HomeMarketing ChannelsEmail
EMAIL
Avoid the Spam Filter
June 16, 2004

Filters make mistakes -- here's how to  make sure your legitimate email gets through.

These days, spam filters on personal computers and corporate networks are absolutely necessary. This software is designed to snare presumably unwanted incoming messages based on a variety of characteristics, including the sender's email address, words in the message subject line or even in the body of the message.

Most of the time, spam filters work. Of the 909 million inbound emails scanned by MessageLabs' Anti-Spam service in May, 691.5 million were intercepted as spam. That's a global spam ratio of one in every 1.3 emails.

Yet, spam filters are not perfect. Sometimes, they snare perfectly legitimate messages, such as a "cold call' email a sales executive might send to a potential client, or even a message from a potential customer to a corporation's vice president of purchasing.

"The problem [of spam filters catching legitimate email] is getting worse, because companies are angry with the amount of email that is being sent to them," says Adam Sarner, customer relationship management analyst with Gartner, Inc., Stamford, Ct. "As a result, enterprises tend to block [messages] first and ask questions later. Spam is that bad that businesses and consumers are much more willing than they used to, to pass up a [legitimate] email or two rather than letting it all through."

Sarner likens spam filters turned to maximum protection mode to a car alarm turned too high -- and set to go off even when an innocent pedestrian walks in the general vicinity of the vehicle.

Spam Filters: A Look Under the Hood

No two spam filters work exactly the same, and most of these utilities offer the user considerable flexibility in the types of messages they allow or stop. Still, there are some red flags.

Most spam filter companies closely guard this information. After all, if the "bad guys" got ahold of it, the secret would be out, and effectiveness would be lost. Still, so that your next business email does not get unfairly marked with the sign of the spam devil, it would be useful to look under the hood and see exactly what raises the hackles of one of the better-known spam utilities out there.

SpamAssassin has posted a list of verboten email subject lines, suspect practices and related taboos. Here are 25 of the spam sins this tool looks out for:

  1. Body of message incorporates a tracking ID number
  2. Body of message contains a large block of hexadecimal code
  3. Body of message contains one or more lines of "YELLING" (i.e., all-caps)
  4. Message includes Microsoft executable program
  5. Message body has at least 70 percent blank lines
  6. Message header indicates message was sent directly from dynamic IP address
  7. Message From field appears to not contain a real name
  8. Message From field ends in numbers
  9. Message header contains numbers mixed in with letters
  10. Message subject includes the term "offer"
  11. Message to: field contains spaces
  12. Message Reply to field is empty
  13. Subject has exclamation mark and question mark
  14. Subject is ALL-CAPS
  15. Message subject starts with an advertising tag
  16. Message From: field contains the term "friend"
  17. Subject contains "As Seen"
  18. Subject starts with dollar amount
  19. Subject contains "Double Your"
  20. Subject contains "For Only"
  21. Subject contains "FREE"
  22. Subject contains "Free Instant"
  23. Message contains excessive images without much text
  24. Message body contains the term "nobody's perfect"
  25. Message body claims not to be spam

If you are sending out messages with any of these shortcomings, no wonder your potential clients and customers keep telling you, "I just found your message in my spam filter!"

When a spam filter working within an email program sees a suspicious incoming message, the filter will either delete the message entirely, or place it in a special spam folder the recipient is free to browse if and when he is so inclined.

The occurrences of legitimate email being grabbed by spam filters is so acute, the phenomenon has a name: false positives. In a common false positive scenario, a legitimate business email could wind up in a user's voluminous spam file, 65th in a list of 217 solicitations for everything from bargain real estate to body enhancement potions.

And, if your perfectly sincere message is surrounded by such unseemly entreaties, it will probably never get read.

"False positives are definitely a problem," says John Levine, author of "Fighting Spam For Dummies." He's also a spam expert who has testified in front of U.S. Senate and Federal Trade Commission committees studying the issue of unwanted commercial email.

Unfortunately, spam filters seem to have an anxiety attack when they encounter legitimate emails dressed up with pretty graphics. Since porn, free travel and other spammers like to use graphics, you, as a legitimate marketer, suffer at least some guilt by association.

"Spam filters tend to work with formatting rather than words," says Mark Sunner, chief technology officer of MessageLabs. "Some companies attempt to pre-format their emails in HTML with a logo and letterhead. The more you have of it, the more it brings alarm bells," and creates false positives.

David Skoll, president of email filtering solutions provider Roaring Penguin Software Inc., believes an enterprise can minimize or even eliminate the problem of false positives by implementing a server-based filtering solution that leaves the final decision about what is or is not spam up to each end-user. "People are getting fed up with the hack-and-slash approach toward [spam management]," he says. "Server-based solutions learn over time what is considered spam and what is not, and can be tailored and configured down to the user level."

Daniel Tynan, author of "Privacy Annoyances," and a regular columnist for Sales and Marketing Management magazine, sees both sides of the issue. "It is possible to tune spam filters to get false positives down, but the typical overworked network administrator too often says that 'we are getting so much pornography,'" that the spam filter remains turned on to maximum strength, Tynan says.

So what can a legitimate emailer to do to avoid being caught in the spam trap? Experts offer several suggestions:

  • If you are sending a message to someone you don't know, consider sending the email as plain text, rather than as HTML, which makes the message look like a Web page. Tynan recommends plain text because spammers often use HTML computer code to hide "beacons." These are small graphics that when a user opens up a spam, sends a type of "message opened" acknowledgement back to the sender.
  • Don't send attachments if the recipient does not know you. Levine, who is also a board member of the Coalition Against Unsolicited Commercial Email, says that because many spammers and virus writers use attachments to spread pornography and malicious computer code, spam filters and anti-virus software sometimes view attachments with suspicion.
  • In your message subject line, be as specific as possible. This point is especially relevant because spammers have gotten smart enough to write messages with perfectly plausible scenarios, such as "Conference call tomorrow at 10 a.m." "That being the case, don't send a generically titled message, but give as many straightforward details as you can in the subject line," says Levine, who suggests naming specific conference call participants or departments. In other words, instead of typing "Conference call tomorrow at 10 a.m." in your message subject line, Levine suggests trying something such as "Conference call with audit committee tomorrow at 10 a.m." Given the specifics of that subject line, spam filters would recognize the message is not generic, and would probably let it through to the recipient's inbox.
  • Even if your message is legit, stay away from message subject words that spam filters look for. Although these words vary with each anti-spam software product, a typical list of such terms is available from free anti-spam utility SpamAssassin. A few suspect terms to avoid include: "for only" and "hello," subject lines that start with dollar signs, and words like "free" or "guaranteed" spelled with all capital letters. See the sidebar for a more comprehensive list of these terms.
  • Obtain permission first. "Email works best when there is full agreement between the sender and receiver," says Gartner analyst Sarner. In some cases, permission would entail contacting the recipient, advising her that you will be sending her an email, and then asking that she adjust her spam filter to ensure that the utility she uses lets your message in. Of course, seeking permission to email a company changes the nature of the email from a cold call to something that is expected. That is fine with Sarner, who views the false positive risks as so acute that sending unexpected email without notifying the recipient first can be a waste of time. Otherwise, "these [unsolicited messages] are going to be reported as spam, blocked and then ignored," says Sarner. "You will want to rise above that noise level, and the best way to do it is to start out with a telephone call or even a face-to-face meeting."

Because the cost-benefit balance between too much spam and that occasional missed potential customer is elusive, the wisest policy is, unfortunately, sometimes a case of the lesser of two evils.

"Fundamentally, it stinks to have to make Draconian tradeoffs, but if you are a business, you have to put up with it," says Levine.

WHITE PAPER LIBRARY

View More Research »