Saturday morning I check my mail and notice multiple emails from the DMA. Yes, I got three copies of an email from the US Direct Marketing Association with the subject line Kick It Up A Notch With The DMA Career Center. It seems the DMA are buying addresses from various companies. Because I use tagged email addresses, this means their naive de-duping doesn’t realize that laura-x and laura-y are the same email address. Of course, they’ve also managed to send to an untagged email address, too. I have no idea where they got that particular address; I’m sure I’ve never handed that address over to the DMA for any reason.
Saturday afternoon, I check one of the professional filtering / anti-spam mailing list. Some subscribers are asking for copies of spam from 18.104.22.168 to .194. They’d seen a lot of mail to non-existent email addresses from that range and were looking to see what was going on and who was sending such bad mail. Multiple people on the list popped up with examples of the DMA mail.
Sunday morning, I checked the discussions wherein I discovered the DMA was added to the SBL (SBL 202218, SBL 202217, SBL 202216). It seems not only did they hit over a hundred Spamhaus spamtraps, they spammed Steve Linford himself.
Today the U.S. Direct Marketing Association (DMA) spammed a dirty list. Along with a number of personal email addresses of people who had decidedly never requested email from them (among them Spamhaus’ CEO Steve Linford), they have hit over 150 of our spamtraps so far today.
The DMA knows very well what the accepted standards of bulk email marketing are in 2013. They know that appended or purchased lists are acceptable to almost no receivers. Yet they chose to email that type of list.
Monday morning I check some of my marketing lists and discover that at least two people outside the US received the email.
If you’re going to buy addresses, you want to do it better than the DMA.
Let’s look at how many things they did wrong in this one email.
- Bought lists that had different email addresses for the same person. To me, there is no clearer sign of spam than getting more than one copy of a message.
- Bought multiple mailing lists and mailed the whole thing with no testing. Had they mailed this slower, watching for bounces and complaints and Spamcop reports, they may have realized the list was a problem before they got themselves in trouble.
- Mailed the list without looking for well known “don’t email this” addresses. This one seems to me to be about the dumbest thing, they didn’t even take @spamhaus.org addresses off the lists before mailing them.
- Didn’t do any work to determine the geolocation of recipients. For a lot of things this may not be an issue, but in this case, the DMA is advertising a jobs center. Moving countries for a job is not unheard of, but it can be tricky to get work permits. Pay attention to what you’re sending.
- Added a disclaimer that is clearly untrue. Don’t tell people they’re getting this because they “expressed interest in…” when purchasing list. No one likes to be lied to, and many people do know what they have and have not expressed interest in.
I do expect better from the DMA. Avoiding this sort of highly visible catastrophe requires a competent implementation of your entire email programme, from address capture through sending practices and list maintenance to graceful disaster recovery. Do you have the expertise in-house to create that programme? Are you sure? I can help.