Policy at scale: Understanding the issue
One of the more difficult things to consider is how policies scale when you are talking about sending millions or billions of messages per day. But, being able to scale your policies to go along with your business is an important consideration.
I generally operate with a rule of thumb that any direct complaint (where the complainant sends an email directly to your abuse queue) happens at a rate of about 1%. So, for every one complaint email that we receive, there are about another 99 that weren’t sent because the recipient wasn’t knowledgeable enough to send it in.
Part of the reason for that is an understanding of how to read headers is not exactly common knowledge. So, there is a very real barrier to entry into the “direct complaints market.”Additionally, you have to take into account that time is a factor as well as perceived responsiveness. That is to that that people are investing time in finding out where to send the complaint and if they feel that their complaint will be ignored, they will simply decide not to send it.
Now, that number is mitigated somewhat by the list itself. If the list is composed of highly technical people, there is a greater chance that they will know enough to be able to send a complaint. On the other hand, if the target market being mailed to is “octogenarians who have been on the Internet for fewer than three years” then that number will slide out considerably. Additionally, if the list is primarily B2B, you will need direct complaints to come in, where you can also get a good measure of complaints through the use of feedback loops for your typical B2C list — and while that won’t tell you about complaints from the mailboxes of people getting service from their cable or fiber providers, that is usually more than made up for by the data that you get from the more permanent freemail providers.
This means that every complaint received is fairly precious. Someone with the knowledge to send it decided to take a chance on my team reading their report, understanding it, and actually taking action upon it. That’s great! We want to see more of that, right? We’re going to investigate every one of them and ….
And that’s where policy comes into play. When you are sending millions or billions of messages for hundreds or thousands of clients, you are no longer talking about 2-3 easy to handle complaints per day. You might be talking about 20-30 per hour. That’s in addition to the spam load which is incoming to the queue (and has to be reviewed because you can’t afford to take the chance that one of the legitimate complaints is marked as spam is then tossed right out before it was even considered.
So, how do you handle policy issues at enterprise scales? That will be the topic that I spend a bit of time on over the next couple of weeks. I want to discuss, at a minimum the following ideas:
- Complaints
- Blacklisting data
- Spamtrap data from trusted sources
- Handling suspensions and terminations
Maybe we’ll talk about more if there is sufficient interest and I can figure out where to take it.
- Introducing: Arcana - 22 November 2024
- Help me see if there is a need for that I can fill - 23 September 2024
- Verkada: Data Protection Issues - 19 September 2024