AutoReply=Bad Juju

non-delivery-report-example-emailAutoReply=Bad Juju: a reader asks…

Hi Coach, I’m a small business that has a contact form on my website. I turned on my web host’s autoresponse so that anyone who uses the online form gets an email answer but then all hell broke loose. I started getting dozens of emails, non-delivery reports and such. Is there a way to do this so I can avoid all that mess?

microsoft-outlook-automatic-reply-screeshotActually, the best way to avoid that mess is to dispense with the autoresponder emails completely. Years (decades?) ago, you saw a lot of these, sometimes as Out-of-Office notifications, Vacation Replies, and confirmations that your email was received. But then the spammers got in on email and messed things up to the point that I tell everybody to never use an autoresponder. For an individual it can be just annoying, but for a small business it can get dreadful pretty quickly. Here’s how and why:

Spammers send out millions of junk emails every hour over the internet. Most often, the From: address is a fake address so they can’t be tracked down. And spammers are constantly (using automated tools) harvesting valid email addresses from the internet, so they most certainly will have gotten your company’s email address(es). So you’re going to get a lot of junk email, and most of these are going to have fake From addresses. If you send an email back to that fake address, the email system is going to send right back to you a Non-delivery Report (NDR).

bluehost-control-panel-email-auto-responder-no-screenshotSo with an automatic responder running that sends an instant email to everyone who sent you one, you end up in a ping-pong battle where the spammer sends you an email, your system responds, the email system sends you an NDR, your system responds to that, which generates another NDR, and so on.

Here’s the danger: Internet Service Providers (ISPs), web hosting companies (who provide company email along with a website) and email service providers are all working overtime trying to fight against spammers. Very aggressively. So they are quick to blacklist any of their customers who are engaging in activity that looks like spamming. Unsophisticated spammers get a lot of NDRs in their email accounts, since they send emails out to millions of addresses – some valid and many no longer active or invalid. So if your email account sees a lot of NDR activity, you look like a spammer to whoever’s providing your email service. That provider is likely using the same email servers for lots of their customers, and they can’t afford to get their server blacklisted. So they freeze your account, ban you, and possibly even blacklist your domain name.

Advertisement

various-antispam-logosIt gets worse. ISPs, web hosting companies and email service providers all use various shared blacklists, such as spamhaus.org, the various dnsbl.xxx lists, b.barracudacentral.org, Trend Micro, Spam Assassin, etc. Once you get on a blacklist, it can be very hard to get off the list. Nobody, least of all the maintainers of the blacklists have any interest in helping you prove you’re not a spammer. So webmasters and email postmasters work very hard to never get on a blacklist.

If it walks like a duck, quacks like a duck, etc. Any kind of activity you do with your email account(s) that looks like the same kind of activity a spammer uses can very easily get you blacklisted. Here’s the most common types of activity you should avoid:

  1. Excessive NDRs – as mentioned above, autoresponders will get you in trouble here.
  2. Sending single emails to lots of addresses – aka a distribution list. I try to avoid sending an email to more than a half-dozen people at a time.
  3. Blind copying lots of email addresses – again more than about a half-dozen is risky.
  4. Not using a To: address (putting everybody into the Bcc: box).
  5. Not using a subject line, or using a subject line that’s too much like common subject lines spammers use, or using a very long subject line (more than about 35 characters).
  6. Using all caps (savvy netizens call this ‘shouting’) in either the subject line or in the body of the message.
  7. Using certain or lots of special characters in the subject line.

So as a small business owner, I recommend you avoid autoresponders like the plague. I previously wrote about sounding like a spammer in this article if you want some more tips. You can also look over this extensive list of common spam words from comm100.com.

positek-contact-form-response-control-screenshot
click to view larger

Lastly, what should you do? I suggest you use the utility controls built into the contact form in your website itself to display a ‘message received’ type of instant confirmation for the person submitting a form. For example, this website has an Ask Your Tech Coach contact form. When someone submits a form on that page, their web browser will instantly display a message telling them their submission was successful (or guiding them to fix what it was that prevented a successful submission).

In this day and age of massive spam, responding automatically to an email is so over – nobody should do it.


This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via Click or tap to open a new browser tab or your Venmo app and send money via Venmo to @positek (send to @PosiTek), Click or tap to open a new browser tab or your Paypal app to send money via your Paypal account to support@positek.net (send to Support@PosiTek.net), Click or tap to open a new browser tab or your Paypal app to send money using your credit card to support@positek.net (no Paypal account required) using any credit card (no Paypal account required), using Zelle, Apple Pay or Google Pay, or by mailing a check or cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thank you!

Go to Top of Page

Leave a Comment

Your email address will not be published. Required fields are marked *

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

This site uses Akismet to reduce spam. Learn how your comment data is processed.