How to Get Past Spam Filters

By MICHAEL TOTTY | Staff Reporter of THE WALL STREET JOURNAL | March 22, 2004

The deluge of unwanted e-mail messages is a big problem for everybody. But it's what we're all doing to fight those messages that's a big problem for Carlson Cos.

The travel and hospitality company, which owns the Radisson hotel chain and cruise line, sends out a half-dozen newsletters each month, alerting customers to special promotions and communicating with members of its loyalty programs. Nearly a million customers have said they want to receive the messages, but thanks to filters used by consumers and their Internet providers to block spam, "the consumer may not know we're trying to communicate with them," says Michael Williams, director of cross-brand customer relations for Minneapolis-based Carlson's consumer group.

E-mail is a cheap and effective way for online marketers to reach out to prospective customers -- if only they can get past all the barriers consumers have raised to keep out all the spam. About 20% of legitimate marketing messages -- defined as those that recipients have agreed in some fashion to receive -- were blocked or otherwise not delivered to customers' in boxes in last year's fourth quarter, according to Return Path Inc., which helps marketers ensure that their messages get past the spam cops. That was up from 15% a year earlier.

More Filters

"It's been a huge problem for most of the last year," says Jim Nail, a senior analyst at Forrester Research Inc. in Cambridge, Mass. "As spam volumes have been growing, the ISPs have been putting in more filtering to keep these unwanted messages out of people's in boxes, and inevitably some legitimate messages get stopped."

In March of 2003, for instance, Yahoo Inc. launched an enhanced version of its SpamGuard proprietary antispam technology, which allows users to identify the messages they consider to be spam. The new filter captured twice as much spam last month as Yahoo caught in February of last year. (Spam messages aren't blocked, however; they're sent into a separate folder that recipients can view if they want.)

A bigger problem is all the antispam software consumers are adding to their own machines. By one count, there are more than 170 different spam filters on the market, adding a hodgepodge of additional hurdles for marketers. While one filter might object to the word "free," another could have a problem with "mortgage" -- and a marketer has to figure out ways to navigate both.

Still, the tech industry thrives on being able to turn one person's problem into another's business opportunity. So most of the companies that provide marketers with mass e-mail services now tout their ability to improve "deliverability" of their clients' messages.

Blacklist Monitors

Return Path, based in New York, supplies both technology and consulting services to marketers and their e-mail service providers aimed at getting their messages into consumers' in boxes. It screens communications for "spammy" content, tracks messages to make sure that they're delivered and monitors antispam blacklists -- formal and informal registries used by many ISPs to identify spammers -- to make sure clients haven't been added improperly.

The first step, says Matt Blumberg, Return Path's chairman and chief executive, is for marketers to make sure their e-mail system itself doesn't set off antispam software. One technique is to enable a feature on e-mail servers called "reverse DNS," for domain name server, which converts a numerical Internet address into a host name, like wsj.com. Spammers often use fake Internet addresses, but by activating reverse DNS, a legitimate marketer can show it's who it says it is.

"If your server tells me you're eBay, then you're eBay," Mr. Blumberg says. "If it doesn't tell me anything, you're probably a spammer."

TheStreet.com goes a step further. The New York-based financial-information site sends out 16 subscription newsletters in addition to its marketing messages, costing from $79 to as much as $30,000 a year, and it doesn't want unhappy customers who don't receive what they've paid for. So it uses different servers for its newsletters and for its marketing messages to ensure that if its marketing e-mails get tagged as spam, it won't affect delivery of its subscription products.

A Dry Run

Next, companies should test their messages. Carlson, the travel company, began in mid-2003 using Return Path services delivered by its e-mail provider, Responsys Inc. of Palo Alto, Calif., and its bounce rate for messages from its hotel group -- the share of undelivered messages -- dropped to about 6% from more than 16% in January last year.

Before launching a new campaign, Carlson's marketers design the planned e-mail using the accumulated wisdom of past efforts: Avoid the use of large font sizes, and if they must be used, place them in a graphic image, which isn't captured by spam filters, instead of in text. Also, limit the use of the common Web-page programming, HTML, which can catch the attention of viewers but also draws greater scrutiny from spam detectors.

Then Carlson runs the planned message through Responsys' own spam filter (which it licenses from Return Path, which in turn uses the open-source SpamAssassin). This tests the message against 1,500 different spam-related rules and flags any features that could trigger common spam blockers -- excessive use of the word "free," for instance. It then assigns a score: An e-mail with a score above 10 is more likely to be blocked, while a score lower than 5 is considered safe. Land in between, and you might run afoul of some Internet providers, but not others.

Simple housekeeping can help ensure that a company's messages get delivered. Many Internet providers have set limits on large number of e-mails to unknown or unassigned e-mail addresses -- spammers often use so-called dictionary attacks to create likely, though fictional, addresses, like jane.smith@yahoo.com -- and "a lot of mail bounced from addresses that are no longer used is a red flag for spam fighters," Mr. Blumberg says. So it pays for companies to regularly cull their mailing lists of abandoned or out-of-date e-mail addresses.