The Continuing Rise of E-Mail Marketing

Mark Cantrell writes: "Yahoo is running a story from Reuters Internet Report that says that companies like Doubleclick are becoming more popular with online businesses because of the low price they charge. $25 for 1000 people spammed is the example given. They do mention that there is a threat that spam may get out of hand, however. May get? Obviously they haven't seen my mailbox or Usenet lately. My favorite quote from the article: 'I think spam is becoming a problem,' Bluefly's Seiff said. 'Any time you get clutter in your mailboxes, it is not beneficial to e-mail marketers like us.'" The article touches on true spam, but mostly talks about the much more benign stuff lumped under "direct marketing," like reminder updates from stores you cleared to send it to you.

My no spam recipe

[LinuxGeek]

I got my own domain and run my own email server. I only use those email addresses for business communication and exchanges with trusted friends and family. In a year and a half, no spam. My roadrunner account? Yup, spam flows in and I used it the exact same way. Three other ISPs, same thing. Makes me think that bulk emailers have help gathering valid email lists.

Re:My no spam recipe

[vofka]

I also have my own domain, and run my own SMTP Server. As well as stopping Spam, I'm interested in tracking who gives my E-Mail addresses to whom, so each service I sign up for that is likely to send me Automatic E-Mails (which is most 'net services these days) get's an individual address, such as mdi0000000001@myverysecretdomain.co.uk.

At my Incoming Mail Server, I run procmail rules to check the incoming message address against 'permitted' senders. Any that don't match are Put into a Holding Account for checking, any that do are allowed through (I want my DNS Host to be able to mail me for example!).

The benefit of this is that I can tell Who has passed on my address (well, their address, but they don't know that!!). When I find that an address has been comprimised, I simply block it, and bounce all messages destined for it, as well as contacting the original 'owner' of the address to tell them what I think.

Now, it does take some work, and common sense, to run, it's not a 'set-it and forget-it' system by any means, but it lets me easily allow what I want in, in; and lets me block what I don't.

As for Doubleclick, they made their way onto my "reject all incoming mail from this sender" list (which I also maintain) a looooong time ago, along with several other 'direct marketing' companies (postmasterdirect springs instantly to mind!!)..

Re:My no spam recipe

[Quixote]

Well, you better hope that none of your friends and family who run a certain OS from Redmond will get infected by the KLEZ pain-in-the-ass. For, it might start sending out mail to all of his/her contacts with YOUR email address as the source. And then your email address will be out in the open, for everyone to grab.

Makes me wonder if the SPAMmers have anything to do with this KLEZ bastard. I hope they catch the guy who wrote it, and feed him just spam for 32 years in his jail cell.

One way to do it

[DoctorFrog]

Eventually we're likely to get some kind of legislation relating to spam. I believe in minimalist law, and this is one way it could be done while interfering as little as possible with free speech, nonabusive email marketing and other not so bad ideas that spammers tend to hide behind.

First, have a couple of universally available databases, one of email addresses which have expressed a wish not to receive any automated email, and another of sources which have been shown to violate this list.

If your email address is in the first database (and only you can put it there), your ISPs email system could be set to exclude any mail from the second list without affecting common carrier status.

The object is equivalent to blocking telemarketing numbers, but to be effective the consumer should be able to avoid having to block those spam sources one by one.

That's the basic idea. I'm sure the /. crowd can come up with a couple of dozen refinements in as many minutes.

Re:How to make spamming more expensive

[jukal]

As some people have started reloading the spammer-nailer page a lot, it seems, maybe I should clarify that the e-mail address is not unique as unique per pageload. Instead, it's an md5 sum created based on the details got from the client host, browser, time, and maybe something else. So, it's somewhat unique per spammer.

Re:One way to do it

[Unfallen]

Conceptually, this doesn't really appear to be too different to the current system of mailing blacklists - except the first "opt-out" database is instead the client choice of using the second database. On the whole.

The main problems I can see with either system are that firstly, it's still an opt-out mechanism. Unfortunately, opt-in systems are (at least currently) more politically-induced rather than technologically, i.e. laws rather than code, which personally I find less ideal. The other point is the perennial problem of inappropriate censorship. For instance, recently the Politech mailing list has found itself on a number of blacklists, when it clearly shouldn't be. The question is how do you know for certain that those on the blacklist are validly there? Or, more abstractly, how do you know what is spam to some people isn't useful to others? And who gets to decide?

Clearly spam is increasing as the Internet grows, and not only do more unsuspecters get caught in the click-through marketing traps, but also more people find their way into the Temple of the Spam Merchant, and try to make a fast buck. I suspect simple blocking procedures, that only the more tech-savvy would use anyway, will do nothing to decrease the amount of spam. Rather, the wave of bulk mail will only lessen once the effort to send it is unbearingly more than the benefits gained.

Perhaps one method is to not ignore it at all, and instead waste as much of their time as possible. If everyone replied to one spam a day (by visiting the website, phoning them up, et al.) then how long would it take the spammer to realise they spent more than half their time following up false business leads? This is an idea that a fe have adopted, and there are various websites that reveal their adventures, but unless it becomes more commonplace, there's still no reason for spammers to stop.

blantant lies from spammers

[multicsfan]

I used to run an ISP that went poof a couple years ago. I'm still running the mail server for myself and a few people who wanted to keep the address. The following is in the mail queue of bounced email on an account that hasn't existed for at least a couple years:

===
You are receiving this e-mail because you have opted-in to receive special offers from
Hi-Speed Media or one of it's marketing partners. If you feel you have received this e-mail in error or do not wish to receive additional special offers, please scroll down to unsubscribe.
===

I'd really like to know how an account that has not existed for at least 2 years could opt in to a marketing list. Isn't this false advertising? I should problaby complain to the NYS attorney general or maybe the FBI.

Beat my record

[kasperd]

I have an SMTP honeypot on my computer. Last week it captured more than six million copies of the same spam mail. The spammer thought my computer would relay them, but it didn't. That is six million less spammails, yet there is a long way to go to get rid of them all.

Re:One spam story

[jht]

You raise an interesting point. The obvious answer is that there should be a market for people who know how to do net marketing responsibly and effectively to earn a living teaching this to companies. One would hope that most companies want to be responsible netizens.

I fear the reality is that most companies fall into one of two categories: either they're so big that they have all their own people doing whatever they see fit (or worse, they've just dumped it into either the marketing or IT areas with no guidelines), or they're so small as to not be able to tell the difference between a legitimate marketing advisor and a spamhaus.

If you were running a smaller company, and two people came to see you with net marketing proposals, which would you be inclined to listen to?

The one who says "We need to collect only opt-in e-mail addresses from existing customers, and offer some sort of a incentive to get those addresses. We can't share them with anyone, so it's not a saleable list. Pop-up ads may log good numbers, but people hate them. It may take a while to build your business on-line, and it may cost some money, but you'll be doing business the Right Way".

Or would you listen to the person who tells you "for only $1000 I can get your message to over a million interested customers?"

The problem is, that without a well-developed clue people are inclined to listen to the second salesman, and not the first. Hence the drumbeat of spam keeps pounding on.

oh really?

[nege]

under "direct marketing," like reminder updates from stores you cleared to send it to you.

So what about when you sign up for some service etc and there is some tiny checkbox you are supposed to "uncheck" to not sell your email address to every spammer in existance. Does that count as "Direct Marketing" since I "requested" that these companies contact me? Do I sound bitter? Yea probably.

Re:One spam story

[Dimensio]

It's not just that they're being conned into willingly spamming -- some of them are lied to by the spammers who claim to be using a valid opt-in method. I've heard from companies who were duped as such, and I've always recommended purusing fraud charges against the marketing company involved. Either that or hand out the home address of the CEO of that company so that the slimeballs can be hunted down and killed as they deserve.

you can find some scripts here

[4444444]

scripts and other ideas are HERE [lenny.com]

Re:A possible solution...

[smash]

It won't work.

Most of my spam comes through open relays in korea... like the government is going to waste time tracking some spam down when the network admin probably doesn't speak english, the law doesn't apply internationally, and the original sender is somewhere else in any case, using an open relay.

Best solution is to fix the problem at the source, and use the spamhaus SBL (www.spamhaus.org) and combine with one of the various open relay lists. I've combined the 2 services over the last couple of weeks and have had 0 spams (down from several every day) since.

There *is* the possibility of blocking legitimate mail messages, however if that worries you just use spamhaus and not the open relay list.

Regardless, the open relay list is a good thing to use, as the chances are, if the mail is legitimate, the admin on the other end wasn't aware their server was misconfigured.

If the other admin doesn't want to fix it, they can fax the info. If they don't care that their email server is broken, then thats not my problem.

Just my 2c, ymmv etc, but I think its high time we fixed the problem rather than just sidestepping it with silly legislation ;)

smash