How Marketing Spammers are Avoiding Your Spam Filter

The holiday season is winding down, and as we cut the umbilical cord that’s been delivering us a steady supply of turkey, sweets, and beverages for the past month, reality once again sets in. The gifts have been opened; the only remaining evidence of their once regal stature under the tree is a trail of torn wrapping paper and empty boxes. A new year is upon us. For most, that means a symbolic rebirth, a chance to put the prior year to bed and use what we learned from it as a springboard into the new one. For those of us concerned with security, that can come in many different forms and have many different meanings; but one thing is certain: a new year means a new adventure where spam’s concerned, and it’s not the kind of adventure with mugs of grog and merry dancing on the table.

No, this adventure is more like the dark entrance to a foreboding cave, and we have no choice but to enter. 2015 is upon us, and with it comes a new, yet familiar, quest: put an end to spam. But before you don your suit of armor and sharpen your sword, you need to know who the true enemy is. And it might surprise you to know that it’s not a warlord from the darkest regions of Nigeria, and it’s not a wizard chemist attempting to poison you with promises of miracle potions. No, the enemy is far wilier than that, because it comes to you under the guise of legitimacy.

Marketing spam. That awful blight that spreads like the plague and kills silently. The true enemy to our inboxes are the marketers, and if you doubt that statement, perhaps you haven’t been receiving any marketing email. Hats off to you. But for the rest of us, it’s a persistent threat that causes serious damage. Overhead for servers and hard drives is the least of the problems that marketing spam can cause. It often chokes an inbox and kills individual productivity. It eats time, because users have to sift through it to find email that they actually need in order to perform their jobs. It cripples organizations because it has to be identified and eradicated. Yet email marketers are out there trying to find exploits in your spam filter so they can invade your inbox.

This isn’t the first time we’ve discussed the blight called marketing spam. In fact, it’s an ongoing theme, because it has become a serious issue for individual users and organizations. There’s plenty of proof for that. And yet marketers are working away in their dark, dank little caves, crafting potions that will make you susceptible to their ministrations. Okay, they’re not, but let’s face it: they want to sell us something and we probably don’t much care that they’re trying to sell us something. We just want the glut of unrequested emails to end.

A recent post on tamebay discusses “How retailers can avoid the dreaded spam box over Christmas.” This isn’t the first article we’ve seen of its kind, but it’s recent and relevant, what with the holiday season and people freaking out and all. The author of the most recent post appeals to marketers, which is fine, because that’s the target audience. For the rest of us, it’s a sobering glimpse into their world, and it offers some advice that perhaps we as administrators can use to mitigate a growing problem. It helps to know what the other guy is doing to circumvent our defenses.

Here are the tips that he offers:

  • email providers (and to extrapolate, spam filters) filter out traffic that uses common phishing phrases, and marketers should avoid using these
  • With regard to formatting, “it’s important to carefully consider the ratio of text to images. As a rule of thumb, it’s always sensible to include at least two lines of text per image.”
  • For HTML campaigns, ensure that there’s a text-based version as well, to ensure that the email can get past the “spam trap”
  • Responsive web design is important because of the growing number of mobile devices like smartphones and tablets, so optimize email for different devices
  • Finally, exercise caution when using attachments. Avoid large attachments, and while it’s acceptable to use image files, avoid executables

So there you have it. A cheat sheet for people who want to get their messages past the defenses upon which you’ve invested so much time and money. Still want to buy their products?