Your website exists as a marketing tool. It is the online shop window for your business, attracting attention, teasing bypassers with information and offers that encourage them to step through the door and talk to you in more depth about your products or services. Its a very well established model, and the likelihood is that your website shares a number of factors in common with those of all other businesses, large or small.
- A number of pages describing what you do in enough detail to connect with visitors and encourage them not to move on
- Supporting images, videos and design elements that create an appropriate ambience for what you are selling
- One or more means of getting in touch with you, such as phone number and/or contact form
- Means of tracking site visits (analytics), and perhaps even on-site behaviour (more advanced analytics and/or heatmapping)
Successful websites do all these very well, in addition to having mechanisms in place to attract visitors to the website in the first place. For many businesses, their primary goal for website visitors is to encourage them to get in touch, so that the conversation can be continued. However, more and more we are seeing a particular issue with website contact forms which is causing all that effort to be wasted, and hot leads from potential customers to go unanswered.
Email – an imperfect tool
To understand why there is an issue with contact forms, first we must explore briefly the tool used to convey the information – email.
With origins as a very simple messaging tool back in the late 60s and early 70s, email has fulfilled a basic human need – communication. As a species we have an innate drive to both gather and convey information within our tribes. It is why language evolved thousands of years ago, and why in today’s world the most popular smartphone apps are those that allow us to interact with others – Facebook, Twitter, WhatsApp, Snapchat, etc, etc.
For all their popularity, though, no other online service comes close to the ubiquity and volume of email. It is estimated that, in 2017, approximately 270 billion emails are sent every single day. That’s over 2.5 million emails every second!
From an early age, most of us will create one or more email accounts to use for communication and as part of an identification process. Indeed, most social networking services will require you to have an email account before you can use their service.
But email is not without its problems, and foremost among them is SPAM, or to give it its more proper name, unsolicited email. It is the act of sending marketing emails, or emails designed to trick people into infecting their computers with viruses, to people who have not requested them in the first instance. Spam emails are something that most of us will have experienced, and perhaps even been tricked by a particularly clever one. It is estimated that currently over half of the email traffic around the world consists of spam emails. Shocking as that statistic is, it is actually an improvement on the situation from 5 or more years ago, when over 80% of emails were reckoned to be spam.
This reduction in the proportion of spam is, at least in part, due to improvements in the mechanisms used to combat it. These measures have taken the form of advances in the protocols used to define and transmit email messages, improvements in the tools used by the major email hosting providers to identify spam, and increased efforts by law enforcement to identify and eliminate spam ‘farms’. These advances, though, are at the root of the issue with website contact forms.
Websites and emails
One of the tools used by spammers to generate their huge lists of email addresses to target with their spam is to ‘scrape’ email addresses from websites. Scraping is the use of automated tools that scan the public pages of websites looking for text that looks like an email address. Once added to one spam list, email addresses tend to find their way on to many others. In essence, once the floodgates open then its pretty much impossible to stop spam being sent to an email address.
With this in mind, many businesses either ‘obfuscate’ email addresses on their website (i.e. use some code that makes the address invisible to scrapers), or don’t put one on there at all and instead use a contact form. In addition to removing your email address from your website, another advantage of a contact form is that you have a little more control over the information that is sent to you…you can require a phone number to be provided, for instance.
Once the visitor fill out the contact form and clicks the ‘send’ button, normally that generates an email that is then delivered to one or more addresses defined in the form’s admin panel. In the past, this has been a fairly simple and effective way of being notified of a new, interested visitor to your website, so that you can look to foster that interest and develop a sale. But more recently there has been an issue with this.
Spoofing
One of the trick that email spammers use to try to make you believe that an email is from a valid organisation is to make the ‘from’ address on the email something recognisable. So instead of getting an email from shady@spamcompany.com they instead send the email from trustme@brandname.com After all, if you got an email that purported to be from, say, NatWest (a large UK bank), but the from address was joe785623@gmail.com then you’re not likely to trust it, right?
In the early days it was very easy to swap the ‘from’ email address like this and send the emails out. Indeed, there is a facility in emails that allows you to specify a different ‘reply-to’ address on an email which typically isn’t seen by the email recipient when reading the email. That way, if they hit reply then the resulting email goes back to the spammer and not to NatWest.
You might think that differences between the ‘from’ and ‘reply-to’ addresses, particularly differences in the domains of those two email addresses, should be one of the items that spam filters use to identify potential spam. But there are some valid scenarios where this can happen, including your website contact form.
Typically, when the email is constructed, you will set the ‘from’ address as something like website@yourdomain.com and the ‘reply-to’ address as the visitor’s email address. Why not set them both to the visitor’s email address? In the past, that was OK, but now that tends to trigger another anti-spam measure.
Authentication
In an effort to combat increasing levels of spam, a relatively recent addition to the email handling protocols is a pair of authentication methods – SPF and DKIM. SPF, or Sender Policy Framework, allows you to define which servers are valid senders of emails for a domain. DKIM, or DomainKeys Identified Mail, is a means of adding information to individual emails, using a public/private key mechanism, so that each email can be validated as having originated from the sending domain itself and not from a third party. Whilst neither of these are essential to ensure emails are delivered, the lack of SPF or DKIM for a domain will be viewed by some spam filers as a, relatively minor, red flag.
For website contact forms, SPF in particular can cause a problem. If you set the ‘from’ email address to the website visitors address, then their domain would need to have validated your web server as a valid originator of emails. Of course, that’s not going to be the case, and so your contact form email being sent from your web server to your email account could easily be flagged as spam.
Setting the from address to ‘website@yourdomain.com’ avoids this scenario, as long as you have set your web server up as a valid sender of email for your domain, of course.
Transactional emails
Whilst this simple change to your contact forms may be all you need to improve deliverability, there are potential pitfalls still. In particular, any change to the location of your website’s server is likely to cause emails to fail. So if your host has an issue and needs to move your site at short notice to another server, in the upheaval you may neglect to define that new server as a valid sender in your SPF record. Or if you integrate a 3rd party service, on a different server, with your website, again you need to update your SPF record. You may even find that if your website serves content over a Content Delivery Network (CDN) like Cloudflare, where the form could be filled in on one of a number of different server worldwide, you again experience issues with emails not being delivered.
The safest way to avoid these issues is to utilise a transactional email service. Transactional emails are defined as those emails that are sent automatically as part of a process, typically on your website. They are not the day-to-day emails you send from your desktop, and not the marketing emails for which you might use a service like Mailchimp. Instead, they are such things as order confirmations, password reminders, and of course contact form entries.
Setting your website up to hand all automatic emails over to a 3rd party service avoids all these potential pitfalls. Regardless of what server is hosting your website, the emails are always delivered from the same place. Indeed, part of the setup process for any transactional email service involves sorting out the SPF and DKIM frameworks, thus boosting the likelihood of delivery.
An added benefit of some transactional email services is that some element of tracking can be added too. The service we utilise here at Four Lakes allows us to track email delivery, bounces, and even clicks on internal links. It’s not designed to be used for marketing purposes, but can be a great support tool.
If transactional email is something you think would be useful for your website, then head over to our contact page and drop us a note. You know that email will get through to us! 🙂
Recent comments