How To Safely Email User Generated Content

Grow Your Service Via Content Sharing and Invitations — But Do It Safely

Are you building systems that allow users to share information via email? Do you distribute “invite a friend” or “share with a friend” email messages? High-growth online services use creative approaches to tap their user base to increase community involvement and grow their brand. When done well, this can boost adoption and increase idea diffusion, but there’s also a downside risk that could seriously harm your brand. Well-intentioned sharing systems can be abused by spammers and fraud artists. You can limit your risk by building safeguards into your “user generated content” (UGC) sharing system.

11 Tips for Improving User-Generated Emails

Sending emails with UGC is especially risky for two reasons. First, unlike your regular email marketing campaigns and transactional email, you’re not in complete control of the content. Second, your users choose who to send the content to. These two elements form a volatile mix. Don’t let it blow up. Here are some guidelines and practical suggestions from SendGrid’s delivery consulting and anti-spam teams:

1. Know who’s sending – Uniquely identify senders. Don’t let them spoof the identity of others (e.g. set the “From” address for them; don’t allow arbitrary “From” addresses, even the “Friendly From” field which is often all that’s displayed by mobile clients.) Tag outbound messages with the sender’s identity so that you can correlate abuse back to the source.
2. Listen carefully – Set up a feedback mechanism so you’re aware of unwanted UGC that slips through your defenses. (Configure your SendGrid account to forward spam complaints to a mailbox that you monitor, or better yet, use our Event Webhook to post complaint events to your system in real time so you can identify and stop mail that’s clearly unwanted.)
3. Know who’s naughty or nice – Establish a reputation for senders of UGC. Tie the reputation to the sender’s identity. Unknown/untrustworthy senders have lower thresholds. (e.g. slower sending, longer pauses between staggered sends, lower cap on list size.)
4. Control the flow – Interrupt or throttle the message flow once a sender receives too much bad feedback, downgrading their reputation.
   1. Rate-limit the flow of outbound UGC. Unknown or untrusted senders should be restricted more than trusted senders.
   2. Set a reasonable cap on how many recipients someone can “share” with. Is their “share list” growing at a reasonable rate (organically), or did it suddenly become large?
   3. Stagger larger sends. Trickle some messages out, wait for feedback to flow back in the form of bounces/complaints. If OK, trickle out some more. Rinse, repeat. (The larger the campaign, the more careful you’ll need to be.)
5. Manage the message content 
   1. Don’t allow users to put URLs in their UGC.
   2. Don’t allow attachments or user-generated images. (Remember the “image spam” fad?)
   3. Consider putting a character limit on the UGC portion of the message to help restrict unnecessary content.
   4. Scan for spam. Before sending, pre-screen UGC with a purpose-built web comment spam detection system like http://akismet.com/.
6. Shift the cost (and consequences) of sending UGC to the sender – Don’t enable abuse by making it easy for abusers to send large email campaigns via your service. When practical, shift the cost of propagating UGC email back to the sender. One method is to use a “share-by-email function” that launches a pre-populated email to be sent from the user’s own email client (i.e. via a mailto: URL).
7. Prevent mailbombing – Keep track of how many times your system sends UGC or invitations to a particular recipient. Limit the amount of UGC any single recipient will/can receive during a particular time period.
8. Honor unsubscribes – Put a working unsubscribe link in the footer of all UGC email. Also, make sure you’ve implemented the list-unsubscribe header.
9. Obey the law – The Canadian anti-spam law (CASL) puts strict limits on unsolicited email. Canadian authorities have established reciprocity with foreign agencies (including the USA). Litigants can have their judgments enforced abroad.
10. Segregate your mail streams – Beware of sending riskier messages (like UGC) via the same IPs and domain/subdomain as your essential mail (like sign-up notifications, password resets, etc.) Send your UGC via a separate IP and subdomain to limit the risk of UGC causing deliverability problems with your essential mail streams. If your UGC forms are managed by a third party, set up different sub-users for the different brands/sites/campaigns that send UGC.
11. Prevent sign-up abuse – Prevention is better than cure.
    1. Know who’s signing up for your service. Screen out troublemakers by vetting new sign ups. To do this at scale, automatically assess the riskiness of new sign ups and accounts that upgrade. (Our friends at e-hawk.net make this easy.)
    2. Your sign-up flow should have different “paths” for different levels of sign-up risk. The riskier the sign up, the more thorough your vetting/sign-up process should be. Add appropriate amounts of friction to your sign-up process when warranted. Possibilities include adding captchas, SMS verification, telephony callback, multi-factor authentication, or credit card validation to your sign-up flows.
    3. Discourage snowshoeing. Don’t allow the same person, device or IP to easily sign up for many accounts. They will try to circumvent your thresholds by trickling many low-intensity streams of spam in parallel. (Trivia: This spammer strategy is called snowshoeing because it spreads the weight of their campaigns across a larger surface area.)
    4. Beware of bots. Detect automated scripted (robot) sign-ups by tracking and auditing patterns in user IDs and the timing of activity during sign up. Are your registration forms being filled out faster than humanly possible? Randomly reorder the fields and flow of your signup forms or use CAPTCHAs to thwart scripted sign-ups.
    5. Spammers may leave some accounts dormant in hopes that you’ll trust older accounts more than newer accounts. If your reputation systems treat new accounts differently than established accounts, be clever in how you define “new.”

Keep these tips in mind if you already use UGC sharing systems, or if you’re looking to develop “invite a friend” or “share with a friend” messages to grow your brand. Just remember that it is your responsibility to ensure that your UGC emails comply with the same strict standards that you set for your email program. If you’re aware of the risks, you can prepare your program, and safeguard your users.