When 'Best' Practices Become ISP Law
While reviewing Gmail's guidelines for bulk email senders, I noticed a startling development: Best practices for email sending that my colleagues and I have advocated for years have now become requirements or "highly recommended" (hint, hint).
A quick tour through the bulk-email or postmaster pages at other major ISPs and email providers shows that they, too, have moved beyond technical requirements to specify procedures such as getting explicit permission before sending email, sender authentication and list hygiene.
It confirms my stance that for U.S. senders, just meeting CAN-SPAM regulations for commercial email, such as a working unsubscribe, a street address, and permanent removal within 10 days, is no longer enough.
Instead, CAN-SPAM is now just the jumping-off point. As they used to say in old Western movies, the ISPs are the law in these parts. And they lay down that law on their postmaster pages. See the list at the end of this column.
Here are five examples of best practices that ISPs have codified into requirements and recommendations (which you should interpret as requirements):
1. Use double opt-in subscription: Sure, CAN-SPAM permits opt-out. But everybody else, including European Union countries, mandates a minimum of single opt-in. Yahoo even specifies double opt-in.
From Yahoo's Postmaster page: "Send email to those that want it. ... use confirmed, opt-in email lists. To do this, after you receive a subscription request, send a confirmation email to that address which requires some affirmative action before that email address is added to the mailing list."
2. Don't pre-check the subscription box: "Negative consent" works for the Book of the Month Club, but not email marketing. Although CAN-SPAM allows opt-out, it also defines permission as "affirmative consent." In other words, make sure your page loads with an unchecked box.
Gmail singles out this practice: "Each user on your distribution list should opt to receive messages from you in one of the following ways (opt-in):
* Through an email asking to subscribe to your list.
* By manually checking a box on a web form, or within a piece of software."
3. Authentication: Do your eyes glaze over when we talk about Sender ID or DKIM? It's time to learn, because ISPs are beginning to insist on it.
From Yahoo: "Use email authentication such as DomainKeys. This will help us show users that the email is legitimately from you, and, if you sign all your email, it will help us point out the forgeries to users too. It will also help us to minimize delivery disruptions when you need to change or add IP addresses."
4. Purchasing lists: Renting a list, especially one that can certify the permission level, is okay. Buying a list is not. If you don't believe me, read what Yahoo and Gmail say.
From Yahoo: "We have found that using bought email lists is the quickest way to ensure that your email will be delivered to the bulk mail folder."
From Gmail: "The following methods of address collection are not considered 'opt-in' and are not recommended:
Using an email address list purchased from a third-party."
5. List hygiene: Why do I urge you to read your delivery reports every time you send email and to remove hard bounces when the law doesn't require it? Besides being a foundation of Deliverability 101,
the ISPs say you have to:
From Road Runner: "Organizations must immediately unsubscribe any Road Runner email addresses that receive a permanent failure email bounce from Road Runner's inbound email servers."
Maybe in the past you've brushed aside best-practice discussions by countering that it's just somebody's opinion. But now, the ISPs have raised the bar, and you must jump higher now.
Raising your own standards will pay off, though. Meet the ISPs on their terms, and you should see more email delivered to the inbox, which in turn should improve your outcome, whether you measure it in fewer spam complaints, lower list churn or higher ROI.
Get more information at these ISP Web sites:
-- AOL: http://postmaster.info.aol.com/
-- MSN/Hotmail: http://postmaster.msn.com/Services.aspx
-- Juno/Netzero/UnitedOnline: http://www.unitedonline.net/postmaster/
-- RoadRunner: http://security.rr.com/spam.htm