Marketing Machine Gun

LAST CHANCE - 1/3 Off All Blog Posts - Ends Tomorrow!


In December 2016 and January 2017 I made purchases from EuroCarParts.com, both replacement bulbs for my car. Their website was functional and delivery was free, so no complaints there. As well as their initial account creation email, I was sent two emails on both occasions; an order confirmation and a shipping confirmation.

I knew where they were, they knew my email address and purchasing habits, I had no intention of looking elsewhere for replacement bulbs. Happy days.


Where did it all go wrong?

Fast-forward to the 29th of March, and no more bulbs had blown. Not to worry, as my friends at EuroCarParts have lots more products to offer. They took matters into their own hands, as depicted in the following chart. From the 28th of April onwards, they decided to send me almost one email every day.

I'll leave it to you to speculate what caused this catastrophic surge in email marketing, although my suspicion is that somebody in management read a blog post on LinkedIn about effective marketing strategy and didn't consider the consequences before implementation. They've certainly lost me as a returning customer. We'll go into the content of the emails after taking a look at the headers.


Where do the emails come from?

Here are the headers from an example email, with the boring stuff and my email address removed:

Delivered-To: <redacted>
Received: by 10.2.64.131 with SMTP id n125csp329366jaa;
    Wed, 30 Aug 2017 02:53:15 -0700 (PDT)
X-Received: by 10.55.43.3 with SMTP id r3mr9951911qkh.1.1504086795235;
    Wed, 30 Aug 2017 02:53:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1504086795; cv=none; <...>
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
    h=to:subject:reply-to:mime-version:message-id:list-unsubscribe:from
     :date:content-transfer-encoding:dkim-signature
     :arc-authentication-results; <...>
ARC-Authentication-Results: i=1; mx.google.com;
    dkim=pass <...> spf=pass <...>
    smtp.mailfrom=74h0klodle4vrata15xqg2fzu7dj7qqs-b@mail.eurocarparts.com
Return-Path: <[email protected]>
Received: from ms148-037.bronto.com (ms148-037.bronto.com. [69.166.148.37])
    by mx.google.com with ESMTPS id y46si5035777qtj.414.2017.08.30.02.53.14
    for <redacted>
    (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
    Wed, 30 Aug 2017 02:53:15 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected]
    designates 69.166.148.37 as permitted sender) client-ip=69.166.148.37;
Authentication-Results: mx.google.com;
    dkim=pass [email protected] header.s=bdk header.b=JmzsNs4o;
    spf=pass (google.com: domain of [email protected]
    designates 69.166.148.37 as permitted sender)
    smtp.mailfrom=74h0klodle4vrata15xqg2fzu7dj7qqs-b@mail.eurocarparts.com
DKIM-Signature: v=1; a=rsa-sha1; c=simple; s=bdk; d=mail.eurocarparts.com; <...>
Received: from localhost (10.0.2.127) by ms148-037.bronto.com id hkq5gm1kmf4k for <redacted>;
    Wed, 30 Aug 2017 05:36:10 -0400
    (envelope-from <[email protected]>)
From: =?UTF-8?Q?EuroCarParts=2Ecom?= <[email protected]>
Reply-To: =?UTF-8?Q?EuroCarParts=2Ecom?= <[email protected]>
Return-Path: [email protected]
Subject: =?utf-8?Q?50=25=20Off=20Brake=20Pads=20=26=20Discs=20Today=20Only!?=
To: <redacted>
X-campaignID: bm23_ccpxehqwdafabfwaxjnvtjbrtenhbcd
X-Mailer: BM23 Mail

We can see that these guys are using bronto.com to handle their spamming marketing correspondence. In fact they've been using Bronto since at least February 2016, so it must have been an unrelated decision to open the floodgates.

Let's take a moment to appreciate the good practices in use here: they've got SPF and DKIM nailed. Companies quite often manage to misconfigure at least one of these, so well done Bronto. If you don't know what either of those acronyms are, they're not necessary for the story, and we probably lost you at the list of headers anyway.


What's inside the emails?

They're just newsletters with pretty pictures of the currently-discounted product that you almost certainly don't want. The idea is typically to get you onto their website as quickly as possible, by which point you'll have remembered that you need some more engine oil soon, so you may as well buy it now.

Sale header

Almost half of the newsletters I've received (50 out of 108) use a scary subject line to get clicks. These typically use words like "Hurry", "Last Chance", "Ends Tonight", "Flash Sale", you get the idea. The faster the sales cycle, the more deadlines you can make your customers think they're missing out on.


Why didn't you unsubscribe?

Instead of clicking their unsubscribe link, I diverted all marketing emails out of my main inbox and told my email client to ignore them—I could smell a blog post on the horizon. It's worth noting here that EuroCarParts are certainly not the only company that send unsolicited marketing mail, but they are the worst offender that I've come across.


Can you use these emails to build a machine to generate more sales emails?

Of course! I'll leave you with 5 subject lines generated using a basic Markov chain (of order 2), interleaved with 5 randomly-chosen real subject lines. View the source of the page to find the answers.

—James
31 August 2017