What are AOL and Yahoo thinking?

I’m heavily involved in the administration of our league and have written a lot of software to help manage things. If most of your participants have email access, it can make communication much easier. If you can send email to 12 folks and only have to call two or three on your team, that’s much easier than calling everyone. But relying on email has some hazards. One area that is always a struggle is ensuring the emails sent from our officers, our online league management system, and our various mailing lists get through to the recipients. SPAM filters are a lifeline to people drowning in SPAM, but they are not perfect. Larger ISPs sometimes take steps that overall may help but can be a nightmare to deal with as a small non-profit. I have spent days of time trying to ensure that any legitimate email from our league gets through to the hundreds of parents we have spread across all sorts of ISPs and free email providers. I think I’ve made a lot of progress, but even now I still fear some ISPs may just be dropping our emails into the trash.

This may seem a bit alarmist, but once you’ve actually fought this for a while, you see how much the SPAM fighting measures have impacted legitimate communication. I’m not saying fighting SPAM is bad – its great, but sometimes the devil is in the details…


 

For example, Earthlink has a spam fighting solution that users can enable which sends you, the sender, an email with a link you need to click. This take you to a form where you type in a message stating ‘please accept my email’ If they approve of you, you are whitelisted and get through from then on.

But what about emails sent from mailing lists or even worse, from your online league management system? If you have the sending aliases setup properly, you (or someone – maybe your webmaster? do you know?) may get that challenge response. But with mailing lists, depending on the setup, you may never see it. That person will never get the emails they are supposed to – you know the one telling them registration ends tomorrow?

Other problems include SPAM filters that boost a SPAM score if there is no display name. If you send an email to [email protected], it will likely get a higher SPAM score than if you sent it to "Jane Doe" <[email protected]> Including the display name helps (our league management system uses the stored parent name in all emails to help get around this) For the more technical types, you better make sure your ‘Return-Path:’ header is set properly too. It’ll default to the userid of your web server (apache) which can set off SPAM rules. If you use any kind of online team management software or service and emails come from your domain, make sure you have a proper SPF record in your domain zone file. NEVER send messages in HTML format, don’t include useless graphics in them, and try to limit the number of links you include in them. All of these get SPAM filters edgy.

The key to most of the above is you can often take steps to ensure you don’t run afoul of SPAM filters without spending more money.

Now AOL and Yahoo are set to make things worse. MUCH worse. The Electronic Frontier Foundation has an excellent overview of the potential problems that is worth the read. They are partnering with a company called Goodmail which provides a service to senders of email. You register with Goodmail and pay them $0.01 to $0.0025 per message and they will include an encrypted token in the message. When AOL or Yahoo see an email with a valid Goodmail token, that message is delivered immediately to the user – no questions asked. The flip side of this is to make Goodmail a desired service, they also plan to significantly tighten their SPAM filters, making it much more difficult for you to get email through their filters and to their users. Even worse, they are apparently doing away with their whitelist service, though its not clear if AOL users will still be able to manually add senders to their whitelist.

Now on the surface this seems like an OK setup – commercial companies want to send marketing email they should pay. The problem is the incentive to generate revenue from this will all but force AOL and Yahoo to tighten their email filters to the point that if you aren’t paying Goodmail to email their users, your message probably won’t get through or will be marked as possible SPAM.

We send a LOT of email through the course of a season. One cent sounds like nothing, but put another way, it would cost our league $8 every time I emailed our parents list. Every time a coach sent an email to their team, it would cost 8 to 12 cents. We have a small league – imagine spending $80 to email your parents.

SPAM is a problem, but this is clearly not the right way to do it. It sets a scary precedent that charging to send email is OK while doing little to prevent SPAM. Spammers will figure a way to get Goodmail tokens and while not as plentiful, they will still get SPAM in your inbox – and now it’ll be certified as ‘legit’ by AOL. Plus they can charge more for their services because they can tell the advertiser that their emails have a MUCH higher chance of being read.

While Goodmail has said they will have discounts for non-profits for 2006, what about 2007? This is crass commercialism wrapped in the cloak of SPAM fighting. While large companies can afford to pay for email, non-profits cannot. AOL and Yahoo are giving this technology a major boost and if it catches on with other ISPs, you may find it much harder or much more expensive to communicate with your users online.

So what can you do? One idea I’m working with is to create a script on our website that outlines the issues with SPAM filters and different ISPs and the fact that we won’t pay for Goodmail. It will tell users before they register they need to make sure they can receive emails from us. It will highlight the various email addresses we use to send messages and link to whitelist instructions for most ISPs that have a whitelist capability. "Put these email addresses on your whitelist first" Now they can use a simple form where they enter their email address. It will send an email to them just like the online system would. The screen will then tell them they should receive it within a few minutes and it will say x, y, z. If they don’t receive it, they need to contact their ISP to find out why legitimate email got blocked, or they need to use a different email provider (Google’s GMail so far has done VERY well fighting spam without taking draconian measures) Give the users an address where their ISP folks can contact your technical folks and over time you should ensure more of your emails are getting through. This indirectly helps you as well since different ISPs have very different SPAM fighting strategies and if you get called by the right person, they may be able to give you even more hints on getting your messages through.

Another idea is if you use a mailing list heavily, include headers from the most recent messages on your website and include a tiny note that says ‘If you haven’t seen these messages and are on our mailing list – your ISP is blocking these messages" and point them to instructions for whitelisting and ensuring they get the messages.

This is not theory – this is a real problem. I deal with parents every season who want to do everything online but things get caught in over zealous SPAM filters or badly configured user SPAM preferences. As non-profits, we need to take action now to a) make sure commercial interests don’t take away a vital resource by making us pay for something we’ve relied on as free and b) make sure our users are getting our information. Its too easy to say ‘Who cares of silly AOL users don’t get your messages, they need to find another ISP’, but that is highly unlikely since people abhor change – especially with their computers. It may not be fair but if you want your info to get out, you need to get really good a jumping through hoops!

Leave a Reply