| |
Who Pays And How To Survive The E-mail Transition
by John Glube, © 2004, all rights reserved of
Head's Up - A Copywriter's Journal
For a PDF copy Use This and To subscribe to the Journal
Who pays for what you may ask. Why, the cost of unsolicited bulk e-mail.
Guess? Have you done any solicited bulk e-mailings recently? What percentage got delivered?
Do you run a private member's site? Sent out e-mail renewal notices? How many are being received?
What about bounce notices? When you’re told the recipient's email address is not valid, do you know for sure whether this is true?
Or has your e-mail message inadvertently tripped a spam filter and the filters are sending back a false message?
How about e-mail inquiries from clients and customers? Are you receiving all your inquiries? Or are some of these inquiries getting lost in cyber space?
Do you see a trend here? Yep and it gets worse.
Paying To Send E-mail?
On May 5, 2004 Microsoft announced it had decided to adopt Bonded Sender[1]. Meaning? Want to get your e-mail past the gateway filters on the MSN and Hotmail networks. That's right.
You now have the privilege of posting a bond and paying an annual fee to get your solicited commercial email, transaction or relationship messages past the Internet service providers’ gateway filters, with the fee being based on a sliding scale, depending on the volume of e-mail you send.
Stop and ask yourself this question. Why should the sender of solicited commercial e-mail, along with senders of transactional or relationship e-mail and personal e-mail have to pay extra to get through the gateway filters set up by Internet access services to stop unsolicited bulk email?
To send solicited commercial e-mail, you have to pay for Internet access, building a subscriber base and transmitting the e-mail.
Now, as we transition from an open to a closed e-mail delivery system, Internet service providers want e-senders to pay an extra charge. An accreditation charge, so Internet service providers can sort the “good e-mail” from the “bad e-mail.”
How Did We Get Here?
How the heck did we end up here and just as importantly what steps do we need to take to survive and continue to prosper as we move from an open e-mail delivery system to a closed e-mail delivery system?
Let's turn back the clock for a moment.
For some time now, the Direct Marketing Association (DMA) has argued spam is fraudulent unsolicited commercial email, while relying upon the right of commercial free speech to support the legitimacy of sending unsolicited commercial email in bulk.[2]
With the passage of the CAN-SPAM Act of 2003 (CSA), supporters of this view, like Mr. Ronnie Scelson, (sometimes called the Cajun spammer) who recently testified before the US Senate Committee on Commerce, Science & Transportation claim the CSA by not banning, but merely regulating how people can send UCE in bulk, makes what you and I consider spamming to be legal.
Doesn't sound right does it? Interesting that people like Mr. Scelson arguably can find support in a document published by the Federal Trade Commission (FTC) titled The CAN-SPAM Act: Requirements for Commercial Emailers which outlines the rules for sending CSA compliant unsolicited commercial email.
But, this document does not deal with e-mailers who send affirmative consent commercial e-mail. Hopefully, as part of the rule making process, the FTC will distinguish between e-mailers who send “affirmative consent commercial e-mail” and “unsolicited commercial e-mail,” allowing the FTC to label CSA compliant unsolicited commercial e-mail as Spam.
(This would seem likely, as the FTC's position is Spam is unsolicited commercial e-mail, usually sent in bulk.)
There is additional hope. The DMA’s justification is inherently flawed when gauged against independent standards of responsible net practice, reflected in the Internet Engineering Task Force (IETF) guidelines titled Netiquette, Don't Spew and How To Advertise Responsibly Using Email.
Since first publishing this article, I spoke with Claudia Bourne Farrell of the FTC's Office of Public Affairs on June 3, 2004.
Ms. Farrell confirmed for my benefit the guide titled The CAN-SPAM Act: Requirements for Commercial Emailers only applies to e-mailers sending CSA compliant unsolicited commercial email.
Ms. Farrell went on to say, "in the FTC's eyes" these are e-mailers who have "identified themselves as sending Spam."
This is good news for those of us who send affirmative consent commercial e-mail. To quote Ms. Farrell, we fall "outside the scope of this rule."
It means the FTC has rejected the DMA's position and with this stance the FTC can label CSA compliant UCE sent in bulk as "spam," e-mailers who send CSA compliant bulk UCE as "spammers," while holding up those who send "affirmative consent" commercial e-mail as being the "good guys."
Whether this means at day's end the proposals outlined in The FTC Want's To Hear From You will receive favorable consideration remains an open question, but the whole situation on that front looks promising.
What About The CAN-SPAM Act of 2003?
Now the amusing part of the CSA is Congress left it up to Internet access services to decide what e-mail not to transmit over their networks. Paragraph 8 (c) of the CSA reads:
"(c) NO EFFECT ON POLICIES OF PROVIDERS OF INTERNET ACCESS SERVICE- Nothing in this Act shall be construed to have any effect on the lawfulness or unlawfulness, under any other provision of law, of the adoption, implementation, or enforcement by a provider of Internet access service of a policy of declining to transmit, route, relay, handle, or store certain types of electronic mail messages."
The upshot of all this:
By not defining Spam as unsolicited commercial email sent in bulk and then banning the sending of Spam, Paragraph 8 (c) of the CSA allowed Congress to sidestep confronting the right to commercial free speech argument put forward by the DMA.
Instead Congress gave Internet access services the opportunity and power to establish and impose responsible behavior through market self-regulation.
What Are The Internet Service Providers Doing?
Most Internet service providers in the US prohibit unsolicited bulk e-mail from being sent over their networks. Therefore, you would think the world was moving in the right direction.
But with the implementation of programs like Bonded Sender, using criteria which allows for the sending of unsolicited commercial e-mail, and imposing a pricing scale which is cost prohibitive for most micro business owners,[3] are the Internet access services using this power responsibly?
What about the practice by Microsoft and Yahoo! of selling access to their subscriber base of free email users to senders of bulk UCE and then transmitting these messages to their subscriber base?
Or taking the view held by America Online there only has to be a 'relationship' between the sender and the recipient, so allowing AOL to white list senders of bulk UCE under its guidelines?
Who Can Fix The Problem?
To ensure fair play:
* The Congressional committees with responsibility for commercial oversight have to monitor the policies and technical measures implemented by the Internet access services to ensure these measures do in fact reinforce responsible behavior as gauged against independent standards.
* Congress also needs to be satisfied:
(i) The plague of e-mailers sending unsolicited bulk e-mail is brought under control through market self regulation;
(ii) Any measures taken, while protecting the consumer, ensure senders of personal email, along with senders of solicited commercial, transactional and relationship email are treated fairly, while the competitive playing field remains level;
(iii) The online business community is not placed in the position of being in breach of other laws, regulations or rules; and,
(iv) Barriers are not imposed which prevent new entrants, or drive out existing participants.
In part, this is why Congress included section 10 of the CSA which requires the Federal Trade Commission (FTC) to prepare a variety of reports for the benefit of the Congressional oversight committees.
At the same time, if market self-regulation does not work, Congress gave the FTC the authority to fully intervene under the guise of section 9 of the CSA, which allows for the creation of a do-not-email-registry system.
Under the CSA, in essence Congress gave the market two years to sort everything out. But, with levels of collateral damage increasing daily has time already run out?
Some Possible Solutions
The market is presently moving towards the sender paying for accreditation. But is this the right direction? And if the sender does not pay for accreditation, what are the alternatives?
(Not familiar with why we need to move from an open e-mail delivery system to a closed e-mail delivery system? Then before going further you will want to read Is The Writing On The Wall For Spam?)
If you support the view Internet service providers should not use gateway filters of any sort, then who pays for the continual increases in bandwidth usage, the extra servers and computing power requirements to deal with unsolicited bulk email? Ultimately the burden falls on the user of these services through increased access fees.
Many are of the view, including myself, that implementation of authentication procedures to verify whether someone is spoofing or phising before a network accepts delivery of an e-mail message for transmittal to the recipient holds promise for controlling the flow of unsolicited bulk email.
Presently the MARID Group (being a working group of the IETF, with MARID standing for MTA Authorization Records in DNS) is working with those behind SPF, Caller ID For Email and Domain Keys to put together a protocol which can be released by August, allowing for quick roll out and implementation.
But this will only control the flow of UBE using false or misleading header information.
One of the significant problems now facing Internet service providers is virus infected networks and personal computers spewing out unsolicited bulk email. Authentication procedures may not stop this flow of spam from entering the networks of Internet service providers.
Until now, system administrators throughout North America and around the world have relied upon commercial black listing services to decide whether to block a particular IP address from transmitting email to their network.
Under Bonded Sender, if a spam complaint is lodged, instead of being blocked by SpamCop, the complaint is investigated and if it turns out to be meritorious, the sender pays a fine. The sender only loses the ability to be a Bonded Sender if proven complaints reach a certain level.
An independent classification system can help e-mail senders, recipients and Internet service providers, with third parties being used to resolve complaints, or in the case of Bonded Sender, with the e-mailer being monitored by TrustE, an accreditation service with fines being paid by the e-sender where appropriate.
These services allow an Internet service provider to sort the good e-mail from the rest and either simply bounce the rest, or send it to the recipient's junk e-mail box. But this can result in significant collateral damage, suggesting sorting of the rest should be left to the individual user.
Also, one of the flaws with Bonded Sender is the proprietary nature of the system used by Internet service providers to implement the program. There is a legitimate concern the intention is to exclude others from providing similar services.
This concern is heightened with the recent announcement that "Microsoft's MSN and Hotmail services were added to Iron Port’s Bonded Sender program."
The Dot Mail Proposal
On December 15, 2003, the Internet Corporation For Assigned Names and Numbers (ICANN) issued a request for proposals for new top level domains. In response to the call for proposals for new top level domains (New sTLD RFP), the SpamHaus Project submitted the dot Mail proposal.
The proposal's stated objective? To establish a means by which individuals, companies and organizations can send "spam-free email ... without being blocked, filtered or inconvenienced when doing so."
A laudible idea, but as always "the devil are in the details." There are a number of concerns with this proposal. The fee to register and obtain a dot mail domain is set at $2,000 US and it seems this fee will be payable annually. This is potentially cost prohibitive for many micro business owners.
An applicant must have an existing top level domain for at least six months to apply for a dot Mail domain. This favors existing market players to the detriment of new entrants.
Domain holders will have to agree not to send unsolicited bulk e-mail. How does the proposal define unsolicited bulk e-mail? It adopts the definition used by the SpamHaus Project. This means domain holders will want to run verified opt-in e-mailing lists. Some solicited e-mailers will object to this standard, especially as it requires a higher code of behavior than set out in IETF guide titled How To Advertise Responsibly Using Email.
The process for dealing with complaints, resulting in delisting is not clearly outlined in the application. The SpamHaus Project has a great deal of experience in dealing with spammers. However, the presumption an e-mailer is a spammer should not apply. Participants will establish their bona fides up front in going through a stringent vetting process.
Unfortunately, the applicant's material suggests solicited e-mailers may find themselves facing a "shoot first, ask questions second mentality." There is a need for an open, transparent and cost effective method for dealing with complaints and resolving disputes. Reasonable thresholds are required before complaints are escalated and the process must allow the e-mailer to easily establish verified consent, before any action is taken.
Also, it is unclear whether participants can send unsolicited e-mail, such as first contact enquiries, job enquiries, sales enquiries and so forth which do not fall within the SpamHaus Project definition of spam.
The dot Mail proposal resolves some of the flaws with Bonded Sender. It establishes both the sender's authenticity and the e-mailer's reputation. The problems? The proposal is geared towards existing market participants, with an apparent bias in favor of the e-mail recipient in resolving disputes and does not suit the needs of the micro business owner.
There is another potential problem. The application suggests the proponent wants to minimize Court scrutiny of its decision making. Fair enough. But the question then arises, to whom is the organization accountable? The 'Net community at large with specific attention being given to anti-spam groups? Some will find this comforting. Others may feel uncomfortable in doing business with such a group.
The public comment period set by ICANN closed in early May. ICANN is now setting up a panel to review all the applications. The timetable calls for final decisions by September 30, 2004.
An Open Standard
Based in part on the concepts outlined in the Trusted Email Open Standard, Craig Hughes has created an open source code for what he calls a Vouch List Specification.
The specification is a work in progress. The objective is to create a standard which can be used by classification services to assist Internet service providers in filtering e-mail from a particular sender.
It uses the Domain Name System of static IP addresses to create an e-mail sender identity and sets up a series of questions and functions to evaluate the e-mail sender’s behavior.
This creates a rating for the e-mail sender which can then be plugged in to the filtering systems used by Internet service providers.
There is another potential flaw with accreditation systems like Habeas and Bonded Sender. Spammers will attempt to copy the encoded headers and send UBE with forged headers representing the e-sender is accredited.
This has already happened to Habeas, compelling changes to its system and the open source Spam Assassin filtering system. It will likely happen to Bonded Sender.
By adopting an open source methodology, Internet service providers can overcome these problems. First, by utilizing a sender authentication method which is based on IETF approved protocols. Second, by adopting a standard rating system to classify senders, with senders having the option of enrolling in a program like Bonded Sender, or agreeing to invoke third party mediation to resolve disputes.
There is one potential flaw with sender authentication, which forms part of the rating an e-mailer receives. At present, due to certain security holes, spammers can forge IP addresses. This problem needs to be rectified as it may cause problems for e-mailers who list with a classification service, with spammers forging 'good' IP addresses.
But, as only skilled individuals can run classification services, there is ultimately a check on system abuse by spammers affecting the rating of listed e-mailers.
The Law Suit
SpamCop is not revered in many sectors of the online community. Many permission based marketers have run afoul of the anonymous complaint system established by SpamCop.
Presently SpamCop is being sued by a UBE sender. You may have heard of the case? OptinBig.com v SpamCop.net dba IronPort Systems, Inc.
My own view is this case will likely fail. But it is possible a Court may ultimately accept the position that block notices initially be sent only to the system administrator of the sender's network.
This would give the system administrator the opportunity to resolve the complainant with the sender, by having the sender remove the complainant from the sender's list and if this is done, no block notices need be sent to other system administrators.
Since publishing this article the case was ultimately settled out of Court. The settlement terms were not disclosed.
An Elephant Is Released?
Should this happen, what is the result?
Is an Elephant released into the system? The Elephant being all those who would send CSA compliant bulk UCE, but for the existing black list system, or the developing classification system.
Oh sure, using their authority under paragraph 8 (c) of the CSA, Internet service providers can deny access for senders of CSA compliant bulk UCE through their personal IP address and even go so far as to cut off service if a user starts to send large volumes of e-mail.
But with a T-1 line and direct access to the backbone, what’s to prevent folks from using this form of access to send CSA compliant bulk UCE?
Some may argue paragraph 8 (c) of the CSA provides complete legal immunity for commercial black list operators, (presuming they operate a service which provides internet access). But what if these operators act in fashion which is otherwise viewed as high handed and oppressive?
With the passage of the CSA does the grant of discretionary authority to the service providers under paragraph 8 (c) impose an obligation to at least act fairly.
If so, since the CSA does not ban unsolicited bulk commercial e-mail, does this obligation extend to e-mailers of both solicited and unsolicited bulk commercial e-mail?
Given the antipathy towards UBE, a solicited commercial e-mailer could bring a successful law suit against one of the existing commercial black list operators.
But, we can resolve the various issues by creating an open classification system which allows for more "nuanced decision making" depending on the type of message at issue.
Penny Black
On May 6, 1840, just over 164 years ago, the British Post Office issued the first adhesive postage stamp, now known as the Penny Black to deal with widespread abuses of the free postal privilege.
Today, to deal with the plague of unsolicited bulk e-mail, Microsoft has put forward its Penny Black proposal.
Although details are sketchy, in essence e-mail senders will have to pay in computation time to send an e-mail. The proposed cost is 10 seconds of CPU time for each unsolicited e-mail that is sent or 360 emails per hour.
Large volume senders of unsolicited bulk e-mail will need to build huge in house e-mail server farms. Microsoft believes spammers can't afford the cost.
How will the system know whether the message is solicited? According to the present proposal, Penny Black may involve some sort of "white listing" of the sender's email address.
When will Microsoft start to implement the Penny Black proposal? Rumors are beginning to float in the market place of a solution roll out within the near future, with January 1, 2005 as a possible date as to when e-mailers have to be 'puzzle solution compliant' to send email to MSN, AOL, Yahoo! and EarthLink.
What about classification systems? And how about services like Bonded Sender, with a sender being accredited and subsequently monitored by TrustE? Some suggest the implementation of Penny Black will make the need for classification systems and accreditation services obsolete.
It is more likely, if you are an e-mailer with the appropriate rating or an accredited e-mailer, you can send e-mail to participating networks without having to be 'puzzle solution compliant.'
The only question is whether Penny Black will only allow for bonded senders, or also respect classification services which provide ratings for e-mailers.
My sense is to allow for wide spread adoption and to ensure regulatory compliance, the Penny Black scheme will have to take into account classification services and allow for rated senders of solicited commercial e-mail without requiring the e-mailer be accredited by joining a service like Bonded Sender.
Otherwise Microsoft runs into anti-trust issues. Some have hailed Penny Black as the answer.
But Penny Black requires a secure algorithm that spammers cannot hack or counterfeit.
A prediction. Microsoft will implement Penny Black. Someone will break the code and manage to send out Penny Black compliant e-mail without having to spend the associated CPU time normally required.
There will be a panic, Microsoft will develop a patch, the authorities will track down the perpetrator and life will go on.
The Picture For Email
Here is how the picture looks at this time:
* Sender authentication will become wide spread in North America by the fall.
I appreciate some analysts suggest an implementation rate of only 25% by the end of 2005. However, these comments were based on the lack of a standard protocol. With the formation of the MARID working group, I believe this group will sort out a standard protocol by August, allowing for widespread acceptance and implementation of sender authentication[4].
(Since first publishing this article, MARID was closed in late September without settling on a standard for IP/Domain Based sender authentication. For more on what has transpired, you will want to read For The Record, Will Microsoft Own Email?.
* Independent classification services are now being implemented, with the United States being the first area to be covered.
A quick comment on terminology. There is a difference between a classification service and an accreditation service.
A classification service is independent and provides a rating for an e-mailer based on a number of criteria, using a methodology which is open and transparent.
A self accreditation service like Habeas grants an e-mailer who agrees to certain criteria for sending commercial e-mail permission to use a specific form of header.
An independent accreditation service goes further and requires the e-mailer to go through a third party review process (which may be waived where the e-mailer is known) and post a bond to ensure compliance with agreed mailing criteria before receiving the seal of approval, like Bonded Sender working with TrustE.
There are variants on the Bonded Sender concept, such as the dot Mail proposal.
What does this mean for e-mailers? Either use the services of a reputable 3rd party e-mailer, or if you do your own e-mailings, to have a realistic shot at getting your e-mail through the 'gateway filters,' you will want to at least list the business IP address you use to send solicited, transactional or relationship e-mail with SPF and have a listing with a classification service.
The later means paying some sort of fee. It will likely not be the whopping big fees demanded by the likes of Bonded Sender or dot Mail, but anticipate paying something.
The core issue here is whether the big 4 Internet Service Providers, Microsoft, AOL, Yahoo! and EarthLink will only go with Bonded Sender and TrustE, or will opt for an open system.
My own view is, for anti-trust reasons and to meet regulatory compliance, Internet service providers will have to allow for classification services, with e-mailers having the option of agreeing to third party mediation to resolve disputes, or signing up for services like Bonded Sender after being accredited by TrustE.
But, I could be wrong. Then watch the fur fly.
* Sometime within the next 6 to 12 months, Microsoft will introduce Penny Black. Some believe this is a waste of time. Others are convinced it will solve all our problems. To my mind Penny Black is another step in the process.
There will likely be some form of co-operative relationship between the classification services and Microsoft, so that senders of solicited commercial email, along with transaction and relationship messages who have the requisite rating can side step the puzzle solution problem.
I make this comment because if the system is not open and you have to sign up for Bonded Sender, subject to accreditation by TrustE, what happens to many of the smaller 3rd party providers of e-mail services?
And how will publishers and other online businesses that send solicited commercial e-mail from their own servers cope? What about providers of these services? This is just the start of a long list of repercussions. Without an open standard, the situation will get very ugly and quickly.
If Microsoft wants wide spread acceptance of Penny Black, the plan has to allow for independent classification services that rate e-mailers and offer other services including independent dispute resolution.
* Ultimately, depending on whether the industry can regulate itself, we may see the FTC implement a domain wide do not email registry system under section 9 of the CSA, meaning in essence the United States and everyone who wants to send e-mail to American consumers will go from an opt-out regime to an opt-in regime.[5]
* While all this is going on, the Federal Trade Commission and the Federal Bureau of Investigation will continue to hunt down and prosecute those violating the CSA.
The upshot? At some point within the next two years, we will likely see a dramatic fall in UBE levels. At present the consumer is being inundated with offers. Once UBE levels fall, a whole new dimension of marketing will open up using solicited commercial e-mail.
The UBE problem will not go away as there is a global dimension to all of this and the authorities will have to move forward through mutual assistance treaties.
Also, every once and a while someone will hack into and crack open one code or another. For a period of time people will be up in arms but then things will settle down.
And as processing speeds continue to increase, Microsoft will have to upgrade Penny Black to meet new technological challenges.
How Do We Survive The Coming Transition?
In the meantime, as we make the transition from an open email system to a closed email system, how do we as micro business owners survive and continue to prosper?
How do we deliver our newsletter, solo advertisement, the sales confirmation with the upload link or notice of renewal?
Do we simply abandon e-mail? Or do we continue to build our lists through the use of co-registration services? What about blogging and the use of RSS feeds?
Some Suggestions
My suggestions are as follows:
* Continue to focus on the basics of bringing interested visitors to your business.
* Learn how to convert your visitors into buyers. Now that you have visitors coming to your web site, you need to generate sales.
To aid you on both these quests, I have set up a web page titled The Zen List Of Marketing Forums. Enjoy.
Staying With E-Mail
* Want to stay in the e-mail business?
Carry out your e-mailings in accordance with best practices. The consumer is fit to be tied over spam. There is a growing back lash by subscribers against publishers who simply mail offer after offer. As we work through the transition keep things in moderation and provide value. Keep in mind the basics of building relationships. Listen to your subscribers and remember who pays the bills.
In conducting e-mailings many people are tempted to do it themselves, buy a software script, host the software on their web host, or rely on their web host’s mailing script and do their own mailings.
Want to do this and get through the gateway filters?
Then you want to be sending mail from a dedicated IP address which is sender authenticated with SPF, follow best practices, ensure your messages are not overtly 'spammy' and at a minimum list your domain and IP address with a service like the Trusted Email Sender program.
My own view? Given where the market is going, either use the services of a qualified 3rd party provider to do your mailings, or list yourself with an accreditation service.
Recently there has been a great deal of discussion in the various marketing forums surrounding delivery issues. This is the core question.
Looking for a pure sequential auto-responder service with list management capabilities?
Having reviewed the specifications of various participants in the market, reviewed numerous discussions and examined the headers of the e-mail sent by a number of different services, my vote is AWeber as providing the best sender authentication in its price range.
Look at the header of a message sent from a publisher using this service.
There is an authentication 'seal' in the header which verifies the from address along with the mailer address, the mailer, the date the recipient subscribed to the particular list, the recipient's id, the date sent and the subject line.
Any filter worth its salt is going to be hard pressed to reject this header, unless the filter is set up to demand a third party accreditation 'seal' in the header by say Bonded Sender. Couple this with a subscriber verified opt-in process and you have built in protection.
(Although all my mailing lists meet the affirmative consent standard under the CSA, I acknowledge that not all my mailing lists are subscriber verified opt-in, although look for some changes in the near future. Whether you decide to use subscriber verified opt-in, publisher confirmed opt-in, or simple opt-in is a matter of choice. But, beware of the risks and benefits involved with the various choices.)
Also much can be said for the quality of the management team and the level of support. For example, recently AWeber introduced a feature which allows users to set up an RSS feed for each list you run with their service.
Want a service which provides focused list management capabilities, along with a first class sequential auto-responder service?
In the last month I was invited to review a relatively new entrant to the market place. All lists are verified opt-in. The support team is excellent and these folks watch their delivery rates like a hawk. Each message has the appropriate filter header and the system is constantly being improved. For more information, Use This.
Continue to build up your e-mailing lists. My recommendation remains as it was. There is an opportunity to build up your mailing list through the use of co-registration services. I recommend people consider two resources:
The first is Paul Myers' Amazing List Machine.
Paul's material is quite good, will give you good guidance on how to properly build an e-mailing list and I refer to it regularly.
The second is Ed Thorpe's material on Co registration.
There are four reasons why I make this recommendation. Ed tells it like it is. Some of my materials are a bonus. Ed provides an excellent guide on how to build rapport with your subscribers and Ed gives you ongoing updates to aid you with e-mailings.
But understand one thing. This is a business. Meaning, want to do your own e-mailings? Then join a service like Trusted Email Sender and add RSS as an alternative channel of distribution.
Shift To RSS?
* Don't want to stay in the e-mail business. Not prepared to consider the possibility of paying a classification fee to gain a rating, or becoming an accredited sender? Then get into RSS and Blogging. I have written about this topic before, starting with the article The Death Of E-Mail Marketing (where you will find a list of useful resources in notes 13 to 15). Also read my comments in Is The Writing On The Wall For Spam? starting with the Future of E-mail Marketing.
Just to add to the story, Opera has recently released the newest version of its web browser which includes an RSS Feed Aggregator. There are rumors AOL version 10.0 will include an RSS Feed Aggregator.
Microsoft is developing a new operating system. The code name for the project is Longhorn. My understanding from published reports is there will be an RSS feed aggregator built into the system.
The present talk is Longhorn will be released to the public sometime in 2006. When this happens, RSS will have gone main stream.
Make Your Voice Heard
* Make your voice heard. As I said above, it seems likely the Internet service providers will elect to go with:
Sender authentication (meaning verifying the email is not a spoof or a phish);
Open classification systems which provide ratings for e-senders, with the option of joining a paid sender accreditation program like Bonded Sender or Habeas (meaning the sender's reputation is rated by a standardized system operated by a third party, or accredited by a third party and in either case, if there is a problem which cannot be resolved the sender's IP address is blocked); and,
Puzzle compliant (meaning senders of unsolicited bulk email show the e-mail sender has satisfied the CPU puzzle).
For this approach to work, the process and procedures must be open. In particular, e-senders must be able to choose to opt for registering with a classification system provider, without having to join an accreditation service. Internet service providers must be willing to accept and use either the rating provided by a classification system provider, or accept an accreditation service's seal of approval in operating their gateway filters.
This is particularly important, since Microsoft plans to roll out Penny Black. We need to ensure, the gateway filter technology will allow for a nuanced solution, so that the requirement of puzzle compliance does not apply to classified senders with a minimum rating, or authenticated senders, who are solicited commercial e-mailers.
Furthermore, we need one or more classification rating services which are geared towards small and home online businesses. Bonded Sender does not meet these criteria. It is more suitable for the needs of the large and medium size corporate sector. Also there are issues with the e-mailing standards of Bonded Sender.
With the introduction of Bonded Sender, some publishers suggest we boycott Microsoft, by refusing to accept subscribers with Hotmail or MSN e-mail addresses. But the issues are broader than merely the Bonded Sender program.
The FCC
Just to add to the mix, the Federal Communications Commission (FCC) is now conducting a wide spread review of whether there is a need for regulation of Internet protocol enabled services, with particular focus on voice over internet protocol services.
E-mail is an IP enabled service. For more information on what the FCC wants to do, read the Statement of Chairman Powell, the Statement of Commissioner Martin and the FCC's Notice of Proposed Rulemaking.
Although the FCC's document is titled "Notice of Proposed Rule Making," in reality the FCC is canvassing the community for comments before moving to the next step.
What To Do?
In my view, it is fundamental the Congressional oversight committees in the United States and the Anti-Spam Task Force in Canada are aware of the concerns of the online SOHO business community, to ensure the situation develops fairly and openly.
Write a letter either directly to Senator McCain who chairs the US Senate Committee on Commerce, Science & Transportation, or to the Committee itself expressing your concerns, with a request to have your concerns sent to the appropriate regulatory agency.
Since the CSA applies to all those who reside outside of the United States and send solicited commercial, transactional or relationship e-mail to US consumers, don't be shy. You need to chime in.
For those who reside in Canada, you will also want to review the recent announcement concerning the establishment of an Anti-Spam Task Force and get in touch with Michael Binder, Assistant Deputy Minister, Spectrum, Information Technologies and Telecommunications, Industry Canada, Ottawa, Ontario. Mr. Binder is Industry Canada's representative on the Anti-Spam Task Force.
You will find his contact information about half way down the referenced page. You can use this article to aid you in your thoughts.
At The End Of The Day
At the end of the day, we will see two main streams for the online business owner to communicate.
E-mail, involving senders of business e-mail including transaction or relationship messages and volume senders of solicited bulk e-mail.
Want to send solicited bulk e-mail, use a dedicated IP address and have the needed classification rating to aid your e-mail in getting through the gateway filters.
The only issue is whether the large corporate sector will have an exclusive lock on sending solicited bulk e-mail, or will it be open to all, including the micro business owner, providing you agree to comply with certain standards and pay a fee.
For information on an accreditation service focused on aiding the micro business owner, review the Trusted Email Sender program.
The underlying debate is how much and to whom. This is why it is essential to make your voice heard now.
The other channel of communication will be RSS feeds. This will tie into the overall concept of pulling visitors to your web site, taking a variety of forms and once Longhorn is introduced, RSS will go totally main stream.
Well there you have it. Some food for thought over the next few days.
Footnotes And Additional Resources
[1]back A quick bit of history. IronPort initially teamed up with TrustE to implement its Bonded Sender program on April 29, 2003.
On October 20, 2003, Iron Port announced the Email Service Provider Coalition (ESPC) would use the Bonded Sender program to implement its solution in dealing with Spam.
In November, 2003, Iron Port announced it had acquired SpamCop.
And on May 5, 2004, Iron Port announced the arrangement with Microsoft. You may also wish to read Microsoft's corresponding announcement.
(Todd Weiss of Computerworld wrote an article concerning the Microsoft announcement. In Mr. Weiss' article he indicates there are about 50 e-mailers participating in Bonded Sender as of May, 2004. This is down from 200 as reported in Brian Morrissey’s DMNews article of November, 2003.)
[2]back To gain the flavor of how others see the various positions, including those of the Direct Marketing Association, you will want to read a document titled "Junk E-mail:" An Overview of Issues Concerning Commercial Electronic Mail and "Spam" Updated April 14, 2004 published by the Congressional Research Service (CSR). It is an interesting read and includes references to some of the steps 'industry' is taking to regulate itself.
Not being a position paper, the report does not outline the import of paragraph 8 (c) of the CAN-SPAM Act of 2003, or what would happen to the e-mail delivery system if the existing restraints against UCE senders were lifted. It does form an interesting back drop to the hearing held on implementation of the CSA before the US Senate Committee on Commerce, Science & Transportation on May 20, 2004.
Not familiar with the Congressional Research Service (CRS)? This is a federally mandated "think tank" that works exclusively for Members and committees of the United States Congress. CRS is part of the legislative branch of the United States Federal Government, being a department of the Library of Congress. It is a nonpartisan analytical, research, and reference arm for Congress. The CRS mission is to "support an informed national legislature."
To understand the forces at play in this debate, also visit the web site for an organization called the Global Business Dialogue on electronic commerce (GBDEe). This is an extremely powerful business lobby organization, with some of the largest multi-national corporations in the world being members.
In early 2003, according to its website, GBDe was requested by the European Union, US, Canadian and Japanese Governments to develop a business response to the problem of unsolicited commercial e-mail. In November, 2003, GBDe produced a response. The group preparing the report was lead by Michael Sabia, President and CEO of BCE Inc. BCE Inc. is the parent for Bell Canada, operators of one of Canada's largest Internet service providers, Bell Sympatico. GBDe published report is titled Unsolicited Electronic Communication (Spam).
I find Mr. Sabia's role interesting, especially with the stated position of Bell Sympatico in its acceptable use policies on UCE, along with the ethical guidelines and code of practice of the Canadian Marketing Association on e-mail marketing.
This position paper had and continues to have a bearing on policies being implemented in the European Union, the United States, Canada and Japan to deal with Spam.
In my view the underlying analysis is flawed in not dealing with the consequences to the e-mail delivery system, if the existing restraints against UBE are lifted. Both these documents help to explain the interests at play.
These papers also underscore the view held by many that ultimately it is up to the Internet service providers to take the needed steps to control UBE. Government's role? To enforce the law, while playing an oversight role to protect consumer's interests, (including educating consumers on how to deal with Spam), ensure market fairness and a level playing field for all.
[3]back In November, 2003 Microsoft announced the development of something called SmartScreen Technology for implementation with its mail transfer agent software and hardware.
Mr. Brian Arbogast, the Microsoft Corporate Vice President responsible for "driving anti-spam efforts across the company" states in the announcement:
"PressPass: Just about everyone agrees that spam is a nuisance, but what are some of the more damaging effects of spam that demand a strong response from Microsoft and other interested parties?
Arbogast: I'd start by considering the definition of spam: it's unsolicited, unwanted e-mail sent by someone with whom the recipient has no personal or business relationship."
Gee, that's interesting. According to Microsoft's point person, you only need "implied consent" (meaning a pre-existing business relationship) to send commercial e-mail to someone and not "affirmative consent."
So, we have a gateway filter set up to bounce anything but bonded sender e-mail, but lo and behold you only need to establish a pre-existing business relationship. Tilt.
How does this relate to the Bonded Sender program? To enroll an e-mailer agrees to abide by certain sending criteria or e-mail standards.
Guess what? The email standards allow e-mailers to send commercial e-mail to their existing customers without requiring "affirmative consent," utilizing the concept of "implied consent" based on a pre-existing business relationship.
But the CSA, being an opt-out regime, does not recognize this concept. Either you have "affirmative consent," meaning you are sending solicited commercial e-mail, or you are sending unsolicited commercial e-mail.
Also, Bonded Sender's e-mail standards do not require e-mailers who are sending commercial e-mail based on "implied consent," to include the required clear and conspicuous identification under sub-paragraph 5 (a) (5) (i) of the CSA that the e-mail message is an advertisement or solicitation.
So, you get accredited, pay your fees, become a bonded sender and get to send unsolicited commercial e-mail in bulk to your existing customer base based on the concept of a pre-existing business relationship as set out in the e-mail standards.
However, what about the acceptable use policies of most Internet service providers which do not allow e-mailers to use service providers' networks to transmit unsolicited bulk e-mail?
Do Internet service providers appreciate by agreeing to allow bonded sender commercial e-mail (when the e-mailer is sending unsolicited commercial e-mail relying on the concept of implied concept) through their gateway filters for delivery to their customer base two things have happened:
* The Internet service provider has just allowed an e-mailer to violate its own acceptable use policies (presuming its acceptable use policies ban the use of its network to transmit unsolicited bulk e-mail, which is the case in most instances.)
For more on this point, read the recent testimony of Mr. Scelson before the US Senate Commerce, Science & Transportation Committee hearing on the implementation of the CSA.
Mr. Scelson testifies about how AOL agreed to white list an IP address he was using to send commercial e-mail and what happened. The white listing made it clear he was intending to send unsolicited commercial e-mail based on a pre-existing business relationship with the recipients. This is permitted under AOL's white listing criteria. AOL gave notice of this arrangement to Mr. Scelson's service provide, World Com.
World Com responded by informing Mr. Scelson he could not use their network to send unsolicited commercial e-mail, even though he was sending CSA compliant unsolicited commercial e-mail. Would the same problem have arisen if Mr. Scelson was a bonded sender and sending unsolicited commercial e-mail under the guise of "implied consent" which is in accord with Bonded Sender's email standards?
* Unless the FTC creates an exemption for bonded senders under the rules, (which based on TrustE's comment was not requested), if the unsolicited commercial e-mail message does not have the requisite notice stating the e-mail is an advertisement or solicitation, has not the Internet service provider facilitated a breach of the CSA by the e-mailer?
The situation can get even more bizarre. The service provider decides to set up its gateway filters so it can participate in the program, allowing all bonded sender e-mail to pass through to the e-mail boxes of its customers.
At the same time, it decides to control the spam tide by bouncing every other piece of e-mail which has a certain spam content, setting the content filter measure at an extremely low threshold.
Think about this. Now you have the service provider violating its acceptable use policies, arguably facilitating a breach of the CSA by the e-mailer and bouncing solicited commercial e-mail. Talk about the world gone sideways.
And guess what? When folks start to howl, the service provider will simply point to paragraph 8 (c) of the CSA and say, we have the discretion to do what ever we want.
Not so fast. Paragraph 8 (c) gives Internet access services unfettered discretion under the CSA as to what e-mail it can decline to transmit to its customers. But, this provision does not give the service provider the authority to agree to transmit commercial e-mail to its customers which is being sent in violation of the CSA.
True, since the process of filtering is "automated," the service provider would argue the act of allowing the bonded unsolicited commercial e-mail without the requisite notice to pass through its gateway filters meets the definition of routine conveyance under the CSA and therefore the service provider is not in violation of the CSA. But, as someone had to set the filters to allow for the transmission of the e-mail, this position seems to be without merit.
Also, what about the concept of unfair or deceptive trade practices, which is prohibited under the Federal Trade Commission Act and quite a few State laws? Paragraph 8 (c) of the CSA does not give Internet service providers a free pass on the application of these laws.
How about this fact situation. The service provider allows the transmission of bonded sender unsolicited commercial e-mail messages through its gateway filters. This is in violation of its posted accepted use policies. The e-mail messages are not CSA compliant, being without the required notice.
At the same time, its filters are set up to bounce non-bonded sender CSA compliant solicited commercial e-mail. To make matters worse, the bounce notices indicate the recipients' e-mail addresses are not valid and this is false.
Tell me the service provider does not have a problem. Certainly, I would not want to be on the other side of this stick.
There is at least one other problem with the e-mail standards. I am a big time spammer. (I am not, but this is just an example.) Through my spamming, I have built up a list of customers. I transfer this customer base to a new company, fund this company and have a respectable individual appear as the owner and manager, even though I have total control.
This company applies to become a bonded sender. Everything on the record is according to hoyle. TrustE approves the company, which then pays the required fees and posts the necessary bond. Bata bing, Bata boom, I am now able to send bonded sender spam. Amazing what? I realize this example is a bit fanciful, but you get the point.
Of course, the other issue is delivery. True, as a bonded sender you get a pass through participating service providers' gateway filters. But recipients can set up their own filtering system on their paid e-mail boxes. (You may increase delivery rates to free e-mail addresses.) Therefore, becoming a bonded sender can not guarantee increased delivery rates to your subscribers' inbox.
In addition to all these issues there is the little matter of the fee schedule which is not set up for the micro business owner with a small list.
Yes, there is one 3rd party e-mail service provider which is offering customers the option of becoming a bonded sender without having to post a bond.
But, the fee schedule is set up so that every spam complaint (whether it is valid or not) results in a $20.00 fine. Of course, the website states:
"The Bonded Sender Program assesses a complaint fee for any spam complaint[*] received from your subscribers. This fee will be charged to your account when the complaint is received. Ideally, you would not receive any complaints. However, you should be prepared for one or two complaints over a year's time. This fee is donated to anti-spam organizations."
Sounds nice. Once this gets around the market ... have a grudge ... want to get back at someone ... especially if the e-mailer is relying on the implied consent exemption under the Bonded Sender program which does not exist under the CSA? Incoming ... Duck
It seems, Bonded Sender recognizing this potential flaw has decided to change its system, so that fines are donated to a rotating set of non-spam-related charities, such as the Center for Internet Education.
Also the Email Service Provider Coalition (ESPC) recently completed a study of the Bonded Sender Program. The ESPC had decided to go with Bonded Sender to implement its blueprint to deal with Spam.
In a DM News article titled E-Mailer Report Criticizes IronPort's Bonded Sender dated June 3, 2004, the study is reported as "pan[ning] the Bonded Sender program."
The article concludes with three important comments:
"'All these things [referencing the problems outlined in the study] are solvable,' Forrester Research analyst Jim Nail said. 'But one of the things I hear often, from both e-mailers and ISPs, is they are extremely leery of setting up any one private organization in a position of that kind of power.'
...
The ESPC report said it 'holds serious reservations about Bonded Sender's ability to fulfill identity and reputation in its current form.'
...
'I think what we're seeing is IronPort is putting the cart before the horse, saying they've got this fully baked system before the industry can agree on what should be the guts of the system,' Nail said."
This article simply confirms, if industry wants a private solution regulated by Goverment, instead of a Government implemented solution, allowing for open classification services makes more sense than simply going with one closed solution.
[4]back On May 25, 2004 SPF announced on its website "Microsoft has dropped its objections to the SPF semantics and syntax model. Getting their buy-in is a major step forward. People who have been waiting to see how things will shake out can now go ahead and publish SPF records. While the SPF community conceded that the upgrade path for SPF should be XML, the existing TXT format will be supported for the foreseeable future. For more details, see this slideshow."
The slide show will help you understand how SPF, Caller ID For Email and Domain Keys can be brought together to produce one protocol. For some amusement and heavy breathing, you may also wish to read Microsoft's announcement, which was subsequently picked up in the main stream press. The difference in perspective is interesting. Wonder whose perspective will win out?
[5]back When I wrote the article Is The Writing On the Wall For Spam? I stated in my view based on the prevailing political winds, we would see a registry system sometime in the fall of 2004. The political pressure remains.
However, as we all know, the concepts behind a Do-Not-Call-Registry do not apply to e-mail, given the wide variety of uses for e-mail in both the business and personal setting. Also, there are significant privacy concerns surrounding implementing a do-not-email-registry.
In February, the FTC issued a request for information on how to implement a Do-Not-Email-Registry. Based on various previous consultations, as part of the process, the FTC requested information on the concept of implementing a domain wide registry system.
In response to the FTC's request in March for comment on the report it had to prepare as mandated by the CSA on implementing a Do-Not-Email-Registry a significant number of comments were filed. The vast majority of these comments concluded a Do-Not-Email-Registry would not work. However, of greater interest is the discussion surrounding implementation of domain wide registry system.
To gain an understanding of this discussion and how matters may proceed, you will want to read the filing by the Electronic Privacy Information Center (EPIC) in favor of a do-not-email domain wide registry system and that by United States Internet Service Providers Association (US ISPA) in opposition to immediate implementation.
What do I think will happen? Want the US to move to an opt-in regime? Then hopefully the FTC has remained abreast of what is going on with the MARID Working Group concerning developing one protocol for sender authentication, along with the VouchList Specification.
These are two of the required technical building blocks to allow for implementation of a domain wide registry system. Network administrators of registered domains using gateway filters can then accept all e-mail which based on the sender's rating is solicited commercial, transactional and relationship, or personal e-mail, with the filters rejecting at least all unsolicited commercial e-mail sent in bulk, meaning the rejected e-mail was sent by an e-mailer who does not have the minimum required rating to establish he, she, or it is a solicited e-mailer.
Couple this approach with Penny Black and you may have the technology to properly implement a domain wide registry system.
For the concept to work, every one who wants to send e-mail either within or to the United States would have to get a license, with two categories being established, a personal license and a business license. Your data is registered and listed with a classification service. (This service could be independent of Government.) As an e-mail sender, you then receive a rating based on the data you provide.
Why a licensing system? Provide false data or send illegal e-mail? "Do not pass go, do not collect $200, go directly to jail," to quote from the board game Monopoly.
E-mailing criteria has to be established. A number of issues need settling, including whether first contact by way of one-off unsolicited commercial e-mail is onside, or whether this simply goes by the way side. Another issue is enforcement on non-residents who will want licenses, but may be beyond the law's long arm. With a rating system, this allows for a certain level of flexibility. The rating you receive is then monitored and adjusted based on actual performance.
To deal with complaints, you can sign up with a dispute resolution service to mediate disputes, so that issues are resolved without senders being black listed, fined or worse, providing you honor any commitments. You can also join organizations dedicated to providing continuing education and maintaining best practices. Doing these two items would presumably allow for a higher rating.
Or you could sign up for a service like Habeas or Bonded Sender which provides some of these services and presumably receive a higher rating.
I am not saying this approach is perfect, or that it will happen. But, once we reach the threshold of it being doable, the political pressure from consumers will over power any industry objections. (When I speak of consumers in this instance, I am talking about anyone outside the marketing industry.) Unless, in the interim the level of UBE has dropped significantly and the consumer perceives this change. So, yes the clock is ticking.
Needless to say, there is significant room for "jiggery pockery," so you have to field test all of this, work on the details, field test some more and then set up a system which can grow to meet demand. A daunting task and why the US ISPA argues the FTC should let 'industry' lead the parade.
This position has merit, if the process is open, transparent and fair. Sure brother and which planet were you born on? The upshot. At a minimum, the micro business on-line community needs the support of and involvement by the FTC to keep the process moving in the right direction.
Note On Registered Marks
I acknowledge Bonded Sender and IronPort are registered marks of IronPort Systems, Inc. Hotmail, MSN, and Microsoft are registered marks of Microsoft Corporation. And if I have used someone's registered mark without specifying, please consider this as appropriate acknowledgement.
--------------------------------
John Glube, Publisher and Editor of Head's Up, A Copywriter's Journal. Not yet subscribed to the Journal? To get all the details Use This.
--------------------------------
First Published 29.05.04. Amended 30.05.04, 31.05.04, 03.06.04, 06, 06.04, 07.06.04, 10.06.04, 11.21.04
| |