In his recent Predictions & Unpredictions for 2013 blog post, Return Path CEO Matt Blumberg talked about how brands’ marketing and security functions will need to join forces to fight phishing. One key reason is that phishers and spoofers are continually getting smarter, applying an impressive range of best practices to make their emails ever-more compelling and believable.

• The subject line inspires real concern (especially if you really are a YBS customer!)
• The “Friendly From” is believable (see inset)
• The sender domain is correct (because the real sender is spoofing it!).
• Branding is consistent with the real YBS website.
• The language is professional sounding and there are no spelling mistakes.
• There is a strong, visible call to action – “Click My Account Activity”
• The disclaimer and contact details all appear to be 100% correct.

• It generated a perfectly respectable Spam Assassin score of only 1.5
• It only identified one potential spam trigger word – “Disclaimer”
• It even rendered well on most major mobile devices!

• Nearly 1 in every 20 of these emails successfully bypassing spam filters successfully delivering to recipients’ inboxes.
• Average Read Rate for these emails is 3.66%. This is is particularly startling given that:

1. YBS is a relatively small player in the UK with approximately 1% market share. Assuming that non-YBS customers will almost certainly ignore these emails because they are not relevant, Read Rates for the remainder can be inferred as actually being much higher.
2. In a number of instances the Read Rate is higher than the Not Filtered rate, implying that recipients are recovering these emails from their spam/junk folders and responding to them!

• An authoritative report produced by Cisco Systems shows that on average 99% of phishing emails get filtered, with the remainder generating a 3% open rate. This implies the YBS phishing emails are highly effective, out-performing the Cisco benchmark by a factor of 6.
• Cisco also calculated the commercial impact of a phishing attack at $250 (£155/€190) per compromised recipient. Using the report’s average click-to-open rate of 5%, with 50% of clickers giving up personal data, we can extrapolate the Inbox Insight data to infer an estimated commercial impact in the UK of over £1M pm – for this single scam alone!

• Read our Anti-Phishing Guide which contains actionable advice on how to achieve brand protection and secure your email channel.
• Make use of Return Path’s APS suite of tools and services to:
  • Identify potential brand abuse (Email Brand Monitor).
  • Proactively block phishing and spoofing activity (Domain Protect).
  • Facilitate prosecution or phishing site take-down efforts (Domain Secure).

If your business is seasonal, back-to-school time and the pre-holiday months of late summer and early autumn are likely major tipping points for driving revenue and ensuring you end the calendar year on a high note. More than ever, this is the time that marketers, especially those with a retail and/or e-commerce business, need to harness all the tools they have at their disposal and implement smart email program decisions.

After all, the bottom line isn’t graded on a curve and there’s no such thing as summer school when it comes to missed opportunities for recognizing ROI from the email channel. When Sam Cooke sang, “Don’t know much about history. Don’t know much biology…” his “Wonderful World” put academics second and love first. Unfortunately, email marketers can’t afford to ignore their IQs when it comes to email intelligence.

While being an A+ student in all aspects of email marketing might be unrealistic, there are a few subjects that marketers definitely shouldn’t ignore:

1. Security: Phishing and spoofing activity has never been more rampant and marketers need to be proactive in protecting their brands. Contrary to popular belief, fraudsters aren’t just going after financial institutions like banks, payment services providers and credit card companies; they’re targeting any legitimate brand that subscribers may be familiar with. This includes social networking sites, shipping companies, wireless phone and internet providers and many more. A phishing or spoofing attack has the power to undo all of the good ground work that has been laid for optimizing inbox placement rates and performance metrics. If a subscriber’s personal details or finances are compromised as the result of clicking on a link in an email that pretends to come from your brand, you’ve not only lost an email subscriber and potential (or existing) customer, but your brand reputation has plummeted. In this age of social sharing, that negative outcome likely includes anyone in that subscriber’s network of friends and family as well. What can you do? Protect your brand by using an anti-phishing and anti-spoofing tool that monitors fraudulent activity and blocks any attempts to hijack your domain. Learn more about Return Path’s solution here.


2. Inactivity: Having a large portion of non-responsive addresses on your file is the equivalent of blaming the dog for eating your homework. Not only does this segment reflect poorly on your list hygiene practices, but the inactive portion of your file isn’t going to diminish by ignoring it or pretending it isn’t there.  Most major ISPs such as Gmail, Yahoo, Hotmail and AOL are factoring engagement metrics into their filtering decisions. This includes metrics like whether or not the message was opened, replied to, clicked on or added to a subscriber’s address book. The more messages being sent to inactive addresses, the greater the likelihood that sender reputation and inbox placement will be impacted, negatively affecting response rates and overall program performance. In addition, depending on how long these addresses have lingered on the file, there could be a large percentage of spam traps. When it comes to email intelligence around inactivity, marketers should have a solid and ongoing plan in place for communicating to pre-defined inactive segments with a specific strategy to reengage and ultimately remove any persistent non-responders.


3. Skimmability: Optimizing your creative templates has never been more important as subscribers increasingly use their mobile devices to check email. Return Path’s latest research study “Mobile, Webmail, Desktops: Where Are We Viewing Email Now?” shows that email opens on mobile devices grew 82.4% year-over-year and Apple devices account for 85% of all mobile email opens. Designing email for mobile viewing has its own unique set of best practices to experiment with based on the devices your subscribers are using to view email. Whether it’s testing single-column or multi-column layouts, trying a variety of “finger-friendly” sized buttons that allow for easy clicking, using a text size that can be easily read on a variety of screens or designing mobile-friendly landing pages and websites that support on-the-go conversions, email messages read on mobile devices need to work even harder to be skimmable. The decision to click-through on an email viewed on a mobile device is made in a split-second, so the clearer and concise your message is, the better.

When it comes to realizing ROI from the email channel, what you don’t know can definitely hurt you. The good news is that with a little studying (along with testing, adjusting and optimizing), you can go a long way toward ensuring your program makes the grade for the back-to-school season and beyond.

Margaret Farmakis
Senior Director, Response Consulting
Return Path

• Number of spam complaints generated – too many complaints lead to being blocked by ISPs
• Volume of email sent – dramatically boosting frequency can cause your reputation to plummet 
• Method used to process bounces – invalid email addresses need to be removed promptly as part of essential list hygiene
• Sending to invalid or old email addresses – could cause your campaign to be caught in a spam trap at some ISPs
• Appearance on any blacklists

• The delay between senders receiving a complaint and unsubscribing the complainer
• Repeat complaints 
• Complaints tracked to ISP/mailbox provider 

1. Online Privacy Protection Bill:  A “Discussion Draft” of a bill to require notice and consent to any individual PRIOR to collecting or using personal information was released in early May in the US House of Representatives from Representatives Rick Boucher (D-VA) and Cliff Stearns (R-FL).  Industry and consumer groups alike are not happy with the draft, including the DMA.  Although it may seem at first that the so-called Boucher Bill was just about online behavioral advertising conducted by large marketers; it turns out that it’s very broad and far-reaching on privacy and data security.  During the webinar, Jerry Cerasale, VP, Government Relations for the DMA, gave a very good overview of coverage, exceptions and terms of notice.  Basically, it impacts nearly all kinds of “first party” senders as well as any other company that has access to that data as a “third party.”  It proposes coverage of an extensive list of “unique and persistent” personal data on consumers.
   
   “One potentially bad impact this could have on the email industry concerns the scope of covered data, including email address, IP address, and other unique, persistent identifiers,” says panelist Tom Bartel, CIPP, VP, Receiver Services at Return Path.  “If the exceptions for transactional and operational purposes and for service providers are not effective and clear, this bill could interfere with many industry collaborations.  This includes IP-based reputation systems – data that determines if email messages reach the inbox or not.  It may also impact the operation of Feedback Loops provided to email senders by mailbox providers like Yahoo! and Hotmail.  These feedback loops are a key component in how the industry keeps bad actors out of the email ecosystem."
   
   Both Representatives Boucher and Stearns have indicated a willingness to work with industry and have requested comments on the bill, due by June 4th.  Cerasale said the DMA will be commenting.
    
2. Expansion of FTC Powers: Congress is also considering significantly expanding the powers of the FTC as part of the Wall Street Reform and Consumer Protection Act (HR 4173).  There is not a corresponding bill in the Senate, although Cerasale said in the webinar that one may be introduced later this year. 
   
   Part of the proposed regulation would give the FTC “unbridled authority” to create rules around “unfair or deceptive acts or practices” for many industry sectors.  Cerasale expressed concern about this, and said that more checks and balances are needed.  It is also unclear how this expansion will impact emerging technologies like social or mobile, he said.
   
   Another part of the proposed bill increases the FTC’s enforcement powers to seek civil penalties.  “That may be helpful in catching spammers and other abusers of email marketing,” said Rick Buck, CIPP and VP, ISP Relations and Privacy at e-Dialog.  “Marketers who feel they are exempt from prosecution because they are legal under CAN-SPAM may be following the letter of the law, but not the spirit.  I encourage everyone to go beyond the legal requirements and aim to provide email experiences that are welcome and engaging to subscribers.”
   
   The FTC’s Greisman said only that, “We welcome any support from Congress that helps the agency be more effective and efficient.”  There are some “tools that we lack which Congress may grant us the power to use,” she said.
   
   A third element to this proposed legislation is on responsibility/liability of the delivery provider (broadcast vendor, ESP, MTA Vendor) if their clients do not follow CAN-SPAM or other regulations.  “This aiding and abetting aspect is very concerning,” said webinar panelist, Dennis Dayman, VP, Privacy & Online Security at Eloqua.  “Blurring the lines between purveyor and sender may place an undue penalty on others in the ‘chain of responsibility’ for all brands involved in online advertising or other online acquisition efforts, like third party email senders and publishers,” Dayman said.

Greisman also reported in the webinar that there is no significant update on the behavioral targeting protection guidelines that the FTC has had out for comment for over a year. “Nothing will happen without input from industry,” she said.  Since the mandate from the FTC has been, “self regulate or else,” the webinar panelists Buck, Bartel and Dayman had a number of suggestions for marketers to follow best practices, including:

1. Ensure transparency in disclosure and notice of permission and use of data.
2. Be very clear about opt out vs. opt in.  CAN-SPAM requires only an opt-out, but that is the “bare minimum,” Buck advises.
3. Update your Privacy Policy and provide prominent links.
4. Audit your data usage practices.
5. Be clear on use of data in all web forms and at the point of collection/sign up.

Marketers and everyone in the email industry can support the FTC, Greisman said.  She suggests:

1. File a complaint.  When those complaints are also referred by the DMA, they are particularly helpful, Greisman said.
2. Make sure your opt out mechanisms are working.  (e-Dialog’s Buck recommends checking this at least annually, and preferably monthly.)
3. Be clear about the sender and the advertiser relationships.  (Return Path’s Bartel recommends first party senders consider “framing” the content from third parties or advertisers and clearly distinguish between editorial (original content) and advertising.)
4. Keep data clean, particularly around new sources.  (Eloqua’s Dayman also recommends care around affiliates’ use of data.)

The legislative update webinar was sponsored by Eloqua, e-Dialog and Return Path, with technology sponsor GoToWebinar.  The recording of the full event is free for eec members.  More details on these and other legislative issues important to digital and direct marketers is in the DMA’s quarterly government affairs newsletter, Politically Direct.

- Stephanie Miller
Return Path & eec

Before DMA07, we solicited questions from our members and subscribers, promising to post them in our booth at the show and recruit email experts in attendance to answer those questions. We got some great questions and tons of great answers:

1. How important is it for email creative to match the same look and feel as the order page/landing page?

Marc Pitre, Wampower.com: It's critical to keep the branding consistent between emails and landing pages. Both the creative and the message itself must be consistent to be impactful to the end viewer. It's too easy to dilute your message, so keep it consistent.

Andrew Osterday, Premiere Global Services: Landing pages are often ignored or an afterthought, but can have a strong impact on conversion. The flow from email to landing page should be seamless in both messaging and look and feel. Consider custom landing pages rather than linking to the site.

Stephanie Miller, Return Path: Very. Especially in promotional messages and prospecting. Be sure that the offer in the email is front and center—don't make me scroll. Using a custom landing page can improve conversion rates up to 50%. Definitely worth the investment in optimizing landing pages—they are the fulfillment of the promise created in your email message and it should be a seamless experience.

Michael Fishers, Alterian: It is very important—lack of matching in look and feel produces confusion, feels uncoordinated and impacts response accordingly.

Joel Book, ExactTarget: Providing creative continuity between the email and the associated landing page is vital for driving response and conversion. According to Forrester Research, "92% of business decision-makers go online to research products and services before buying offline." By using email to deliver relevant offers to customers, marketers are accelerating the buying process. The key is to make it easy for the customer to buy—having consistent look and feel for email and landing page achieves this objective.

2. Do the same elements found in traditional printed letters (salutation, closing, signature, p.s.) work for emails?

Melinda Krueger, Krueger Direct: Yes, to the extent that they reflect a personal, one-to-one approach to communication. Corporate "billboards" are easy to ignore; personal correspondence is not. Consider the "voice" and use the personal pronoun!

Elie Ashery, Gold Lasso: Yes, depending on personalized and relevant the message is. Personalization doesn't necessarily mean name, but rather actual content.

3. What do you consider best practice when it comes to accessing and changing email preferences? On one hand, it has to be easy for subscribers to go and edit their subscriptions. On the other hand, no one else than the subscriber should have access to change the subscriber's information. Do you recommend a login, a verification email with required action before changes take effect, a notification email notifying the subscriber that changes have been made, etc…?

Loren McDonald, J.L. Halsey: The simplest means is to include a link in the subscriber's email so that only they can click through to the preference center/update profile page. For sites that link registration (e.g., an ecommerce site), you can link the two processes. A notification email that confirms the changes is always a good idea.

Jeanniey Mullen, Email Experience Council and OgilvyOne: The preference center is a critical element of a successful email program. It can increase the life and engagement of your consumer. Keeping access to preference centers secure is critical but so is keeping access simple. Most companies offer encoded links to preference centers that allow you to bypass the logon elements. If you are using a secure center, password retrieval features are key.

Joel Book, ExactTarget: The key to using a preference center to gather customer needs and interests is to ask for only that data which is needed to deliver relevant and timely information through email. It is critical that you explain why you are asking for this information, how it will be used, and how the customer can update his/her profile. Remember, you are building trust.

Melinda Krueger, Krueger Direct: Consider a 1-2 punch. First capture the impulse to subscribe, then, as an optional second step, ask for more information. Consider offering an incentive (tied closely to your email value proposition) and explain that you are asking to avoid sending irrelevant emails.

4. Is there a proven happy medium between images and text in an email? Do too many or not enough images reduce response?

Elie Ashery, Gold Lasso: Email marketers today need to design their emails with the assumption that their recipients' have their email clients set with the images turned off. This means that the recipients should be understand the gist of the message without its images. Images should be used to enhance text, not replace it.

Chad White, Email Experience Council: The "happy medium" is per industry and depends on both your content and the reader in which the person will be viewing the email. For example, a B2B email that's likely to be read on a Blackberry should be all or mostly text. But retail emails where product images are so vital should be mostly HTML.

5. How can you tell if an email is being read in a preview pane only then deleted?

David Daniels, JupiterResearch: If someone clicks in a preview pane, can you hear them? It is all about behavior. If there are no clicks, there's no engagement, so attempt tactics for reactivation (survey, sweepstakes, etc.). The only real way to determine if an email has been read is by clicks.

Stephanie Miller, Return Path: Great question! Technically, there is probably not a way to get 100% pure data unless you put a "pixel" that is triggered by the scroll. However, you could track performance by proxy in one of two ways: (1) by putting a "morse type" link at the top (visible even when images are suppressed) that promotes the offer and "opens" the email, or (2) by analyzing clicks on text links below the fold which are not visible when images are suppressed. Frankly, I'm not sure why this measure is valuable if your preview pane is optimized, it will drive engagement, not a deletion.

Loren McDonald, J.L. Halsey: Open rates are tacked via a tracking 1-pixel image. So if images are enabled and a reader "views" the email (whether it is opened or not) it will count as an open. If images are blocked and the email is viewed in the preview pane (or fully opened), it will not count as an open. As a result, click-through rates are a much better gauge of email activity.

6. Can a newsletter sell or is it better for branding?

Jordan Ayan, SubscriberMail: Email marketing is about building relationships. If you approach it as a sales medium, you are looking at it from the wrong perspective. Can you sell with email? Absolutely, but for long-term success, you have to focus on delivering relevant content that highlights your brand and keeps recipients wanting more. Then they will give you permission to sell them electronically.

Kara Trivunovic, Premiere Global Services: A newsletter can sell if it is done right. The newsletter should be editorial in nature, with a majority of the content being relevant, value-add information. If sales copy is going to be included, it should be done as a soft sell, wrapped in editorial when possible.

Stephanie Miller, Return Path: Yes! Optimize to do both: (1) Educate customers about the full benefits of the products. (2) Engage subscribers to interact with your company, website, sales team, blog etc. (3) Lead prospects down the sales cycle by educating and asking questions.

7. Is it practical/realistic to budget for file growth from viral marketing? Can we count this as a tactic, or is it just "either."

Michael Salin, M.J. Salin & Associates: Yes! Emerging marketing genre are heavily based in viral practices…word of mouth, social networking. You should test and quantify viral programs – consumer talking to a consumer is the highest/strongest marketing communiqué. Quantify the send and free creative is a way to promote the idea.

Chad White, Email Experience Council: You can definitely budget for viral growth. In general, you can expect pass-along rates of 1%-2%, but it depends on the prominence of your send-to-a-friend links and how often you encourage readers to forward your emails. For instance, some retailers have "friends and family" event emails where part of the messaging encourages recipients to forward the discount offer to others. Doing emails like that will boost your pass-along rate.

8. If no legitimate ESP will allow the use of purchased lists in their system, how do data brokers and email appenders who focus on this market stay in business?

Craig Swerdloff, Postmaster Direct: Our experience has been that top-tier ESPs will send for lists that offer list rental, assuming certain requirements are met. They include explicit permission from recipients, proper list hygiene, good reputation scores, and compliant/unknown user rates within allowable thresholds.

Stephanie Miller, Return Path: The owner of the data sends the message on your behalf—so the initial mailing is from the data source inviting the subscriber to opt-in for email from you. Many marketers who send mail in-house, use internal append very successfully. There are best practices to ensuring your sender reputation is protected.

Loren McDonald, J.L. Halsey: List brokers manage the email databases for companies whose list members have agreed to receive third-party offers. The emails are sent "from" the list owner to the list member. Once the subscriber opts in to specific a marketer's program, they have given permission to the marketer. At that point, ESPs will allow the company to send to the subscriber.

9. What is the single most popular offer that drives people to register and share their information? We are desperately trying to collect emails from our customers and it's been very challenging.

Stephanie Miller, Return Path: As is true in all direct marketing, offer something perceived value for free. But the question should really be around how you can construct a powerful email experience that will entice and engage your prospects. While many will sign up for something that is free, your response and ROI will only come when the email program itself has consistent value.

10. What is the right frequency for retail email programs? It seems like many retailers are at 2x+ per week. Does not mailing at that frequency hurt my chances?

Austin Bliss, FreshAddress: Unfortunately, there is no "right" frequency. You should send on a schedule that provides value to your recipients—e.g. if you have daily sales, you can send daily. But if you have nothing to say 2 times a week, you shouldn't mail at that rate because you will have incurred complaints/unsubscribes.

Chad White, Email Experience Council: There are lots of factors to consider here, including the frequency at which your products tend to be purchased, the content of your email (both promotional and service-oriented content), the length of your email, etc. For example, Blue Nile emails once a month, recognizing that jewelry is not a frequent purchase. Home Depot, on the other hand, sends once a week, targeting subscribers' weekend projects. And then there's Neiman Marcus, which emails 7+ times a week, engaging its fashion hungry subscribers with info on new products, store events, discounts and video and article content.

11. If you send five or more emails to the same recipient and they aren't opened, does your domain/IP get reclassified as spam by the ISP? This obviously isn't standard across all ISP's. If this is in practice by some, which ones are they?

Stephanie Miller, Return Path: List quality is definitely a factor in sender reputation. Having a large number of non-responders on your file could reduce your "score" among ISPs/receivers. ISPs generally don't publish the "rules" that they use, as publishing them would expose them to abuse by spammers.

HAVE SOME INSIGHT TO ADD? Please comment below, just be sure to include the number of the question that you're answering.

Both SubscriberMail and Blue Sky Factory recently released lists of words that shouldn't be used in emails because they're likely to trigger spam filters. But I see some of these words—like "free" and "discount"—used routinely in the subject lines of commercial email that I receive. If I have a good reputation do I need to worry about content filters? Am I staying away from these words unnecessarily? —S.G.

The Voices of Email had this advice:

J.F. Sullivan: The answer should be no. If you have a good reputation then you do not need to worry about content filters. The actual answer is another question, as in it depends on two things: What's your definition of a good reputation, and which content filter are we talking about?

Everyone in the email marketing (and message security) ecosystem has a different view of what a good reputation actually means. For some it's as simple as making sure they are not on a blocklist; for others it may be that they are in compliance with a specific Sender Authentication implementation. In order to answer "yes" to the question, it may be more useful to provide a checklist summary of what a good reputation constitutes. So, if you can say "yes" to the following reputation aspects:

1. You have a good public reputation (not on blocklists, or have upset any ISPs).
2. You have good legislative adherence (e.g., CAN-SPAM compliance).
3. You have good infrastructure (e.g., DNS, MX records and the like).
4. You have good identity (e.g., you have a correctly configured SenderID record).
5. You have best practices (e.g., list scrubbing, opt-in, etc.).

…then yes, you do have a good reputation so you will not need to worry too much about content filters. And while your good reputation will work, say, 80% of the time, your actual delivery will still depend on the content filter you encounter to some degree. A subject of much longer blog entry for another day…

Rob Fitzgerald: You always need to be aware that filtering exists, but I don't think you need to be ruled by that existence either. It's interesting to lay out all the various releases, of all the various words that shouldn't be used within in an email, and see how incredibly long that list is. Sometimes it makes me wonder how you can actually put a string of sentences together without actually using any of them. Practically speaking, you have to use some words that may be "known" filter words. I don't think that should give you pause to run the campaign for fear of a lack of response. We've sent out many campaigns with the word "Free" on them that have performed very well.

I tend to look at it this way—it's all about moderation. Put together a creative with a lot of words that trigger filtering and it could be adversely affected. Give that same creative a diet, and keep some of those same words included, but not all of them, and I think you'll be OK.

Stephanie Miller: Despite the frequency that I receive this question, there is still no magical list of words to avoid, nor is the use of marketing terms like "free," "discount," "special offer" and "click here" an automatic block. Don't misunderstand. Those words can get you blocked. However, judicious, responsible and clear use of them usually won't.

Why? Because spam filters dynamically update to reflect current market conditions and spammer behavior. The only way to ensure your content does not depress inbox deliverability is to run every email through a series of popular message filters to determine your spam score before sending to your entire mailing list. You can do this through a service or on your own by setting up multiple accounts at different ISPs.

Here's how to optimize your message for response and deliverability: Write the copy as a marketer. Sell. Build the relationship. Clarify the offer. Make the call to action very clear. Then, test it. If you fail the spam filters, adjust it. Before you hit send, even if you pass the filter test, be sure to give your message AND subject line a "smell test." If your readers or subscribers will think it's spammy, so will the receivers. If you are using all capped, repetitive words that filters watch like "FREE SHIPPING THAT'S FREE" or using strange punctuation like ***NOW ON SALE***, then you are likely to be blocked.

Chad White: Inspired by this question, I did a little real world research and found that major online retailers have used many of the "dirty" words on SubscriberMail's list of words to avoid using in subject lines. How many have they used? They've used 27 of the 100 in the past two months alone. Some of the words—like "Free," "FREE," "Offer" and "Buy"—they used a LOT. So it's clearly possible to use these no-no words in subject lines under the right conditions. Based on that I'd say that you should explore using them but test to make sure your emails are getting through.

Have some good advice that we missed? Please add a comment and take part in the conversation.

Have a question for the Voices of Email? Email Chad your question at chad@emailexperience.org and we'll REPLY TO ALL by posting the answers so everyone can benefit.

–>Read other Reply to All posts

Ken Magill was right: The recent FTC Spam Summit was a real snoozer. Maybe it was the oppressively humid weather in D.C. this time of year that's conducive to snoozing. More likely, it was due to our own misplaced expectations that such an event could ever be more than a big "show 'n tell." Never mind that we'd heard all the speeches and solutions before and that not much had changed since the last Summit. This simply wasn't the forum for examining the truly systemic issues or questioning the wisdom of the industry's strategies and tactics. Debating those things in front of a regulatory body simply wasn't on the agenda, and it was probably unrealistic to ever think it could be.

Nonetheless, those are precisely the things we should be debating in our industry. Trevor Hughes of the ESPC set the stage by arguing that there are really two classes of spam—spam that is malicious and spam that is annoying. His point was that today's real problem is with the malicious spam that comes from the bad players, not legitimate companies. The inescapable conclusion was that the answer isn't further legislation since the bad players operate outside of the law anyway. While it's a good message for the FTC to hear as it considers further rule making under CAN-SPAM, it didn't go far enough.

After acknowledging those two classes of spam, we should be talking about how to deal with them. No one disputes that both are undesirable, but applying the same tactics used to combat the malicious spam to that which is annoying is what produces "false positives" and endangers the reliability of the medium for legitimate commerce. In my mind, reconciling email security with legitimate commerce—balancing the scales—is the critical challenge facing our industry today. Admittedly, my attempt to address this challenge at the FTC Summit fell flat. (Right message, wrong forum.) Yet, I'm convinced this is the real debate we need to have. And we do need some new thinking about the roles that different stakeholders (consumers, ISPs and senders) can and should play.

If the FTC Summit isn't the right forum, what is? We need a new blueprint for email. Where can we come together to debate the systemic issues and arrive at more coherent, comprehensive solutions that satisfy both our security and commercial concerns? We can't continually parade into Washington, D.C., with nothing new to tell and nothing new to show. At some point, the FTC's patience will wear thin…as it should. If industry wants to retain the latitude of self-regulation, industry must have more to show for its efforts. We'll invite government intervention if we don't.

—Dave Lewis