, or a person who is a candidate for publicly elected office. This Non-business relationship also covers membership in a club, association or voluntary organization. These relationships must have occurred within an 18-month period preceding the day on which the message was sent.

What do I need to know about managing unsubscribes?

The unsubscribe mechanism must specify an electronic address to which the unsubscribe notice may be sent or provide a hyperlink by means of which the recipient can provide their opt-out notice. Providing both options an email unsubscribe and a landing page unsubscribe is highly recommended.

Are there penalties for Violating the ECPA?

Yes, significant monetary penalties have been set out within the act. The maximum penalty for a violation is $1,000,000 in the case of an individual, and $10,000,000 in the case of any other person.

Where can I get a copy of the Bill C-27?

You can find Bill C-27 here (pdf - I recommend you download the document - right click and save link as)

Will We Finaly See A Spam Law In Canada?

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Fri, 24 Apr 2009 18:56:00 +0000

Canada.com ran this story this morning, "Tories to crack down on spam", hinting that an Anti-Spam bill is about to be tabled in the Canadian parliament.

What's the good news? The bill was drafted by Industry Canada, hopefully based on the Task Force on Spam* published recommendations ( Stopping Spam: Creating a Stronger, Safer Internet - PDF) and the Canadian Justice Department.

What's the bad news? I still haven't seen the paper work... as it has not been made publicly available yet - but watch for it, I'll post a link to it along with my opinions and comments shortly after I receive a copy myself.

* Likely you don't know this but way back I was a member of the Canadian Task Force on Spam (circa 2004-2005).

Q&A: An Offer In A Confirmation Message

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Thu, 16 Apr 2009 19:16:00 +0000

Q: Dear EmailKarma.net,

We've been sending confirmation emails with a thumbnail view of one of our newsletter articles the registrants will receive as part of our email program. What are the ramifications of switching the article thumbnail for a thumbnail of one of the actual offers that we would be sending?

Here are a sample of what we are considering:

Thank you for opting in to receive our email communications.

To complete the subscription process please click the link below to confirm your registration. [LINK]

OPTIONAL TEXT #1

Below is an example of one of the informative articles you will receive as part of your subscription. [ARTICLE IMAGE]

OPTIONAL TEXT #2

Below is an example of one of the relevant offerings you will receive as part of your subscription. [OFFER IMAGE]

The offer could be any of our current promotions.

Thanks so much for your help!
[Name Withheld]

A: Hi,
If your truly considering this my suggestion would be to test it and see if it has any impact on your confirmation rates. Don't forget to set the proper expectations with members when you are collecting their email address and during the confirmation process.

Before you go ahead with with I would caution you on the following:

Confirmation emails are transactional and treated different then commercial emails under CAN-SPAM - putting the "Offer" in the message changes the focus of the message and how you need to treat it legally.

I believe Confirmation messages are for Confirmation of subscription - not promotion - use a follow up "Thank you" for confirming your subscription message with an offer instead.

Anyone else with opinions? Please share them in the comments.

OTA Warns of Government and Retail Authentication shortfall

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Tue, 14 Apr 2009 19:53:00 +0000

Release received from the OTA:

SEATTLE, WA - April 14, 2009 - The Online Trust Alliance (OTA) today gave leading government agencies and online retailers a failing grade in preventing deceptive email and phishing scams based on its newly released analysis of email authentication adoption. While adoption has grown over the past year, OTA found approximately 56 percent of the top .gov sites - including Whitehouse.gov, FBI.gov, Treasury.gov and DHS.gov - still are not protecting U.S. citizens through the use of email authentication. At the same time, progress has been made by other government agencies including the Census Bureau, CIA, FDIC, VA and FTC.

The organization also found that among the top online retailers 45 percent have not adopted email authentication - leaving brands, domains, and most importantly consumers exposed to security and privacy threats. While OTA recognizes many leading brands including Amazon, Dell, Office Depot, Apple, Costco and Staples have adopted increased online security measures, many others including Sears, Victoria's Secret, Gap and Nordstrom are failing to adequately protect their brands and customers through email authentication.

OTA will also release similar data on The Fortune 500 at the upcoming OTA Online Trust Town Hall Meeting on April 23 in San Francisco. At the forum, OTA will present best practices including data governance, privacy and behavioral targeting with the goal of increasing the adoption of best practices to protect consumers.

"It is incomprehensible that in this period of escalating online scams and diminishing consumer confidence these agencies and businesses continue to sit on the sidelines," said Craig Spiezle, OTA Chairman and Founder. "Best practices not only need to be adopted by business, but also by governmental agencies. OTA members reiterate their willingness to provide resources and assistance to these organizations."

With the tax deadline tomorrow, OTA recognizes the U.S. Internal Revenue Service (irs.gov) for their adoption of best practices and commitment to curb online abuse. Recognizing the increasing levels of phishing and scams targeting US citizens, the IRS adopted many best practices including Extended Validation SSL certificates, email authentication and other security and privacy protection measures.

Need help getting Authenticated? Read my prior post on Email Authentication

Get listed in The Email Guide

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Wed, 08 Apr 2009 20:32:00 +0000

I was talking with Jeff today about his latest project, The Email Guide. A directory service for Email Marketing organizations - everything from ESPs, to agencies to Industry related blogs can be found. In fact Jeff and his team have been hard at work and many sites are already pre-populated and just waiting to be claimed. While we were talking I surfed on over and was able to claim EmailKarma.net as my own in a matter of minutes. I suggest you do the same...

What's that? Your not listed... Don't be offended listings are free and take only a minute or two longer to setup. They are not snubbing you - just building the list as they go.

After our call Jeff sent me a short description of the service...

From: The Chief Email Officer @ The Email Guide

When I started to build The Email Guide I asked myself, what should our value proposition be? Based on my 10 years of experience in the email industry, I knew that businesses continued to face extremely confusing choices between technology platforms and service providers while vendors were finding the arena to be noisy, competitive and driven by commoditized CPM rates.

I wanted to help by bringing some clarity and cohesiveness to the Interweb and blogosphere and help marketers understand the multitude of different services that were offered. I also wanted to offer service providers a place where they could attract qualified traffic and differentiate their products and services.

My hope is that you will find what you’re looking for and take part in this exciting project.

The Email Guide - More Finding - Less Searching.
Built for email marketers and service providers

All new listings receive the Showcase listing level at no charge for 3 months for trying out The Email Guide.

New Whitepaper on Email Marketing Best Practices

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Thu, 02 Apr 2009 20:52:00 +0000

Announcing the release of ThinData's most recient "Email Marketing Best Practices" whitepaper.

This whitepaper is an exclusive collection of practical and actionable techniques to help you successfully:

Acquire new customers
Retain existing customers
Strengthen your reputation
Enhance your profile

Download Email Marketing Best Practices now.

While your there, If you haven't read it yet, pickup "The Marketer’s Guide to Successful Email Delivery".

If B2B email could talk...

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Mon, 30 Mar 2009 18:58:00 +0000

Mark, over at Email Marketing Reports, has a great video on the interactions of B2B email communications titled - "If B2B marketing emails could talk".

Does your B2B messaging sound like this?

It's Alive! RR.com Feedback loop now available

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Mon, 16 Mar 2009 19:02:00 +0000

I just received word that RR.com's Feedback loop is now available. There is some important information you need to know so read carefully (highlighted to help).

Legacy (current FBL users) still need to apply for the new program - there is no migration
Existing FBL will end April 30, 2009
You may see duplicate reports during the interm period

Here is the note from RR.com:

We are writing to inform you that our long-promised new Feedback Loop is now online and accepting enrollment applications.

The URL for our new Feedback Loop enrollment page is here: http://feedback.postmaster.rr.com/

If you are presently enrolled in our legacy Feedback Loop, you must still apply for enrollment in our new Feedback Loop. We will not be migrating existing enrollments.

Our legacy Feedback Loop will cease operations on April 30, 2009.

During the transition phase, you may get FBL reports from both our legacy Feedback Loop and our new one; we will work with our FBL hosting partner to attempt to minimize these duplicates.

Smith-Harmon Releases Retail Welcome Email Benchmark Study

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Fri, 13 Mar 2009 13:50:00 +0000

Smith-Harmon, reciently announced the release of the Retail Welcome Email Benchmark Study. Taking a look at welcome email programs and best practices among a number of major online retailers.

Given the opportunity to build trust between the consumer and the marketers, it’s unfortunate that so many still don't seem to be taking advantage of these messaging programs. Smith-Harmon's study of the welcome programs of 112 of the largest online retailers, reveals that only 76% even send out welcome emails. While that’s up from 72% in 2007 and 66% in 2006, it’s concerning to see that many are missing out on a great opportunity with these programs.

Key findings from the study include:

Text-only welcome emails are becoming increasingly antiquated. More than 89% of retailers sent HTML welcome emails, up from 78% in 2007 and 69% in 2006.
The role that welcome emails can play in ensuring future deliverability of emails is growing. More than 68% of retailers used welcome emails to ask new subscribers to add the sender to their address book, up from about 62% in 2007 and 49% in 2006.
The number of top online retailers making their emails CAN-SPAM compliant rose significantly. Nearly 71% included both an unsubscribe link and their mailing address, up from 58% in 2007 and 52% in 2006.
While 15% of welcome emails include a forward-to-a-friend link, none of those studied included a share-with-your-network (SWYN) link. We expect many marketers to adopt SWYN this year, including adding it to their welcome emails.

Could you be doing more with your welcome program? Get the report here (13.4 MB - right click and save link as...).

Q&A: Text in images are spam filter proof?

noreply@blogger.com (Matt Vernhout - @EmailKarma) — Mon, 02 Mar 2009 22:03:00 +0000

Q: Hello EmailKarma.net,

I'm going back and forth with a co-worker because I have advised that a client remove some of the text from their latest creative. My Co-worker is adamant that that spam filters can't read text within an HTML image, and that the message should be fine to send.

If that's true, do you think its about to change? Also heard emails are being 'fingerprinted' and treated accordingly by inbound filters at the ISPs, do you know about this?

Thanks,
[Name Withheld]

A:

Hi,

Images are no longer the safe haven for text that might be questionable to to spam filters, there is actually a very well known image reading SpamAssassin plug in called FuzzyORC.

The basis of the FuzzyORC system utilizes the Optical Character Recognition (commonly used by scanning software to import paper documents as an editable document) service to read the text in an image thus allowing the SpamAssassin tools to analyst the content of the image. This software became extremely popular over the last 2 years as spammers moved from text based messaging to image based spam to avoid keyword spam filtering.

Other systems like the Barracuda Networks spam firewall use a digital Finger Print, built from the messages received by their spam trap network to classify spam regardless of the contents. Messages with the same images become easy to detect as all of these will have the same finger print and thus be easy to detect and filter. This is especially common in legitimate email traffic as the sender is not modifying the content or appearance of the image for each message (or group of messages), this is a common tactic used by spammers.

The practice of finger printing email has become common place and I strongly believe that all commercial spam filters are doing this to some degree.

Thanks for your question.

Do you have a question for EmailKarma.net? Send us an email or leave a comment.