When the U.S. CAN SPAM Act was passed eight years ago, critics of the measure doubted it would put a dent in the flow of Internet junk mail. They were right, but few would have predicted that many spammers would use the law as a subterfuge for their pesky activities. They do that with “snowshoe spam.”

It’s called that because it exploits the principal used by snowshoes to prevent their wearer from sinking into deep snow. They do that by distributing a walker’s weight over a larger area of snow. Snowshoe spam keeps junk e-mail from being sunk by a system’s spam defenses by spreading the spew across multiple IP addresses.

That can be particularly effective against an email system’s volume filters. Those filters monitor the origin of email. If a large volume of email with the same content is coming from an IP address, those filters will start blocking the email and treat it as spam. By using multiple IP addresses, spammers can keep the volumes on any single IP address low enough to submarine the thresholds used by the volume filters. Continue reading Junk Mail Law Contributes to Expansion of ‘Snowshoe Spam’

The NonProfit Times has a great article on what to do if your company receives complaints about bulk emailing. Although the article is aimed at non-profits, the information is useful to all kinds of companies and organizations.  Here’s an excerpt:

Even if your organization follows best practices, you may occasionally do something that triggers a spike in spam complaints. This is most commonly caused by gaps in permission-based list building practices or unwelcome changes in message frequency or content. A good email service provider will offer you tools for mitigating the impact of mistakes like this on your overall email delivery.

For example, emails that have been organically acquired following strict permission-based practices are much less likely to generate spam complaints than addresses that have been added via append services. If your email service provider can segment your mail stream by the permission basis of intended recipients, any spikes in spam complaints from lower quality lists can be insulated from the mail resources used to send to your core house file.

This is an excellent article. These days, when  sending out bulk emails from your company you need to be very very careful. Make sure you are following all the requirements of the CAN-SPAM act, and also review your emails to make sure the subject lines don’t contain words or phrases commonly associated with spam as they will be sure to trigger a spam filter, or worse, a blacklist somewhere along the line. Email can be a valuable tool for your company but you must exercise caution and care when using it.

In a somewhat peculiar case, e360Insight LLC – the one-man mass mailing company which sued Spamhaus for besmirching its *cough* good name with accusations of spamming and which is now itself being sued for spamming – is suing data aggregation company ChoicePoint for CAN SPAM violations and breach of contract.

BackGround: e360Insight bought millions of email addresses from ChoicePoint. Some of the addresses were marked with an “O” to indicate that they could not be used for email marketing, while others were marked with an “I” to indicate that they could be used for email marketing. e360 proceeded to send emails to all addresses, regardless of whether they were marked with an “O” or an “I” – and that resulted in them being sued by some peeved recipients. Now here’s where it gets interesting: CAN SPAM prohibits the selling of email addresses belonging to people who have opted out of mailings. Consequently, e360 are claiming that ChoicePoint breached both contract and CAN SPAM provisions by selling opt-out addresses, even though those addresses were clearly marked as such:

If Ms. Sidewater’s assertion is true, this assertion constitutes an admission of violation of the CAN-SPAM Act of 2003, which provides that if a recipient requests not to receive commercial email, then it is unlawful for the sender to release, sell, or transfer such person’s email address to a third party. Thus, ChoicePoint admits that it breached 12(a)(ii) of the Agreement. But for this breach, e360 would not have sent any emails to the complainants and would not have been sued.

Hmmm. Gotta say, I don’t have much sympathy – in fact, make that I have no sympathy at all – for either side in this dispute. Who’d you prefer to see win? A(n) spammer alleged spammer? Or a company which sells your email address to a(n) spammer alleged spammer?

Tough choice!

Should you be interested in reading more, the documents are available over at SpamSuite.