The Messaging Anti-Abuse Working Group today has published it’s Best Common Practices document for E-mail Service Providers to use in vetting prospective customers. MAAWG is the foremost professional association in my industry, bringing together some of the best minds and well-known companies in the space to develop and promulgate strategies and policies designed to combat abuse of messaging networks (including, of course, e-mail). The practices detailed in the document should provide a much-needed benchmark among senders of high volume e-mail who are serious about curtailing abuse of their own networks, as well as those of their recipients.
Careful vetting of prospective clients isn’t just good for fighting abuse; it also makes good business sense for ESPs. Whenever an ESP brings on a new client, the ESP assumes a significant amount of risk. As the document explains, ESPs “are at the mercy of their worst clients’ worst practices.” Bad clients create reputational problems for themselves and for their own mail, and can damage the reputation (and therefore the deliverability) of all of the ESP’s other clients, as well as for the ESP itself. More than one large ESP has made itself a pariah within the industry by paying scant attention to the types of customers to whom they’d sold their services.
The existence of the document underscores an important industry truth that has been long understood, but to my mind has been historically under-emphasized: it’s never enough for ESPs to kill the spammers that appear on their networks. We must expend at least as much effort to ensure that we’re not giving birth to new spammers in the first place. After all, it makes little sense to keep bailing water out of the boat without troubling to plug any of the leaks.
And the document has lots of practical advice for the plugging of leaks that can be implemented right away. It contains a questionnaire that ESPs can copy and paste as-is for vetting new, high touch clients during a pre-sales cycle, and includes important advice for the monitoring of existing clients once they’ve successfully completed the on-boarding process. I’m very pleased to be able to report that my own employer, North Carolina-based iContact Corporation, has implemented the questionnaire to vet large managed customers, and is developing sophisticated tools that can automate the on-going vetting of existing customers who make use of our popular self-service options. We’re proof that the policies and recommendations contained in the document can be implemented to useful effect in a high-volume production environment.
I think it’s a pretty good document. If you work for an ESP, or for an agency that partners with an ESP, you should check it out.
On a more personal note, the adoption of the document represents a notable professional accomplishment. I’ve been shepherding the BCP for the last eight months, over two major rewrites and any number of less invasive drafts, and I’m very proud to have played a useful role in what I think has been an important collaborative effort among my professional peers. I sincerely believe that all of the folks who contributed so much of their time and expertise to the effort have much to be proud of here.