Letters to the Editor

This article contains older information. Go here for newer information on e-mail marketing.

Feedback on "20 Ways Opt-in E-Mailers Can Outsmart Spam Filters", Web Marketing Today, 12/3/02, from Brett A. Thomas

I came across your article on getting legitimate email through Spam Assassin on an SA discussion list. Your work in this area is supported by a lot of the SA people (including me), because, like you, we'd like to see legitimate email (including legitimate newsletters) get through, but keep spam out. I'm not an SA developer, but I am a pretty good user of it, and I'm a perl programmer, so I understand the rules it uses.

Anyway, I thought maybe I could offer a little clarification on some terms you had questions about. The following discussion contains a number of HTML comments, so if it simply doesn't make sense when you look it, probably whatever you're using to view it is interpreting the HTML, and you should look at it as raw text.

A comment which "obfuscates text" is one which is used in the middle of a regular word to make it hard to match that word to a spam database. For example, instead of "VIAGRA" (worth 1.394 points in my version of SA), putting in "VIA) followed by a non-space, non-caret character.

While I haven't examined every rule, I'm 98% sure that header tags (<h1></h1>) don't hit any filters one way or another. I'm also 98% certain that using symbols for vowels ("Revers*es Ag^ng") _would_ get you through those keyword filters - for now. But it's very important to realize that SA's keywords come from constant examination of databases of spam and non-spam. The *real* trick legitimate marketers want to do is to make their messages look like the other messages in the non-spam database. Right now updates to the rule base in SA take several months; with the upcoming release of 2.50, it's going to have dynamic learning. So, this trick is one that won't work, long-term (in addition, IMHO, to making your message look to the end-reader like you have something to hide). Eventually, spammers will pick it up to get through the filters. When they do, it will receive a *really high* score, because NO legitimate email does that. A really high score in SA means, "this _only_ shows up in spam."

I think your advice to use emailers which hide headers will have a similar effect. As actual spammers do this more and more (and as non-commercial email almost never does this) eventually rules will be developed that discriminate against email programs which don't provide user-agent information.

Along these lines, your advice to "Remove Spam Flag Addresses from Your List" and to move to double-opt-in is very important for the long-term health of all legitimate commercial emailers. The SA ruleset is put together by a bunch of volunteer spam-haters. The problem is, if you're accidentally sending them your legitimate email because someone else signed one of them up (or you purchased a questionable list), your legitimate email is going to end up getting put in the "spam" pile and used to make new rules to catch spam. The more that happens, the more legitimate email looks like spam. So a legitimate emailer has to have two goals: First, to not look like spam, and second, to never _be_ spam, either.

Finally, a nitpick -- Razor is not strictly speaking a "blacklist." It is a list of messages which are spams. It doesn't track domains or addresses; it tracks individual email messages. So, once one person has identified a message as spam, other users may ignore it. This goes back to what you said, about double-opt-in - a single email to a Razor user who didn't subscribe (or, sadly, doesn't _remember subscribing_) to your list can mean that issue ends up in the Razor database, and a big chunk of readers will never see it. As for the one who doesn't remember subscribing, the best thing you can do to avoid him is to make your newsletter not look like a spam. And doing that is a bit more of an art than avoiding SpamAssassin. :) -- Brett A. Thomas