I’ve said in the past that I think that best practices are primarily technical. I don’t believe there is a best frequency or a best time to send mail or a best image to text ratio.

My top 6 best practices every marketer should be doing (and too few are).

1. Send technically correct email. That means finding a developer who understands the various email related RFCs including 5321 and 5322 as well as the MIME standard, HTML standards and encoding standards. Don’t rely solely on your vendor to create a correct email for you.
2. Stop sending mail to non-existent or abandoned email addresses. This means correctly handling addresses that bounce and implementing some sort of data hygiene that’s appropriate for your lists and market segments.
   
3. Use VERP in your mail strings. VERP means each email is tagged with the subscriber, list, and even mailing. Having that data encoded in the headers allows troubleshooting, bounce processing and FBL processing much, much easier.
4. Send only opt-in mail. I know a lot of people argue permission is passé but I don’t believe that is true. ISPs, receivers and filtering companies don’t like it when you send mail without permission.
5. Be up front with recipients how you’re going to use their email address. Don’t hide the opt-in language in your privacy policy.
   
6. Send a welcome message. Introduce yourself, introduce your program, get your message in front of your new subscriber as soon as possible after they subscribed. They’re interested in what you have to offer, get into their inbox ASAP to engage them before they move on.
   

How you implement these practices depends on your particular infrastructure, goals and recipient base. Mailers should, though, have appropriate implementations of practices.

The whole article is a lesson in how to do email right. They are sending relevant and engaging mail to their subscribers. They kept the addresses of people who wanted the mail, but designed a new program from the ground up. All of the key points I, and others, keep talking about is present in their new program.

• they had a defined content strategy
• they had permission to send
• they sent consistently
• they sent engaging emails
• they maintained their lists aggressively

In short, they provided a valuable set of emails that their recipients wanted effectively. And with a list 25% of the size of the unengaged list they started with, they have doubled online sales.

In a recent survey published by Help Net Security, approximately half of all employees said they would take data, including customer data, when leaving a job.

This has major implications for ESPs, where employees have access to customer data and mailing lists. There are at least 2 cases that I am aware of where employees have walked out of a company with customer mailing lists, and I’m sure there are other incidents.

ESPs should take action to prevent employees from stealing customer data.

Most of the cases I am aware of have actually been inside jobs. Data has been stolen either by employees or by subcontractors that had access to it and then sold to spammers. There are steps that companies can take to prevent leaks and identify the source when or if they do happen.

1. Limit employee and subcontractor access to data. Keep data machines separate from other machines and limit employee access to those who must have access.
2. Subcontractors who must have access to data should be under contract and under NDA. Make it very clear that data leaks will be treated seriously and may result in legal action.
3. If employee or business issues mean that employees will be terminated, remove access to data sources before the employee is notified of termination. Some employees who would not consider stealing data from a company they work for will take data after they are terminated.
4. Institute secure audit trails for access to data. Track every time an employee accesses data from a console, web interface or client.
5. Prevent, as much as possible, the ability for anyone to download data. If there are reasons someone needs to download email addresses, remove @ signs and replace with another symbol to make it less likely that trojans on employee laptops will steal the addresses.
6. Prohibit employees from storing customer data on laptops or downloading over wireless.
7. When providing data to subcontractors seed addresses in the lists. This way, if the list is leaked or sold, then you will know when that happens. Provide unique seeds to each subcontractor in order to identify which subcontractor is responsible for the leak.
8. Occasionally search all machines on your network for the seeded addresses to identify places where data may unexpectedly end up internally.
9. Occasionally punch seed addresses into search engines (Google or Bing) to see where address lists may have leaked.
10. Run current and up to date anti-virus software on all machines. Use hardware firewall and VPN software to limit external access.
11. Block outbound port 25 across the network. Ban any peer to peer software on any machine that has access to address lists, including employee laptops.
12. Securely store and/or encrypt any backup tapes to prevent employees from walking off with them.
13. Don’t put email lists or log files within a webserver directory; htaccess protection is not sufficient to prevent access.
14. If you are shipping files around with email addresses, use good encryption to prevent unauthorized users from having access.

None of these things will guarantee data will not be stolen or leaked. But limiting access to the data, and having a clear audit trail and consequences will make anyone think twice before stealing it.

There are a number of things that ISPs are monitoring besides complaint rates, although they are being cautious about revealing what and how they are measuring things. I expect that ISPs are measuring things like:

• How many users read a particular mail?
• How many users click through on a particular mail?
• How many users have the senders from: address in their address book?
• How many users receiving the mail have abandoned their accounts or not logged in for months?
• How many users never open a particular mail?

Some of these values senders can measure as well. Senders know, for instance, how many users click through on a mail. They know that some people do open the mail, and they know that some people don’t open the mail. The numbers on opens are not always completely accurate, as to measure opens the recipient must load HTML images. But images are not rendered by default in a number of email clients, and some ISPs don’t show images unless the recipient agrees, or the sender is in the recipient’s address book or the sender is certified by a 3rd party.

Senders don’t have any way of knowing, however, if an email account has been abandoned. That’s something that only the ISPs know. Because of the tools that senders have, there is no difference between an account that doesn’t load images and doesn’t click on any links and one that has been abandoned. Both of these cases will hurt a sender’s reputation, but the abandoned account will hurt more. The ISP figures that if you’re sending mail for months and months to recipients who don’t even log in, that you’re not engaging readers and sending mail recipients want.

What can senders do?

• Senders with websites requiring a login can disable email to that user. The users account can be  and notify users that they will need to resubscribe to the email list when the user next logs in at the site.
• Senders that do not have registration can send re-engagement campaigns to recipients who have not clicked or opened a mail. Users that do not interact with the mail are dropped from the list.

Yes, you will lose names off your list. But those are people who aren’t interested enough in your mail to read it or click on anything for months and months. What value is that name bringing to your business? Does that value outweigh the reputation hit that continuing to mail non-responsive addresses brings?

Part 1: Campaign Stats and Measurements
Part 2: Measuring Open Rate

Reputation at the ISPs is an overall measure of how responsive recipients are to your email. ISPs also look at how much valid email you are sending. Anything the ISP can measure and use to distinguish good mail from bad is used in calculating reputation.

Some of the major metrics ISPs use include the following.

Invalid Address Rates
The ISPs count how much mail from any particular IP address is hitting non-existent addresses. If you are mailing a large number of email addresses that do not exist (550 user unknown), this is a suggestion that your address collection techniques are not very good. Responsible mailers do have the occasional bad address, including typos, expired/abandoned addresses, but the percentage in comparison to the number of real email addresses is low. How low is low? Public numbers suggest problems start at 10% user unknowns, but conversations with ISP employees show they consider lower levels a hint there may be a problem.

To calculate bounce rate ISPs take the total number of addresses that were for invalid accounts and divide that by the total number of addresses that the sender attempted to send mail to. Rates above 10% may cause significant delivery issues on their own, rates lower that 10% may still contribute to poor delivery through poor reputation scores.

Spamtraps
ISPs pay a lot of attention to how much mail is hitting their “trap” or “bait” accounts. There are a number of different sources of these trap accounts: old abandoned email addresses, addresses that never existed or even role accounts. Hits to a trap account tells the ISP there are addresses on your list that did not opt-in to receive mail. And if there are some addresses they know about that did not opt-in, it is likely that there are other addresses that did not opt in.

Spamtraps tend to be treated as an absolute number, not as a percentage of emails. Even a single spamtrap on a list can significantly harm delivery. According to the ReturnPath Benchmark report lists with a single spamtrap had nearly 20% worse delivery than lists without spamtraps.

This is spam clicks (FBL complaints)
Complaints from users are heavily used by ISPs. This tells them directly how many people are objecting to your email. In this case, permission is removed from the equation. Even if a sender has permission to send email, the recipient can say “no, I don’t want this, it is spam.” The ISPs put more weight on what their users tell them than on what the senders tell them.

The customer is always right. In my opinion, there is no such thing as ‘overuse’ of the report spam button. The more feedback we get, the better. Our job is to keep the user’s inbox in the state they want it. The more they tell us what they do and don’t want, the clearer picture we get about who is sending unwanted mail. So I would say, yes, it does affect my ability to do my job in that it enables me to actually do my job.

It might cause my job to involve more detailed research into people’s preferences and what to do with mail that people disagree about, but I don’t see that as a problem.

Just because a marketer doesn’t like that we consider our users’ opinions to be more important than theirs is not really a problem either as far as I’m concerned. I’m here to serve my users, not them. They can either send mail that people don’t respond negatively to, or I can put their mail in the spamfolder. It’s not like they are going to make any money by repeatedly mailing people who think their mail is spam anyway.

In many ways relying on the users to provide feedback is a good thing. The ISP gets a direct measure of what the recipients think without having to filter through a lot of obfuscation from bad senders.

Complaint percentages are measured by taking the number of “this is spam” clicks divided by the number of emails delivered to the inbox. Percentages under 0.3% usually result in reasonably good delivery, depending on other metrics. Percentages higher than 1% usually result in poor delivery, even if other metrics are good.

“This is not spam“ clicks
This measures how many people tracked down wanted mail delivered to the spam folder and tell the ISP the mail is not spam. These clicks are vital in reputation scores. Senders who are having intermittent bulk foldering are most affected by these types of stats. If your recipients don’t care enough about your mail to go into the bulk folder and find it, then the ISP believes that the mail is not necessarily wanted.

ISPs calculate the ratio’s differently and there is not a standard formula for how valuable a this is not spam click is.

The secret sauce
This is what distinguishes one ISPs filtering process from another. Each ISP and each spam filtering company has their own secret sauce. The things above are things that the ISPs have confirmed to me that they measure. I believe they also measure other things, including recipient profiles, recipient clicks, probably some stuff they won’t ever admit outside a development meeting. The secret sauce is also how they weight the different factors. ie, a this is spam click is not weighted the same as a this is not spam click. How important are complaints versus mail sent to dead addresses? How vital are spam traps? Some ISPs probably even have trusted reporter setups where people with good histories of accurately reporting spam have their reports weighted more heavily than unknown people.

The good news is, with the exception of the secret sauce, all of these factors are under control of the sender and senders can make changes to their mailing programs that will improve reputations and delivery.

I am here to tell you that nothing could be further from the truth!

Senders are not passive victims of the evil ISPs. In 99% of cases, delivery problems are fully under the control of the sender.

Mail being deferred? Mail being blocked? Mail being delivered to the bulk folder? Senders do NOT NEED TO CALL THE ISP to fix most of these. Tickets do not need to be opened nor do personal contacts need to be employed. You can resolve the vast majority of problems with data you already have.

What do your emails offer that people can’t get from any other email list?
If a competitor started offering the same content or similar offers, why would subscribers stay with your list?

Discounts and coupons may generate short term subscriptions, but Mark discusses if they are the way to generate long term loyalty and subscribers.

Stats for the “Inactives” list (241,832 recipients):

Spam Complaints: 43
Open Rate: 6%
Click Rate: 2.4% (and 7,688 total clicks)
Unsubscribes: 264
Bounces: 6,878 (2.8%)

Stats for the “Actives” list (69,642 recipients):

Spam Complaints: 3
Open Rate: 36.3%
Click Rate: 7.4% (and 6,925 total clicks)
Unsubscribes: 96
Bounces: 128 (0.18%)

This is very clear data showing senders should think long and hard before mailing that list collected over months and years. Older lists have much, much worse stats, both in terms of delivery and in terms of recipient response, than newer lists. It also demonstrates that failing to mail people regularly does hurt delivery.