This checklist suggests listwashing, filtering out spam traps, and other practices, generally frowned upon. Do not purchase lists. Period.
If you haven't ensured people have signed up themselves and using dual opt-in then the list is pretty much useless and should not be used. Any serious ESP will suspend accounts of customers sending mails to purchased lists.
I want to clarify that my checklist doesn't advocate for people to purchase lists. If someone is located in a jurisdiction that permits sending of unsolicited commercial mail, and they purchased a list then they should validate it. Validating also applies to contacts acquired through a single-opt in form (with a consent check) as some users will enter fake email address in order to download an ebook or free product. Though you can always send the download link in the email which forces people to use legitimate email address. But your point is well made, I should add a disclaimer, that users should comply with their countries laws and regulations when sending promotional email.
Have to disagree here. Companies do cold outreach and purchase leads all the time. From my experience as long as you clean your list, schedule batch delivery, personalize and comply with the CAN-SPAM At, ESP's will not block you.
Just because people do something doesn’t mean they should.
In that, I focus on what you might call ethics. But as for the legality aspect:
Through most of the civilised world (at a minimum, those that I know of definitely: AU, NZ, all EU, UK, CA), sending unsolicited commercial messages at all is illegal, with very little in the way of exception or subtlety. The USA’s CAN-SPAM Act is the outlier, unusually permissive, by being largely opt-out rather than opt-in like everyone else. (And frankly it’s not at all uncommon for the USA to be an outlier in a bad way among first-world countries.)
And taking the legality aspects further, it’s common for people to ignore restrictive laws that aren’t being particularly seriously enforced, and spam legislation is often like that around the globe. Just because lots of people are doing it doesn’t even mean it’s legal.
I agree, in the civilised world, UCE is spam and there is little to no scope for "grey areas".
For example, the ICO (UK) has the following to say:
You must be very careful before using bought-in lists for recorded calls, texts or emails. You can only use them if all the people on the list specifically consented to receive that type of message from you. Generic consent covering any third party will not be enough.[1]
Unsolicited commercial email are outright illegal in many parts of Europe, and unless there's clear prior consent selling/buying personal data is a GDPR violation.
If you use a purchased list and end up getting a bunch of spam complaints, and you tell your ESP you bought the list, then I promise you they won't be very happy.
"Helloinbox" should have an option to specify a DKIM selector.
It is not correct to only check for a "default" DKIM selector, since any other selector is just as valid as "default", which in turn means the guide should also be updated to reflect this.
Creator of HelloInbox here. A bit of context for those who are wondering.
Frustrated with low open rates, I deep dived into email deliverability and discovered a lot I didn't know (and I'm in tech). Fixed and tested everything and tripled my open rates to 65-80%.
As a side-project I decided to build a free checklist and toolkit for others to follow. My goal is to reduce complexity as much as possible and I think I've done to a degree but there's still a lot work to be done especially for people who aren't as tech savvy.
If you think this can or cannot help you, please let me know, I'd like to know why.
You can follow all these steps and still end up on blocklists. I run a personal mail server for me and my wife, and every now and then my IP ends up on some blocklist which sometimes even denies my delist requests. And if you're especially unlucky, you end up blocked on outlook.com and have to jump through endless hoops.
Unless you're willing to out in the work, I wouldn't recommend hosting your own mail server.
The problem is that you don't need a large percentage of your target to not want them and "report spam" even if it is literally the opposite, then your whole brand suffers.
A lot of the tricky stuff is trying to make the email seem unobtrusive and make the opt-out clear so that if people don't want them, they opt-out instead of reporting spam but a lot of marketing teams still think size of audience is all important rather than quality and don't want their list size to go down by offering easy opt-outs.
If there's any opportunity for someone to take offense and press "report spam" then err on the side of caution and don't send it without prior explicit opt-in that is difficult enough to not be doable by accident (so no pre-ticked checkboxes).
Kind of, yes. From how I understand it, Authentication (SPF, DKIM, DMARC, PTR, et) and Reputation (Good domain & IP score) just informs ESPs that you're who you say you are and you're not abusing their network.
That problem is easily solved with client-side whitelists (ala hey.com). However, that would also mean the death of all "legitimate" marketing emails. All the hoops you have to jump through are there either as a form of identity validation (which is fair) or because the industry wants to allow SOME unsolicited emails through.
How many normal people do you know who use hey? People hate making lists, they won't do it. Then they'll lose their minds when their banks fraud department can't reach them, or they find out they didn't get the job because the recruiter couldn't email them, or...
Then there's the fact that a lot of people sign up for a lot of bacon, then get angry about receiving it.
I haven't tried out hey.com yet. Does it mean I have to fill out some form or captcha in order to send someone an email? Or they would need to "approve" me first?
No. Each time you get an email from a new email address, you screen it and say if you want it in your inbox or somewhere else (spam, or transactional emails, or whatever), or you just don't want to receive it. That way your inbox is only reserved for emails from people you know or accept.
The site recommends a dedicated IP for people sending 50,000 emails per month, but this number is way lower than what I’ve heard from experts before.
I was told anything under 500,000+ emails per month and you might actually get worse deliverability from a dedicated IP vs. a shared IP at one of the big ESPs like mailchimp…since inbox providers like gmail/outlook see low volume IPs as suspicious (no idea why).
I’ve also heard your domain reputation is far more important than shared vs. dedicated IP at your ESP of choice.
Unfortunately I've seen the complete opposite. We've had to purchase dedicated sending IPs for some of our clients that maybe send 50 emails a week.
Why? Because these emails are super important transactional notifications and we constantly saw stuff getting blocked on shared IPs. It would work fine for a while then get RBLd causing major major issues.
Sendgrid, sparkpost etc support all said the only solution was a dedicated IP with them. This does seem to work FWIW, but it's probably working out the same cost per send as sending a physical letter at this point!
>I’ve also heard your domain reputation is far more important than shared vs. dedicated IP at your ESP of choice.
For me the IP address has been the only significant factor in my email deliverability.
I.e., emails sent from my mail server couldn't reach Outlook inboxes or even spam boxes. Straight-up silently rejected every time. If you look at the Outlook.com Smart Network Data Services (SNDS)[0], the terminology used is all about IP. That problem was resolved through a support ticket requesting a kind conditional white-listing.
That's been my experience so far, from the perspective of a low volume, personal email only. YMMV.
There's no way to know, Google and the other big inbox providers don't reveal exactly how they do spam scoring, to avoid spammers from gaming it. You would hope they are using heuristics like domain reputation and email content over IP address reputation.
That being said if you send from a new or rarely used IP, every inbox provider will greylist you at a minimum, which causes delays.
This is why I don't run my own email server. This stuff is table stakes for email services, and there is no leeway for getting any of it wrong, otherwise your mail doesn't send (and you don't get notfied)
On the other hand. Mail delivery services like Mailchimp and Sendgrid often see blocks of their IP address spaces ending up in IP blacklists because their services are prone to temporary abuse by bad actors. So even if you get a personal IP address on the service it might be blocked. At that point you still need to take manual action. Some spam list distributors are borderline extortive in nature and will demand a fee to remove you from such a blacklist, and might not even consider removing you if you are using a specific third party SMTP relay service.
I guess mail delivery is just hard regardless of whether you are hosting it yourself or using a commercial relay service.
Not all IPs are equal. I run two separate email servers which are almost identically set up. One for my business and one for my personal use, both with negligible outgoing email traffic (less than 50 emails a day). My business server is with a quality ISP who cares about their network and deliverability is fine. The other, for my personal use, is on a cheapo VPS provider and the IP gets blacklisted enough because of neighboring IPs in the /24 sending spam that I now relay all of my emails through Sendgrid in order to get any kind of reasonable deliverability.
I think this is good advice. The overhead in operations to host and maintain a custom setup is non-negligible, but at least you might get better delivery rates. One of the annoying things about the commercial relays is that the reported delivery rates can't be trusted as they are based on the receiving server actually reporting accurate responses. In lots of cases the receiving server, if suspecting a spam email, will just report that they received the email and then pass it straight into the proverbial shredder.
So while a relay might say you have 99% delivery rate, the actual number might be closer to 90% and you would never know unless your customers complain about missing emails.
Huh are people really getting such numbers? (Let alone 20,000 emails per hour)
I’ve got a cabinet in a data center and an IP block, but I’ve been using gsuite for years because I assumed that >1 email/hour would result in >1% of my sent mail getting incorrectly flagged as spam. Is that not the case?
Note that this checklist seems mostly aimed at people that send email professionally.
Parts of it surely apply to individuals hosting their own email, volumes likely do not though.
We send a "weekly summary" email of who is absent in your company in the next week.
At 9am on a Monday we send roughly 100k emails via Sendgrid and have very very low spam report rates. Transactional email for even relatively small SaaS companies can get high very quickly.
As much as us in the dev world rely on Slack and try to avoid notification overload, my experience is most people want things as an email.
A large business who gets 20K customer service calls per hour and sends them a CSAT questionnaire? Whether or not you think it is good practice, it happens.
Other scenario is a business that wants to invite a load of people to something at the same time so they are not sending that many every hour but e.g. tickets for a concert, you want everyone to get the same chance.
Yup exactly. I just read a thread on Twitter the other day about a company in NYC (can't remember the name) where they sent an email about an event happening the same week. Their customers (double opt-in) never received the email because most of them went to spam or promotions tab due to deliverability issues. It happens.
Many, many businesses have mailing lists with very high numbers (e.g. hundreds of thousands, or even millions of valid, double-opted-in recipients, etc.)...so needing to send out 20k emails per hour is pretty easy.
If you haven't ensured people have signed up themselves and using dual opt-in then the list is pretty much useless and should not be used. Any serious ESP will suspend accounts of customers sending mails to purchased lists.