Spam is against the acceptable use policy/terms of service of every reputable ISP, is illegal in several US states, and can result in large portions of the Internet "shunning" your company at the network level e.g.: blocking packets or not accepting your e-mail.
There are various marketing organizations that claim to have a "solution to the spam problem" or a "code of conduct" that addresses the issue, but most fail to take into account several important facts:
What your organization needs to remember is this:
If your organization fails to respect the rights of private networks to set the conditions under which they will accept e-mail, you will most likely be less than successful on the Internet.
If your organization originates UBE, or contracts for UBE to be sent on its behalf, you expose yourself to one or more of the following very real risks:
Well, unless the address owners on that newly purchased list can reasonably assume that your e-mail to them is solicited, it's not. They never gave you their informed consent.
If you are using such a list you should insist that the provider show
you evidence that the addresses were collected in a manner that leaves
no doubt as to their confirmed opt-in nature, as it applies to your
mailing. If there is any doubt, you should not send e-mail to the addresses
on that list.
If Company A buys Company B, Company A should not summarily incorporate Company B's mailing lists into its own. A notification to Company B's mailing list informing the subscribers of the purchase/merger, and that they may subscribe to a new list is acceptable.
Company A automatically adding Company B's list to their own without
the prior, expressed consent of the address owners is not acceptable.
Accepting unconfirmed subscriptions is extremely risky. It has become all too common on the Internet for unscrupulous individuals, both outside a company (as a means of harassment), and inside a company (a salesman that has to make quota), to add addresses to lists without using a closed-loop method of confirming that the address owner has agreed to be added to a list.
You also should keep records of all subscription requests, as well as
records of the confirmations of those subscriptions, as you may be asked
to produce such evidence when someone has: a) forgotten they knowingly
subscribed to a list; b) had their address submitted for subscription without
their knowledge and consent.
All solicited bulk e-mail you send should provide an easy way for the
recipient to unsubscribe from a list. Either an unsubscribe e-mail address
or link to a web page should be provided. If you make it difficult to be
removed from a list, you can expect to receive complaints.
All unsubscribe requests should be promptly processed.
You should also seriously consider using non-delivery notifications (NDN) you receive as a way to assist your organization in pruning dead addresses from your mailing lists. While a single NDN for email@example.com may be a false indication (misconfigured email server or similar), if you receive more than one NDN for the same address it is probably dead, and should be removed.
If you ignore non-delivery notifications you receive you risk being
blocked by remote networks that perceive you as not responsibly managing
your mailing lists.
You may need to provide an alternate method of processing removes. Automated processes occasionally fail, or an address owner may want to provide feedback to you as part of their remove request. The remove mechanism should not require a password or other information unless that information is contained in the mailing itself. You can provide a phone number in your mailings, or a "fail safe" e-mail address for problems related to removal. These are just some of the ways you can put in place a method to alert your organization to potential problems with your "remove mechanism".
You should also ensure that any removal requests sent to your whois/Internic listing are also properly handled. Technical people commonly use whois listings to derive contact information for alerting a domain to problems.
Unsolicited Bulk E-mail (aka "spam")
Let's define the individual words first:
|unsolicited||Sent without the recipient's prior, informed consent.|
|bulk||The same or substantially the same message sent to multiple recipients. This can be either as a single e-mail addressed to many recipients, as many e-mails each addressed to one or more recipients, or as a mail-merge.|
|A message sent via computer, using commonly accepted communication protocols between the source and destination e-mail servers.|
Confirmed Opt-in / Closed-loop Subscription / Double Opt-in
The above terms are interchangeable. What they mean is that after an initial request to add an address to a list, the address owner confirms the subscription request.
This is usually accomplished by means of an e-mail message sent to the subscriber to which he or she must reply, or containing a unique URL which he or she must visit, in order to complete the subscription.
This is extremely important because if an address has been improperly submitted for addition to a list, it is the responsibility of the list maintainer to ensure that the subscription request not be fulfilled
A list maintainer must not add an address that has been submitted for addition to a list until the address owner knowingly confirms the validity of the initial request.
A confirmation request that states, "You have been added to our list, please reply to be removed" does not meet the criteria for confirmed opt-in.
However it is implemented, a fundamental requirement of all lists is
for confirmation of all new subscriptions.You should also keep records
of all subscription requests and confirmations.
The person who originates and receives e-mail for a particular address. The owner or compiler of a list the address happens to be on is not the address owner.
Basic Mailing List Management Principles for Preventing Abuse
RFC-2635 - Don't Spew, A Set of Guidelines for Mass Unsolicited Mailings
and Postings (spam*)
The E-mail Abuse FAQ
Frequently Asked Questions About Spam
Coalition Against Unsolicited Commercial Email
The Forum for Responsible and Ethical E-mail
Suespammers.org - A Legal Resource
Network Abuse Clearinghouse
Limiting Unsolicited Bulk Email
Final comments to the FTC on UBE
In Other Languages: