Spam - Is it possible to do it right?

In My Humble Opinion
1

I work for a marketing company, and I have been asked to set up a mass email marketing system.

We are aware as anyone else about the annoyance of spam and we are trying to create a sevice that will be used responsbly and effectively. As a result we are looking to enforce a code of good practice for anyone who wants to use it. The system will mostly be used for sending newsletters and other pieces of information that customers have requested, but some people are bound to want to use it for sales generation.

We are advising customers of the law regarding spam, and trying to emphasize that unsolicited email has the exact negative effect to what you want. It puts off customers rather than encouraging them to sign up to whatever product.

We are also enforcing unsubscribes. Every email must have an unsubscribe link, and if a customer does unsubscribe, you will not be able to email that address through our system.

We ARE using a web bug in the emails however. For those of you who don’t know, a web bug allows us to monitor when an email is opened. Web bugs are morally iffy to say the least, and can easily be abused. I think in this case we are using them in a responsible way. The only reason we are tracking to see which emails are opened, is so people who don’t open the emails don’t get mailed again.
I’m curious to know what you guys think of this. Are there any more rules we should include? Is the use of a web bug wrong? Some people will say we shouldn’t be doing it in the first place, but if we don’t, someone else will.

All opinions are welcome.

2

Welcome to the boards Dr. !

I’d probably not worry to much about the web-bug from an ethical point of view. If you are only monitoring your own mails, I’m not sure that it matters (this is just a personal opinion) However, web-bugs won’t work through a lot of firewalls…

I’d be more worried about having a system that could soon be ruled illegal. With the rash of judgements being passed left and right these days on email marketing, it could just be around the corner that they’d decide to outlaw web-bugs being used by email marketers. You don’t want to splash out shit loads on R&D and production / implementation etc. and then have the courts say that you need to overhaul the whole thing.

If you are just putting the web-bug in to see if people are opening the mail, so that you can remove them from your list of they delete without opening, I wouldn’t. Any reputable company will have a decent “unsubscribe” link…

Also, I don’t think that “if we don’t, someone else will” is any sort of justification for anything ! Imagine setting up a child-porn site, and then using that as your defense. You should try to operate according to your own rules / morals. There are alway scum-bags who will do something - that doesn’t amke it right.

Finally. Please don’t set up another spam system. There’s too much already…

3

Welcome to the SDMB Dr Email

Web bugs in email are an invasion of privacy. Plain and simple. You are extracting information from a third party without their consent and, more often than not, their knowledge. Although in this case you seem to have good intentions, how you intend to use this information is irrelevant.

Quite apart from that, there is no guarantee the web bug will work and give you accurate information. If you emailed me one it wouldn’t work, I can tell you that. And it doesn’t necessarily require a firewall.

Unsolicited email is spam. Including an opt-out is no excuse and most people will not use the opt-out because they have rightly been warned that most spam opt-out links are fraudulent, more used to verify your email for more spam than to get you off it. And swearing blind that it’s a real opt-out won’t make a difference. Spammers are liars.

So if you really want to make your service honest and effective it should be 100% opt-in and to subscribe an email address should require a confirmation email. Otherwise it’s easy to subscribe other people’s email address without their permission.

Anything else makes your system a spam generator. Sorry.

That would be IMHO then. Hint, hint. :slight_smile:

4

One basic principle that many people hold is that you should always have to opt in to receive bulk mailings: that is, you don’t get them automatically just because someone has your email address; you have to tick a box or fill in a form or something to request them.

Allowing multiple methods of opting-out is also a good idea: a webpage people can visit, plus a method of unsubscribing by email. This will allow for people who can’t reply directly to an email (e.g. because they’re using webmail or mail forwarding), and people who may not have full web access but still get emails (e.g. at a workplace with web filtering that just happens to block your website).

Another basic thing to do is to formulate a privacy policy and display it online in an easily accessible place.

5

In addition to what refusal and Futile mentioned I would suggest a “double-opt-in” which prevents some putz from signing up his friends without their knowledge or an unscrupulous sales guy adding names to your mailing list)

A double opt-in means that first they would have to explicitly choose to sign up for your newsletter. Then they receive ONE e-mail that says “please reply to this to confirm your sign-up for our newsletter.” If the one e-mail goes unanswered, then you don’t add them to the mailing list.

It’s a safeguard to make sure that the recipient is truly the one who chose to opt-in.

Also, never, never, never use third-party lists for mailings unless they can guarantee that the addresses came from a double opt-in process (no one can really guarantee that so third-party lists are almost always spam lists).

Also as pointed out above – any Unsolicited Commercial E-mail is spam. If I did not explicitly subscribe then you would be spamming me. And so you are aware of how intolerant companies can be, if you sent even one unsolicted, “opt-out” sales message to an address at my company, you’d get blacklisted from our server and wouldn’t be able to reach anyone by e-mail ever again – such is the vengeful wrath of tour zero tolerance postmaster (and it’s supported 100% by employees who get virtually no spam in their boxes as a result.)

When I get to work, I’ll see if I can find an article on running good proper, CLEAN, non-spam e-mail distribution lists. It can be done, but you have to be diligent.

6

Thanks for the responses.

The double opt-in idea is apparently going to be law in this country in october (I’m UK based), so we will be forced to comply to that. The only problem is this is an automated system that our customers will use. We will advise them on all the rules, and try to make sure they are following them, but someone is bound to abuse it sooner or later.

The majority of our customers are professional organisations sending info to their members, so the bulk of the mail will be opted in, and the organisations should be reputable enough for people to have faith in their unsubscribe options. i will be keeping an eye on this.

The customers will be providing the data, so I can’t say for certain where it comes from. All I can do is advise them on how uneffective unsolicited spam can be (I’m only a lowly tech monkey). I’m also aware that the web bug comes will introduce firewall problems, but all I can do is advise our customers about the potential problems with this. By the way, the system will also check for anything else suspect in the email, e.g. any scripting will be rejected.

Thanks again for all the help

:slight_smile:

7

This is absolutely right. Too many companies try to make the distinction based on targeted/non-targetted or bulk/personal. It doesn’t matter whether you manually type a personal message to me, if it’s commercial in nature and I didn’t ask for it, it’s spam.

My company has a policy against doing business with spammers, and we routinely enforce this even to the point of cancelling existing contracts. I’ve had a lot of marketing people argue with me and get abusive over my characterization of their email as spam because they didn’t use a bulk mailer or a generic list. However, the fact of the matter is that whether or not a given email is spam depends only on the content of that email and the relationship between sender and receiver and has nothing whatsoever to do with how many other similar messages were sent or what the intent was.

8

I’m not sure why a firewall is even an issue for web bugs. A web bug is usually simply an embedded image in an email, so as far as the firewall is concerned it appears as a typical HTTP request. At the packet level it is no different than a browser’s request for the logo on this HTML page. A client-based software firewall might be configured to deny HTTP queries from the email client, but most of them do not permit this level of configuration; they typically allow/disallow traffic from specific apps but don’t distinquish between protocols so you couldn’t restrict web bug HTTP requests without also blocking SMTP/POP. On the client side, you defeat web bugs by turning off HTML processing of emails so the email client doesn’t attempt to query the server for the web bug image.

9

On the client side, you defeat web bugs by turning off HTML processing of emails

Quite. They’ll only work with recipients daft enough to have their mailer configured to launch straight into an HTML message and give it live access to the Web.

As to Dr E-mail’s The customers will be providing the data, so I can’t say for certain where it comes from. All I can do is advise them …: that sounds a recipe for the whole thing getting out of hand. The only way to ensure this stays ethical is to have control over the list yourself and make damn sure it only contains people who have explicitly opted-in.

Enforcing unsubscribes is unlikely to be useful, as no-one believes “unsubscribe” addresses are genuine.

10

General Questions is for questions with factual answers. IMHO is for opinions and polls. I’ll move this to IMHO for you.

Off to IMHO.

DrMatrix - GQ Moderator

11

What would help me is knowing who gave you my name.
If you’re selling insurance and my name came from AARP then I’d remember signing up for “special deals for seniors”.

If you are selling Visa cards and you got my name from my bank, I’d be a lot less resentful.

Even if you got my name because I asked for an auto insurance estimate on your website last year, it’s more convincing if you remind me of that.

12

Make your system available to your customers only on the condition that they leave you a genuine live telephone number business address and valid email address and insert those in the emails in a portion that your customers cannot edit and cannot prevent from appearing and being therefore available to the people who receive the emails.

Then if they misuse the system their victims have their phone#, biz address, and email address.

13

Perhaps I’m not understanding you, but this definition of spam sounds overbroad to me. Of course both you and your company are entitled to follow whatever policy you want, and I want to make it clear that I’m not questioning that.

But I’m not sure I understand your definition of spam.

IMHO, spam refers to a unsolicited bulk emaill, and the problem of spam arises because email is not subject to certain forces that naturally limit (more or less) other types of commercial solicitations.

While I receive “junk” paper mail, sorting through it is (for the moment at least) manageable, because I don’t receive a vast amount of it. Because it costs senders something to send me paper mail, they have an incentive to be more selective about what they send me. And frankly, the signal to noise ratio is not too bad: I find that a reasonable portion of the unsolicited brorchures or fliers that I receive are offering something that I would at least consider buying.

Email by contrast imposes no such costs (or only very tiny costs) on marketers. So I, along with millions of other people, get 10 copies of the SAME STUPID EMAIL EVERY DAY, offering us THE SAME PORNOGRAPHIC SERVICE, that we don’t want. There is no check on these people, and their opt out option is a lie.

So what? Well, my problem is with the a*holes who send me 20 emails a day, with deceptive headers and subject lines (the latest trick is to write a subject line that makes it look like I tried to email them, and that my [fictitious] email was undeliverable). These people are spammers, and I am desperately hoping somebody figures out a way to put a stop to them. (For example, why don’t all the teenage hackers out there go after THESE GUYS, rather than rooting around in somebody’s medical records.)

My problem is NOT with a sales person who tracked down my email address somehow and is emailing, rather than calling or sending me a letter, to offer me a product. I may not be interested in his or her product, but I wouldn’t characterize their email as spam.

14

Spam includes all unsolicited commercial email. It includes other things, but if it is UCE it is spam.

Unsolicited means I didn’t already previously indicate that I wanted to receive it.

Commercial means it pertains to a product or service that is for sale.

Mine is, and that’s spam, and I want it to be illegal, and I want the law to be enforced with great zeal, and I want it to have some wicked teeth to it. $5 per ASCII character and $10 per byte of inline image, per recipient, for the first offense. Or something like that.

15

DrEmail-

First of all, someone else has already invented this wheel…repeatedly…and responsible network administrators keep shooting it out from them time and time again.

Depending on some specifics that may or may not apply, if your “mass email marketing system” were being served up on a network that has a policy which stipulates a prohibition against facilitating the delivery of spam (regardless of who is actually using the system and sending the mail)…you’re sunk, and for the good reason. The most obvious reason you mention yourself. Such a system will inevitably be abused, and the Abuse desks of internet providers know this, and can nuke your connectivity from orbit.

Depending on what ISP or upstream provider that you’re using, the life expectancy of your connection is directly proportional to the volume of complaints that your system would generate. Also, if the responsible admins of your provider are tipped-off to the simple existance of such a system on their network, they could very well pull the plug before a single piece of mail is sent from the system.

Why? There are many reasons, I’ll throw out a couple:

  • Because as soon as such a system is exploited and used to send spam, your IP, your subnet, even your entire class B can get dumped into countless blacklists, causing a potential interruption of e-mail functionality for everyone who uses the same network as you do. A provider allowing such things to happen will not retain customers and will wither and die…good riddance.

  • Because spam is approaching/has already become the majority of e-mail traffic on the internet. It is to blame (among many other things) for your increased connection fees, your slower connection speeds, your longer downloads, your ISP’s mail server(s) crashing. All of this crap that no one wants is continually clogging the pipes that (coincidentally) everyone very much want to use as often and wide open as possible.

constantine: The fine line that you draw is so thin that I can only see it if I whip my head back and forth really fast. It is certainly a line that is easily and often crossed.
Viagra is a product. Lolita porn is a product. A mortgage refinance offer is a product.
The only difference between spam sent with forged/manipulated headers and spam sent without such measures is the force with which I hit the return key when I submit my complaint to the network(s) of origin.

16

Whether it’s bulk or not has no bearing whatsoever on whether it’s spam. I don’t care how many other people received it. If an unsolicited commercial email lands in my box, I don’t need to know how many people you sent it to, what your intentions were, how targetted your message is, or anything else. A single email is defined as spam if it is fits three criteria: Is it unsolicited? Is it commercial in nature? Is it email? If it is, it’s spam.

AHunter3 and honeydewgrrl made the point, but I just wanted to reinforce. Your definition which requires the email to be part of a bulk send before qualifying as spam seems to ignore the main part of the problem and provide a loophole for excluding solutions.