After consulting my top contacts in the world of Internet security, spam filtering and network spam filtering appliances I can say without a doubt that spam filters are set at their highest level we have seen in a long time. I cannot reveal my sources, but they are top notch, this comes from the big firms.

I have lost allot of sales and subscribers that are not getting my emails and my open rate has suddenly fallen below 10%. It is not AWeber’s fault, it is my URLs and commercial slanted content.

My emails have been very commercial lately, because I am now in full launch of my Google Friend Connect Tactics members site and Jack Humphrey just JVed with me on this launch.

I have the best product and by far the highest value in any social marketing suite. So of course I want to shout it from the rooftops. The problem is no one is hearing me. Luckily I have some big affiliates or I would be pulling my hair out.

The best way that you can try to recover from this if you are experiencing the same is to ask anyone your can to check the spam folder and mark you emails as not spam.

Also whitelisting your email is still very effective especially in Gmail.

Ride it out, the worm will turn. What you don’t want to do is over email out of desperation.

Today I am sending a text only, no link email directing my readers to this blog. I will post back in the comments how it worked out. Hang in there, we have been here before, the filtering will come down. Try sending text articles without outgoing links and see how that works for you.

The reason I caught this was one of my subscribers replied to my email on an unrealted issue after I sent an email to my Google Friend Connect list with a new update on what Google is really doing.

UPDATE!

Just got off the phone with an AWeber admin and we could not replicate the broken URL from emails from my AWeber list to my Gmail address.

AWeber assured me that they go to extreme lengths to make sure the tracking links never get truncated. We believe that it was a keystroke on the part of my Gmail subscriber. We shall see and we will be monitoring this closely.

If any of you can replicate the broken string from your accounts then please let me know and AWeber as well. I will publish any screen shots you care to send and link to any of your own blog posts.

Tom Kulzer just emailed me and assured me that this was a line break introduced by the sender. For the moment we cannot replicate the string truncation.

More tomorrow and I will keep you up to date. This is one time I am glad to very possibly be wrong. – Chris Lang

I checked it at all possible resolutions down to 800 X 600 and it breaks in the same place.

I am sure it is due to a querystring length because no matter the screen resolution the AWeber click tracking link breaks in the same place ever time.

This screen shot is taken at 1280 X 1024 and is full size as it would be in my browser. You can click the image to see the full size screen shot of the Gmail email body center column.

Here it is at 800 pixels wide and it breaks in the same place.

I am sending Tom Kulzer a link to this today and I will publish his response to me if he allows me to.

If AWeber responds on their own site I will link to it and send you all an email to the fix (hopefully).

For now I am not going to be using the redirect links and simply linking without tracking to my landing pages.

Trend Micro will block your site in the browser, block your web traffic at the server level, your URLs in any emails and send your emails to the Trend Micro spam folder if you make the mistakes that I did. It was not Trend Micro’s fault, my payment software or anything I did. Trend Micro blocked me because I was at the wrong place at the wrong time.

NOTE: This is NEW information that no one else has. Read this thourghly!

When Trend Micro blocked my site

In September Jennifer Horowitz sent a recommendation of my product, Social Marketing book to her email list. We had a very poor response rate and and I began to think her email was not getting past spam filters.

Then one of her subscribers sent me this screen shot of Trend Micro wrongly blocking my site.

Click the image to see it full size, this will shock you.

I was stupid enough to ignore this and simply believed it was a very minor issue due to the redirect to PayPal in my payment software. Big mistake. More like a $20,000 mistake.

Trend Micro is currently the most purchased Window software there is as reported by Cnet just last week.

As time went by it got WAY worse. More and more payment attempts were being abandoned and comments on my blog and email click thru rates plummeted. Two three week periods passed without a sale and I began to really worry. At the same time my mind really went to work on this.

Meanwhile I was using all the skills I have to track down what I believed was a new spam filter blocking my emails. I enlisted the aid of even more experienced email pros to help me and they could not find the source. Neither could my GoDaddy host or AWeber, my email list provider. No bounce messages, no FBL reports, no nothing.

That was when I began to think it was a client side spam filter and something new to boot.

Then about a week ago I remembered the screen shot, in the end that Trend Micro blocking screen shot was my savoir.

Trend Micro says keywebdata.com and Chris Lang are innocent of any phishing, undesirable, dangerous or malicious activity or wrong doing.

This is the email I received back today.

Below is the synopsis of what the next phone conversation produced. I want to stress that these are facts as told to me by my Trend Micro contact in charge of the team that investigated the keywebdata.com blocking.

Why did Trend Micro block my site and how can you avoid it

First off the best indicator of something going on are subscribers clicking the spam button in web email. Why are they doing that? Because they just saw a big freakin huge banner like the screen shot above. What else are they going to do when their anti virus software just screamed and yelled at them to never go to your site again?

After 8 straight days of working 20 hours a day, today, October 27th, I have gotten to the bottom of why Pc Cillin warnings were displayed and Trend Micro Internet Security and Trend Micro anti virus blocked my site.

I just got off the phone with my Trend Micro contact.

Keywebdata.com was flagged in the browser, in Internet Explorer 6 or 7 and blocking began.

At that point my site and payment forms were reviewed by Trend Micro.

Due to a unsecured form, submitting to my server, then redirecting to a PayPal CGI bin URL my site was deemed indicative of a Phishing site and blocking occurred.

This did create global blocking of my domain at both the server level and the end users of all Trend Micro Internet Security products.

Any email with my URL in it was blocked by TM and possibly Yahoo, Gmail and Microsoft, both at the browser and email server level.

Also any web traffic passing through a data center with Trend Micro filtering software installed would have blocked the traffic right there too. This may be why so many of my emails never arrived.

Any http request from a browser resulted in the screen shot image being displayed.

Any traffic crossing the Trend Micro server level software resulted in the request not being passed and the request to my server was not completed. In other words if a link to my site was clicked it would not result in the request either going thru to my server and no HTML would be displayed.

No footprint of this blocking is visible in server logs because the http request (http link click) was denied at either the home user end client or at the server leval. So, even if you do pull your server logs there is not footprint to show that you are serving lots of pages and getting no browser page views.

It would do no good to pull server logs because no request for a page would ever make it to the server.

Trend Micro is looking into if they will release numbers as to the end user blocking numbers for keywebdata.com

Basically I am going to have to pick myself up, dust myself off, learn from this and move the heck on.

TM does agree and is willing to suggest that using any HTML form that is submitting to any payment provider without using HTTPS protocols will draw the ire of anti phishing software. This also means Microsoft Internet Explorer anti phishing filters.

What can you do if Trend Micro PC Cillin blocks your site?

Step #1

First of all, I now have extreme knowledge of this and can check your site to see if it is blocked. Just send me and email, contact Chris Lang, or pick up the phone and call me I will run you thru the database. There in no public database to check for your domain, but I can take care of that for you.

If you are being blocked I can navigate thru the process of getting and investigation started and if you are innocent, get the blocking removed. Do not email me to death just to see if the site is blocked. If you experiencing problems I will help you.

Step #2

First of all, stop sending any emails with your domain URLs in it, don’t send any email to your email lists and pull access to any payment forms.

If someone tries to buy and gets a phishing warning you have just lost any possibility of a future sale.

If your list gets an email from you and anyone has seen the phishing warning on a previous visit you can bet your last dollar they are going to mark your email as spam and any others they may get.

Lost sales now are nothing compared to losing most of your list and further email blocking. I did not catch this early enough on and lost a list with 2500 hard earned subscribers on it.

Currently there is no feedback loop from Trend Micro and my contacts tell me they are considering adding this so that we are directly contacted should a new script on our site suddenly trip a Trend Micro red flag.

You will also want to keep your hosting provider in the loop so that there are no issues with your domain or site. Call them and create a help desk case number. Then email the abuse@YOUR HOSTING address and document every step of the way using the case number. It can come in handy if anyone sends false accusations their way.

Save every email, document everything and keep records of everything that occurs.

Step #3

If you are using payment forms generated by IPN scripts that submit to PayPal for payment then get them changed to using HTTPS protocols in the form tag. Don’t worry about forms created by PayPal, they are sending to PayPal URLs. The problem lies in forms that submit to your domain and then the server redirects to PayPal. That is what started my tale of woe.

You will need to add a SSL certificate to your site and your host can take care of this for you. Just give them a call.

Step #4

Then we will need to get Microsoft, Yahoo and Gmail to remove any blocking as well.

I can get this underway for you as well.

Step #5

Once you get this cleared up and your site free of any negative indicators you can resume mailing to your list and you should be in good shape. I am.

I do want to thank Paul Myers who kept me calm and supplied great ideas to get through out this. Above all he told me to handle myself professionally and calmly.

I want to thank John McGowan who dealt with the yelling and screaming portion of this little odyssey.

I also want to thank my friend Boomhauer for dragging me out of the house and getting me out from behind the keyboard and listening to all my talk of what could be going on.

Return Path’s Q2 2008 Reputation Benchmark Report (pdf) found e-mails sent from “legitimate” e-mail servers averaged a delivery rate of 56 percent. 20 percent were rejected; 8 percent filtered out of the inbox. The rest — 16 percent — were bounces.

So nearly half of the time, e-mail marketers’ messages don’t get through. But there are ways to increase deliverability, insists George Bilbrey, Return Path’s general manager of delivery assurance. Here are five:

Yes you really can be clicking the “This is Spam” button on yourself. It happens quite easily and you may have already done this yourself.

The problem is that an automated spam filter is simply unable to determine what is spam and what is a forward. Here’s a break down of the problem using Comcast as an example.

You setup an auto forwarder from your domain to your Comcast email account. This also occurs often when you forward email from your work email account.

You are forwarding mail from you@yourdomain.com to you@Comcast.com.

When your customers send emails to you@yourdomain.com the email gets forwarded to you@Comcast.com

One day you receive some spam at you@yourdomain.com, which was auto forwarded directly from you@Comcast.com.

You open your you@Comcast.com mail box and see the spam, so you click to “Mark it as SPAM” and add it to your Comcast spam filter . You have just entered a spam complaint against your own email server! Comcast’s spam filter does not register the originator of the email as the spammer – instead, it registers the last place the email came from as the Spammer and in this case and the last place the email came from is your email server which is the outgoing email server for hosts you@yourdomain.com.

Comcast will then blacklist the entire mail server so that no one can send email to any Comcast email accounts.

They will then contact your host and ask that your domain be deleted.

Until then Comcast will block all email from the outgoing SMTP servers associated with your server (thru reverse DNS).

Solution

What do I need to do you ask?

You need to login to your email admin on your domain and go through your email accounts and take off any forwarding that forwards email to any account or any other ISP.

Also check to make sure your email Alias is not forwarding to any email account or any other ISP.

Although it might be an inconvenience to many, I think this decision is necessary to protect our mail servers from being blacklisted by ISPs in this way.

Verizon, Comcast or AOL certainly do nothing to investigate the source of the spam and would rather shut down a server than take a minute to check it out.

Please note, this does not mean you cannot send emails to Verizon, Comcast, AOL or other ISP based email accounts. This simply means you should not set your email account to auto forward emails. You will still be able to compose your own email to ISP users, and you will be able to forward an email to those users from your mailbox manually.

This double opt in article came to be written because of a number of people whining about double opt in and AWeber. It was written very quickly and with a little heat, most of which I have removed.

AWeber delivers 97% of the email they send to the inbox. Most others are at 80%. 20% more delivery = 20% more profits. Do the math.

Next AWeber is an autoresponder not just a list manager. The ability to set up preset marketing delivered at the rate you choose is priceless. Search “autoresponder tips” if you do not understand this.

Double opt in prevents spam complaints. Spam complaints are the result of a recipient clicking the “this is spam button” and will get you blocked faster than anything else. A visitor cannot misspell their email address and send someone else your emails with double opt in.

Double opt in also saves your email reputation because you are not bouncing emails to bad addresses. Those same misspelled emails that get the spam button clicked can bounce when the recipient does not exist. ISPs keep track of bounced emails and the server it is sent from. The more bounces, the lower your email reputation score.

The very first time someone clicks the “this is spam” button on an email you sent without double opt in can get you banned by the receiving ISP. Your host may delete your domain and you are going to definitely get listed on RBLs (real time blacklists).

Sure you can triple your opt in rate by not using double opt in, but all it takes is a five or six spam complaints and you are history! NO site, NO domain, GONE. Forever.

The bottom line here is still that any email service that uses single opt in is just not going to have high delivery rates especially to Yahoo, AOL and Microsoft and that is probably 90% of the email inboxes these days.

Now let’s consider this: If they won’t confirm their address will they open your emails that you send in the future?

Will these readers that wouldn’t double opt in click thru to your site from emails?

Will these same people enter their credit card in your forms when they wouldn’t even double opt in?

Now let’s talk about increasing your email delivery and double opt in rate

When someone signs up via a AWeber form you have a hidden field named “redirect”

Here you can enter a URL on your site that a lead is sent to rather than a AWeber page.

Here you need to have an irresistible incentive to get the lead to open your email and click the link.

Stuart, I am sure your content rocks but don’t be insulted here, content just ain’t goona do it.

Here is the page I use on my site: email delivery ebook and the four chapter incentive.

Next to stay out of the spam folder you need to get you subscriber to whitelist you.

Email whitelist generator will generate these instructions for you.

Finally when your lead clicks the AWeber confirmation link there is one more page that you can send your new subscriber to.

This page is configurable in the AWeber console.

Don’t just send them to some lame thank you page, surprise them with an unannounced bonus or at least send them to some good content that is new and worthwhile.

If your sales letter has a good conversion rate and content in addition to the sales process, send them there on the click thru confirmation. But whatever you do the whole process should brand you as an authority on your subject.

Hope this helps,

Chris Lang

• An email recipient cannot be required to pay a fee, provide information other than his or her email address and opt-out preferences, or take any steps other than sending a reply email message or visiting a single Web page to opt out of receiving future email from a sender.

• The definition of “sender” was modified to make it easier to determine which of multiple parties advertising in a single e-mail message is responsible for complying with the Act’s opt-out requirements.

• A “sender” of commercial e-mail can include an accurately-registered post office box or private mailbox established under U.S. Postal Service regulations to satisfy the Act’s requirement that a commercial e-mail display a “valid physical postal address.”

• A definition of the term “person” was added to clarify that CAN-SPAM’s obligations are not limited to natural persons.

You can read the full CAN SPAM FTC press release here.

Yahoo using Sender Score Certified whitelist and Return Path was quietly made public in January 2008, “Yahoo! is implementing the scheme and will begin checking using it sometime in spring.” We have not heard much since. My connection at Return Path just mentioned Yahoo the other day and brought it back to mind.

Return Path blog says “Receivers that accept the Sender Score Certified whitelist include, among others, Windows Live Hotmail, Time Warner Cable, GoDaddy and soon Yahoo! and Yahoo! operated email properties.”

Maybe this is why Yahoo has been such a nightmare to deliver to lately and why Yahoo pulled it’s FBL in March.

Since they announced that Comcast would offer an FBL managed by Return Path I have been expecting the Yahoo Sender Score Certified Return Path full press release to come forth.

I don’t mean to be a nutty conspiracy theorist here, but first Comcast has no whitelist, no FBL and is tough to get your email delivered to. Then Comcast offers an FBL through Return Path. Next, it’s Yahoo, who pulls their FBL, calling it an end to a beta, is impossible to deliver any email to for months and now is poised to solve it all with Sender Score Certified and Return Path.

As always I invite your comments below! = Chris Lang

Comcast Feedback Loop, or FBL, is finally available after being the email delivery nightmare of Yahoo proportions. Guess what, it is powered by Return Path.. But hey, this FBL looks good to me. Now if they would offer an open, real comcast whitelist rather than just the Sender Score Certified, that none of us lowly bloggers can afford we might not hate you so much Comcast.

From Return Path’s blog:

“We now host feedback loops for Comcast, USA.net, and Mailtrust and we are in the process of setting up half a dozen more over the next few months. A large portion of our business has always been to help senders understand how to handle the feedback they’re receiving, so this is a customer support task that we are uniquely capable of handling – and our ISP partners appreciate it.”

Just what is a Feedback Loop or FBL

Let’s say one of your recipients clicks the “report spam” button in Yahoo Mail. A copy of that email is saved in Yahoo’s database and the same thing happens at Hotmail, Gmail, AOL and Window Live Mail. The ISP can then use these spam reports to determine your whitelisting eligibility and of course has a direct effect your email reputation.

Feedback loops, or FBLs come into play here for us lowly senders like this. When someone does click the “spam button”, you, get a copy of the report. This does a number of things for you.

It let’s you know that one of your emails is so far off topic / track, unreadable, or just plain sucked that one of your readers clicked the spam button on you.

It allows you to immediately remove this person. Remember, this button clicker did not unsubscribe. They still get your emails! You want to manually remove them NOW.

Feedback loops also allow you to head off any problems with your host, because they are getting a copy of this as well and may take action against your site / hosting with out contacting you. BTW your host is the next person to contact.

I have a complete list of all ISPs, their FBL application URLs, what to do when you do receive a spam complaint and what is required to get on a ISP feedback loop in, you guessed it, my email delivery book, downloadable in seconds. By the time you figure out FBLs you could have already read my 80 page book made twice the money you spent on it by delivering more email.

Being the most prolific email authority on email delivery (I have to be #2), Stefan Pollard of Email on Click Z is followed avidly by many, especially myself.

Marketing Sherpa went into very in depth detail in suggesting that we all use user email whitelist instructions on our sites. You can view Marketing Sherpa’a email whitelist instructions.

In fact this article goes into how Email Management is Lacking and not taking advantage of landing pages throughout the subscription process.

Now I asked Stefan to take a look at my whitelist email instructions and the whitelist email generator that built them.

Here is his response and mine is below it, so read on!

Thanks for the reply here Stefan but I do have to disagree with you on the point that our subscribers are more advanced than I believe.

The one thing I have learned is that you must construct your instructions for anything to include the lowest common denominator in any type of instructions. Look at the questions that come in from someone that tries to download a report to their own machine. Most Internet users cannot even download a file to their own file structure, manage to find it and open the PDF file afterwards. You have to provide explicit instructions on how to do this so you are not constantly having to answer support emails.

When it comes to email it can be even worse. Your email can easily end up in the spam folder until a new subscriber finds it there, opens it and then whitelists you to enable HTML and clickable links. I reported on this a year ago when Hotmail was the first to disable clickable links and HTML. AOL, Gmail and Yahoo have followed suit.

After reading your email Stefan, I decided to go back and add a line stating that “Due to the overzealous filtering by ISPs you may have to look in your spam folder and recover my email.”

Do you have any suggestions on how I could word this better? It should portray that it is not there because I am spammer, it is there because the ISPs filters get carried away. Also what other suggestions do you have for my readers that could help us get over the hump of a new subscriber trusting us and whitelisting our email addresses?

Also as far as FBLs go I totally agree! I have a complete list of 10 ISPs, their FBL links and how to use them, but I have to save something for the email delivery book!

Of course I invite all your comments below. – Chris Lang