After the flurry of intense activity over the past couple of weeks, I had the impression that there were people in the Dean campaign that "got it" (for some value of "it"). As it turns out, they don't quite get enough of "it".
The Dean Campaign removal processes appear to be busted. The recipient of the email featured on this page has received another, which most definitely came from the Dean Campaign, this after my contact at the campaign assured me that the address had been removed. Broken removal processes are a hot-button issue in the anti-spam community. The Dean Campaign really seriously needs to fix this -- NOW.
The following email was received by someone who didn't want it, who didn't solicit it. The email was sent by the Dean campaign, and they acknowledged this to me in private email communications. The email address was given to the campaign at a fund raiser. The person who owns that email address is not a Dean supporter and has never been to a Dean fundraiser.
First the email, and after the email, we'll talk about ways this could have happened and why the Dean campaign has a problem that they don't really seem to understand.
X-Apparently-To: _emailaddressdeleted_@yahoo.com via 216.136.175.71; Tue, 19 Aug 2003 04:59:59 -0700
Return-Path: <email_bounce_handler@bounce.convio.net>
Received: from 66.45.103.61 (EHLO cluster2.convio.net) (66.45.103.61)
by mta421.mail.yahoo.com with SMTP; Tue, 19 Aug 2003 04:59:59 -0700
Received: from 10.0.2.42 ([10.0.2.54])
by cluster2.convio.net (8.12.6/8.12.6) with ESMTP id h7J81bX0021413
for <_emailaddressdeleted_@yahoo.com>; Tue, 19 Aug 2003 03:26:08 -0500
Date: Tue, 19 Aug 2003 03:26:08 -0500
From: "Gov. Howard Dean, M.D." <info@deanforamerica.com>
Reply-To: "Gov. Howard Dean, M.D." <info@deanforamerica.com>
To: _emailaddressdeleted_@yahoo.com
Subject: Stop Attorney General Ashcroft
Mime-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_170670_-1769388565.1061281567321"
Organization: Dean for America
XData: 1010,4Ky9ME9@yyQy@44ee@5SWWXxj5wTjSx1
Content-Length: 2655
------=_Part_170670_-1769388565.1061281567321
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Dear Friend,
The impact you have had on politics in this country is simply amazing. Everywhere I
go, people want to talk about the power of the grassroots--a power that you have
helped to demonstrate. Whenever I meet with elected officials, labor leaders, members
of civic organizations and other Americans, their number one question is, can the
grassroots sustain the momentum? Can we build a grassroots campaign large enough to
take on the special interests, win the nomination, and defeat President Bush in 2004?
I believe we can, but the next 42 days are a crucial time for us to prove that the
grassroots has the power to take our country back. Today, you stand with nearly
300,000 other Americans, united in our cause. Our goal is to have 450,000 American
supporters by September 30th. We are going to reach that goal by continuing to spread
our message that we are restoring the American community and our nation's role as an
idealistic moral force in world affairs.
To spread that message, we will be traveling to eight cities in four days as part of
our "Sleepless Summer Tour," beginning this Saturday, August 23rd. Please sign up to
attend if you live in a city we'll be visiting, or ask your friends who live nearby
to sign up and attend. You can find out more about the tour by clicking here:
http://www.deanforamerica.com/sleeplesssummer
This campaign is about bringing people together and standing up for the ideals and
freedoms that make us Americans. This Administration has unnecessarily compromised
those freedoms and ideals in the name of fighting terrorism. Through the USA Patriot
Act, the Ashcroft Justice Department took advantage of the climate of fear that
followed the attacks of September 11 to adopt a series of anti-terror tactics that
go far beyond protecting our country and erode the rights of average Americans.
This week, Attorney General Ashcroft is touring the country to build support for his
'Victory Act,' which would expand the Patriot Act. Join me in taking a stand against
John Ashcroft's plans by clicking on the link below and signing the petition to stop
the passage of the Victory Act:
http://www.deanforamerica.com/stopashcroft
After you've signed the petition, forward this email on to everyone you know. We all
must stand together to demonstrate that the grassroots have the power to take our
country back.
Sincerely,
Governor Howard Dean, M.D.
P.S. You now have the option of making a recurring monthly contribution to our
campaign. Click here for more information: http://www.deanforamerica.com/contribute
To unsubscribe from all future e-mail, paste the following URL into your browser:
http://www.deanforamerica.com/site/CO?i=BX3c86-vCbpqwmziE8cYSY8uFizeWeKm
------=_Part_170670_-1769388565.1061281567321
Content-Type: text/html
Content-Transfer-Encoding: 7bit
<html>
<head>
<base href="http://www.deanforamerica.com/site/">
<link href="http://www.deanforamerica.com/css/UserStyle.css" rel="stylesheet" type="text/css" />
<link href="http://www.deanforamerica.com/css/CustomStyle.css" rel="stylesheet" type="text/css" />
</head>
<body>
<table>
<tr>
<td width="800">
<p class="fontminus1"><table align="center">
<tr>
<td width="100%">
<p class="fontminus1"><table width="90%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><p align="left"><font size="2" face="Arial, Helvetica, sans-serif"><IMG alt="Howard Dean for America" hspace=3 src="http://images.deanforamerica.com/images/pcmlogo.gif" align=right vspace=3 border=0>Dear Friend,<br>
<br>
The impact you have had on politics in this country is simply amazing.
Everywhere I go, people want to talk about the power of the grassroots—a
power that you have helped to demonstrate. Whenever I meet with elected
officials, labor leaders, members of civic organizations and other
Americans, their number one question is, can the grassroots sustain
the momentum? Can we build a grassroots campaign large enough to take
on the special interests, win the nomination, and defeat President
Bush in 2004?<br>
<br>
I believe we can, but the next 42 days are a crucial time for us to
prove that the grassroots has the power to take our country back. Today,
you stand with nearly 300,000 other Americans, united in our cause.
Our goal is to have 450,000 American supporters by September 30th.
We are going to reach that goal by continuing to spread our message
that we are restoring the American community and our nation’s
role as an idealistic moral force in world affairs.<br>
<br>
To spread that message, we will be traveling to eight cities in four
days as part of our “Sleepless Summer Tour,” beginning
this Saturday, August 23rd. Please sign up to attend if you live in
a city we’ll be visiting, or ask your friends who live nearby
to sign up and attend. You can find out more about the tour by clicking
here:<br>
<a href="http://www.deanforamerica.com/sleeplesssummer"><br>
http://www.deanforamerica.com/sleeplesssummer</a> <br>
<br>
This campaign is about bringing people together and standing up for
the ideals and freedoms that make us Americans. This Administration
has unnecessarily compromised those freedoms and ideals in the name
of fighting terrorism. Through the USA Patriot Act, the Ashcroft Justice
Department took advantage of the climate of fear that followed the
attacks of September 11 to adopt a series of anti-terror tactics that
go far beyond protecting our country and erode the rights of average
Americans.<br>
<br>
This week, Attorney General Ashcroft is touring the country to build
support for his ‘Victory Act,’ which would expand the Patriot
Act. Join me in taking a stand against John Ashcroft’s plans
by clicking on the link below and signing the petition to stop the
passage of the Victory Act:<br>
<br>
<a href="http://www.deanforamerica.com/stopashcroft">http://www.deanforamerica.com/stopashcroft</a><br>
<br>
After you’ve signed the petition, forward this email on to everyone
you know. We all must stand together to demonstrate that the grassroots
have the power to take our country back.<br>
<br>
Sincerely, <br>
<br>
Governor Howard Dean, M.D.<br>
<br>
P.S. You now have the option of making a recurring monthly contribution
to our campaign. Click here for more information: <a href="http://www.deanforamerica.com/contribute">http://www.deanforamerica.com/contribute</a><br>
<br>
<br>
</font></p>
</td>
</tr>
</table><TABLE width="100%" border=1 cellPadding=0 cellSpacing=0 bordercolor="#000066">
<TBODY>
<TR>
<TD>
<DIV align=center>Paid for and maintained by DEAN FOR AMERICA <BR>Contributions to Dean For America are not tax-deductible for federal income tax purposes </DIV></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE><img src="http://www.deanforamerica.com/site/PixelServer?j=vVBDwZT08hKo5DnivCNQ8g.." height="1" width="1">
</p>
</td>
</tr>
</table>
<p><br />
<a href="http://www.deanforamerica.com/site/CO?i=BX3c86-vCbpqwmziE8cYSY8uFizeWeKm">Unsubscribe from receiving e-mail, or change your e-mail preferences.</a></p>
</body>
</html>
------=_Part_170670_-1769388565.1061281567321--
Ok, now here's the problem.
The Dean campaign collects email addresses from a web form, and they collect them at fund raisers and other events. They don't confirm them before starting to mail to them. There are numerous reasons why this is a really bad idea; I'll outline two scenarios. Scenario One is probably similar to what happened with the Dean email I included above.
Mike Jones (mikejones@example.com) goes to a Dean rally, and writes his email address down on a piece of paper. Some campaign staffer transcribes it, but can't read Mike's writing very well. It goes into the system as markjones@example.com. But Mark is a conservative republican who voted for Pat Buchanan the last time he had a chance. The next Dean mailing goes out, Mark Jones gets it, and he's mad because he didn't ask for it and he already doesn't like Dean, so he calls the Rush Limbaugh show, and now Rush is gleefully calling Dean a spammer on his radio show.
It's an isolated incident, but isolated incidents add up, and in this particular context where the Dean Campaign already had a very public problem, these incidents reverberate.
Some third party decides to "have fun" with the dean campaign. They might be conservatives, they might be a ticked off spammer, they might be a hacker or prankster, or they might even be a radical anti-spamer with an agenda about confirmed opt in and lists that aren't confirmed (there are a of such radicals out there, and they've done things like what I'm about to describe; this is not a paranoid fantasy.)
So the party in question gets a big honking list of email addresses. What the list is doesn't really matter much, it could be conservative republicans, it could be sheep herders or neo-nazis, or it could just be a million address cd bought from a spammer.
They write a bot which quietly starts adding addresses via the web page sign up. Depending on how the sign up is set up, it could be trivial, or it might need to be somewhat stealthy (if there was any rate limiting, steps would need to be taken that would circumvent the rate limit. It's not hard, but does require a slightly more sophisticated prankster.) So a huge number of email addresses get subscribed, not confirmed, and then your next mailing goes out. Presto, the Dean Campaign looks like spammers! It's scenario 1, magnified by malice.
The way to fix this is to put in a postive confirmation step. Any email address that gets added (via web or paper) gets a confirmation email. The recipient must reply to be added to the mailing list. Otherwise, they fall off. This is the only way to suppress bogus signups that is truly effective.
The response to these scenarios by the Dean staffer I described them to was a bit casual and unconcerned. They clearly don't thing confirmation is needed. There was some sort of belief system in place that tampering was a violation of Federal Law, and that this was enough to protect them.
I wish them luck, they're going to need it.