Only after a hint about possible public shaming, someone sent me data dump with all the emails and names. So they lied in the first response (all data is wiped and unrecoverable) and only responded to a threat.
Since then I am using Mautic and own SMTP server.
Not defending Mailchimp, but keep in mind the perspective and context. To a customer support agent using some backend interface, it very well could be "completely wiped". To an escalation team, they may be able to pull it from backups in an "unofficial" manner.
This shields them from individual liability as well as makes the company liable for their actions (as long as they are acting as agents of the company in an official capacity).
The customer has no business relationship with the individual customer support person, so whether they are lying or telling the truth is irrelevant to the customer -- they do have a business relationship with the company (a single actor, with multiple agents) and the company can easily tell lies via these agents.
If the above narrative is correct, the company did very likely tell a lie since the fact that the customer's data was recoverable was probably known by the company and also the company likely actively worked to make the opposite of this known via their agents.
That's... ambiguous. Agents aren't liable for contractual violations, but agents are typically liable for torts. Liability depends on exactly what the employee did.
AFAIU, theoretically an employee committing a tort could be liable personally as well as the employer; and if service is disrupted the employer could be contractually liable.
Also keep in mind the perspective and context that the end user has no way of knowing.
And even if the data can be recovered in an unofficial manner whether they will actually bother is highly unlikely if they care as little as they most obviously do.
So, as a user it is a pretty safe bet to just assume it is gone (but do keep poking).
"Your data has been deleted" pretty much has always meant that it was deleted from the live servers and that the deletion will propagate through backups depending on the orgs retention policy/requirements.
The organization knows that they have the data, but they trained their staff to reply that it was destroyed.
That's a lie. Not an untrue statement, but a deliberate lie.
To whom? My mother? Nope- she thinks it's gone. So yeah- it's a lie, and you only catch it if you know better.
"Yes Dad I did my homework" has pretty much always meant that he hasn't started it yet.
No, it's a lie and the organization knows it. They are responsible for training their CS folks.
You people are throwing around the word "lie" very loosely here...
No, the exact opposite in fact.
Am saying that if you weren't told there's a backup, you'll not think there's one and treat the data as completely deleted, even if they really aren't.
(Although given privacy regulations, it's a bad sign if a support agent can't give a precise answer about data stored or at least know not to make unchecked claims about it)
No it doesn't. Deleted most places means deleted and gone forever. There are a number of legal requirements (in the U.S.) at least when dealing with certain government organizations, and many non ones as well surrounding this. Think of it this way, a customer comes and says, there is sensitive information on your server, and since we no longer want to do business with you, you are now required to delete it. Normally there is an end date to allow the backups to be purged through propagation etc., but at the end, when they say it's deleted, it means deleted from everywhere. Sometimes this also means completely wiping drives so there is absolutely no trace of it left.
"A lie is a statement used intentionally for the purpose of deception"
I don't think you can prove it was a lie.
Definitely worth considering in more depth, thanks for the perspective.
Well, that "person" lied. Regardless of the specific agency it employed in doing so.
(And, this type of banning and cut-off from data is obviously -- just look at the comments here -- not a one-off scenario. I find it difficult to believe that the consequences, including the customer's lost access to their data, were not thought about by MailChimp, as an organization and by people in their official roles within MailChimp.)
P.S. As I've grown older and observed and thought about things, I've come to see this as a primary role of the corporation or other such entity: To "dilute" responsibility and accountability to the extent that no member -- or, no member who has sufficient influence, who "matters" -- is ever held personally accountable for their actions within and on behalf of the corporation. [Addendum: And, in turn, the corporation is never truly held accountable, because the employees involved "lacked knowledge". Nicely circular, eh? By the way, I don't consider paying a dollar amount that is often a fraction of the gains realized by the behavior, to be "being held accountable".]
I've stopped letting people in such corporate or institutional roles off the hook, just because "they didn't know". Or rather, I've stopped letting the corporations and institutions off the hook because employee X didn't know. All too often, it's set up precisely that way and on purpose.
I bet you people just assume or their manager doesn't know either.
Why was my account suspended -
> If we suspended your account, we'll contact you as soon as possible to let you know why, and to give you details on how to fix the situation.
And that's clearly a lie, based on OP's experience, and those of other commenters.
Top executives maintain ignorance of operational unpleasantness. Technical staff know operational specifics, but little about business design and usage. Intermediate management know pieces of business design and usage, but nothing about technical implementation.
Nobody needs to lie, and still there's often no way to know for sure what happened.
After all, how can we know what an alleged liar is really thinking?
What matters is that the institution as a whole - the way their policies and procedures come together - lied.
The institution certainly knows of it's capabilities. It deliberately chose to not tell that to it's CS reps, because of a multitude of reasons, that come down to 'It makes our/their jobs easier.'
My ISP, for example, lies to me every time I make a call to customer service. Is the front-line CS rep lying to me? No. But his employer is, by making him tell me a pile of bullshit about why my Internet is busted - again.
"It doesn't matter if they're liars"
In other words, data recovery that can't be handled by the customer service reps and that requires developer intervention should be a "surprise and delight" sort of situation and not a "customer should expect this" type of situation.
The answer should be: "I can't know." Followed by one of: (1) Let me connect you to someone who can know (2) Let me tell you how much it costs to find out (or 3) Also we don't care.
That would be honest. Not saying it's easy.
Because, in that case, the intent of the statement is to deceive. If the intent of the statement is simply to not set an expectation that can't be guaranteed rather than to intentionally deceive, then it's not a lie, in my opinion.
I work in audio editing and recovery/enhancement and there are situations on a regular basis where we tell customers that their audio can't be recovered. I don't think we're lying to customers in saying that despite the fact that, in some cases, we may be able to recover or enhance the audio to the point where it's usable if we invested an exorbitant amount of time on it. In the most literal sense, yes we can recover the audio but in the practical sense and, most importantly, to the customer we can't recover the audio in any meaningful way because they either can't afford the work necessary, we don't have the resources to devote to that work, or we can't guarantee that, even if we can recover it, it's acceptable for whatever purpose they need it for despite being "good enough" for us.
If I tell somebody that something's unrevocerable because I know they wouldn't want to pay the recovery, I'm not lying. But saying nothing can be done when I'm just afraid of the cost of righting my mistake: that is lying.
> regardless of whether it's something that would require developer intervention to recover.
For most intents and purposes, data existing only on archived backups or raw server logs is "completely wiped".
Irrelevant, customer service can know if the data record exists without having access to it.
My intent and purpose in asking the question may not be part of "most", yet it's still valid.
The funny thing was that our student group was allowed to directly invest a trivially small portion of the university's endowment in the stock market, so we were not soliciting others to buy stocks - the presentation was a confidential, internal one about how to invest our fund's own money.
I was confused for a second with the mental image of Nero sending out blast emails to Rome's citizens.
Banning accounts with no warning is already bad enough - ideally they'd just disable your ability to send emails until the issue was resolved, but at least I can accept that.. but to steal people's mailing list in the process? What the fuck.
What is unreasonable IMHO, and the reason I want to bring this to people's attention, is deactivating an account without a warning, without even a notification, and with no way to recover. That is a ticking time bomb that I was simply unaware of. I never even imagined that a company as successful and popular as MC could have such an inane policy. Obviously, if I had know, I would have done things differently. All I can do now is sound the alarm so that other people don't step on this land mine. (And maybe public shaming will convince MC to give me my mailing list back, but I'm not counting on it.)
P.S. One of the problems here is that "inactivity" is ambiguous in this case. I had not logged in to my account in a long time, but people were signing up for my list. I assumed that would count as "activity".
1. The MC one
2. Relying on any free service as an important part of your business.
The adage "you get what you pay for" really does tend to hold true.
That's one of the frustrating things about this. MC has turned this into a lose-lose when it really didn't have to be.
Backups also make your life longer, because of reduced stress. Otoh, you spend some of that extra time making backups, but it's still a win win, I guess. :D
What's hard is actually making sure your emails get delivered and don't end up in the spam folder.
Starts with the easy stuff like DMARC (needs DKIM & SPF), goes further to properly warming your IP's, then to properly parsing hundreds of different error response messages and good retry scheduling, and to complex problems like individual mail receivers spam and max-throughput rules.
Also these companies sell you the ability to easily make campaigns targeted at a specific subset of your contacts.
As for sending out mail, one of the difficulties that MailChimp and similar services take care of is keeping the servers' IP addresses out of spam lists.
It is dated it seems, but still does a job.
There are indeed issues with delivery, but you just work through these as they arise. Also, there is no monetization involved, so I do not care that much about delivery rate. But if your profits are directly tied to delivery rate - hoting own SMTP server might not work as well.
Good luck with that.
Just because you read blog posts titled "DON'T HOST YOUR OWN MAIL", doesn't mean you shouldn't. People are scared of hosting their own mail servers because they
a) are told they shouldn't
b) don't understand SMTP.
I am all for decentralizing this hyper-centralized internet.
Maybe I'm too old? Has email come around to the point where someone can host their own email and send out thousands of emails without having to deal with a mountain of headaches again? That would be sweet, maybe I can go back to telling clients it's okay to paste a massive list of email into their Outlook's BCC field? It would certainly save them some money. I still to this day hear from clients who send "small" mass emails wondering why their friends at AOL, or <insert your ISP here> didn't get the email.
Sorry but this is based on my direct, first hand experience with hundreds of small businesses doing this exact thing. I don't base my business model off of some random blog post, I base on years of experience and the lessons learned from getting burned.
I run my own smtpd for personal purposes, but if I were going to send outgoing customer-contact mails en masse, I certainly wouldn't do it through my personal perfectly-configured postfix system. Things like mailchimp fill a market niche.
Regardless, hosting your own mail isn't the same thing as using outlook's BCC field.
Tens or hundreds of thousands, maybe not. (And I'm assuming that this isn't email that the recipients are going to consider is spam.)
I think there are two major reasons for this improvement: DKIM basically works, and far fewer recipients are using email accounts provided by crappy ISPs.
Some basic good hygiene and some effort put into gently educating customers on how email works has gone a long way.
My biggest headache today is in receiving mail, not sending it. Because so many other people have followed advice like yours and jumped onto one crappy mail service or another, the originating network for an email is no longer a good signal for whether it's spam or not.
Even if that would be a problem in future, you'd rather use one of SMTP PaaS (there are quite a few of them out there) instead of using fully integrated solution like Mail Chimp. I.e. you can use Mautic and connect it to Sendgrid or something like that. This way you have full ownership of mailing lists and newsletters content.
The hard part isn't actually sending the mail, the hard part is staying abreast of the already long and perpetually growing list of legitimacy signals you need to send to reassure understandably paranoid SMTP clients that they shouldn't mark your newsletter as spam. And you're not done even when the server is set up and configured properly; it doesn't take more than a handful of ignored complaints to start getting added to blacklists.
It's not difficult, per se, but it is a huge time investment for a service that centralized vendors can provide extremely cheaply because of economies of scale.
I'm all for moving toward decentralization too, but we're not going to get there from here if we don't understand and respect the incentives that lead people toward centralization in the first place.
It's a big bag of "do not recommend".
(As for how we manage to use them for incoming email; emails go to a gsuite inbox, which forwards them to MC/Mandrill, when then calls a webhook to actually process the email further. Yes, we could do way better with our own SMTP server that cuts them out. I think this architecture was chosen to have a failsafe in the event that our services all go down.)
At all times these are reported as spam. Then, when we, a few years ago sent out a new feature announcement and a request for a follow up appointment, our account gets frozen for sending unsolicited marketing emails — to our actual customers who have opted in to our emails! Emails that complied with every bit of the anti-spam laws. So Mailchimp arbitrarily lets through their massive enterprise senders sending actual unsolicited emails but freezes their smaller (but still paid) customers sending marketing to actual, current customers.
Anecdotes aren’t data, but for us, it was reality.
Aside telling the sender or receiver, there's no good way to know. I guess you could send a test email every hour.... But this is an evil failure mode. This isn't an accident.
So maybe the answer is more complicated.
1) project updates
2) in full compliance with their documentation
3) no preseeded list, users signed up on their own accord
I stopped using MailChimp ever since and even though their integration is much simpler, I do not use them for my clients. Every now and then I do have one or two clients wanting to integrate with them, but I do honestly warn them of what they're capable of and be the judge.
It's not like they're cheap. Their plans are pricey and yeah, they do have good deliverability, but the competition has caught up ever since. The only way they're able to keep existing accounts is by passive-aggressive scare "Watchout, we have the best deliverability and if you move elsewhere for price concerns, you have tons of these problems to deal with, including deliverability, so stick with us".
This is 2018. No one should be using MailChimp. There isn't any good reason to.
I've had similar bad experiences with MailChimp and Mandrill. Their customer support is very defensive over both technical and account issues, even when you've already done the work of identifying the problem for them.
People continue to use MailChimp because of its marketing halo. They even had a flattering New York Times feature in 2016.
Luckily most emails we send are transactional so new projects are able to use AWS SES, Postmark, or SendGrid.
By the time you hit that 2,000 subscriber limit you're comfortable and stuck. I've used them before, my main issue (apart from price) is their poor automation/segmentation logic.
In the end it turned out that appart from our paid(!) main account, an intern from the marketing department created another account some time ago which hadn't been in use for a few months already.
So in the end a coworker and me spent the night rewriting our transactional mailing to hook up Sendgrid instead, with no problems since then.
Fuck MailChimp + Mandrill!
We had to move pretty fast when we made the switch. My coworker tried Mailgun (which didn't verify our domain fast enough), while I tried Sendgrid.
There was also the added bonus that we had a free paid tier from Sendgrid as part of our accalerator program, so we had planned to switch to Sendgrid anyway.
But man, I don’t envy companies deep in the anti-spam/fraud business. The impression I’ve gotten is that when you act with a lighter touch and/or give lots of info about why an account was closed, spammers/fraudsters weaponize that and either figure out how to bypass your controls or social engineer your support.
I hope I’m wrong. Any thoughts on how a company should balance good service to users (and false positives) with the need to fight black hats?
A big part of why MailChimp responded this way is that they have a very generous free plan. With that they can't afford to dig deep on free plans that violate ToS. You'll get buried under the weight of support/vetting for that.
Once you start charging even a little bit, the amount of spam/fraud BS you have to deal with plummets.
Every hurdle your free plan introduces to blasting out emails adds friction for spammers. Give them enough friction and they'll move on somewhere else. Forcing them to provide a valid credit card before they can send emails is a great way to add that friction.
For example, they could notify the owner of the account after deleting it. And allow them to download their data. It's not hard to do, it does not open them up to social engineering, and it does not incur per-customer cost.
Nor does it facilitate continuation of spam, in fact it hits legitimate users way more than spammers - spammers bought their lists and have copies, while users who legitimately grow their lists through sign ups usually don't make copies.
It's kind of like prison. Everyone says they're innocent. Some guilty people might even sincerely believe they're innocent. But when everyone is saying they didn't do anything wrong it's really hard for the person who actually didn't do anything wrong to get "justice."
Unrelated, I would love it if a publication profiled a few spammers. I suspect they're very different from how most people imagine them.
I felt bad for him that he had no idea what it was that he was doing but I couldn’t convince him that it was not legit. It was MLM-level brainwashing.
Many spammers don't see how what they are doing is wrong. They run a LinkedIn scraper to collect 100,000 business emails for people in their industry and they want to email them.
When you explain that they're spamming, they get offended. "No, this is not spam! These people are going to be interested in this product."
They just don't understand why it's wrong.
Having done community moderation in a past life, I know how tiring it is to try to offer real engagement and empathy for people who refuse to understand that they've acted in an unacceptable way. There are also the people who know they're abusive and expect to just talk they way through it until you allow them to continue. Combined, it's enough to convince someone to stop offering humanity and sympathy to those who have acted badly, knowingly or otherwise.
You might like Spam Nation: https://amzn.com/dp/B00L5QGBL0/
Currently, I assume the only thing such a postmortem would contain is "one of our anti-abuse system considered the account abusive, so our default process kicked in, some sort of escalation review process (automated or human) also flagged it as abusive, so no further escalation was allowed, and we don't really have a way to keep this from happening over and over again". (Which, to be fair, is probably true of any service that has to deal with abuse at scale.)
Anything better than that (e.g. providing notifications on takedowns, offering data take-out, or at least explaining why this isn't in place) is probably worth posting.
Having ToS issues is one thing. Deleting/banning accounts without any notice is another.
Major shout out to Stripe. They believed we were in violation of their ToS, notified us immediately, and gave us 7 days to find an alternative including a competitor that would accept our business.
Once I contacted their support, I was able to confirm with them, that in fact, we were in compliance, and the crisis was averted. But had they just shut us off without warning, that would have been a disaster.
Absolutely would never recommend.
The situation is so unfair and one is so powerless, that the best way to resolve it is to get dozens of other people involved.
This is probably tiring to oneself and all the other people who have to work up into outrage. There really ought to be a more systematic way to work resolve these things.
Any recommendations on alternatives?
Uh, regularly export your list?
I routinely think about by my business model and the repercussions of losing access to an online service. I backup incessantly as a result. BRB, going to backup my MailChimp lists.
You might want to consider removing "fucking" from your front page. I'm really not one to bat an eye at any form of cursing but seeing it on a company's webpage like that doesn't sit well. You have a good idea, let the tech speak for itself, no profanity needed.
If they went out of business then I would also assume they would give customers at least several months to export their mailing lists.
Edit: for some reason I'm not allowed to post new comments (presumably because of the downvotes to my other comments), so I'll just reply here: Would it be naive/fraudulent to promise the same durability as the storage service you're using? After all you're just feeding the data to their service through their API. I of course wouldn't promise this kind of up-time, but once the data is successfully saved then I fail to see why it would be wrong to make such claims. Assuming you also made regular backups of the data you feed to their services (which I certainly hope MailChimp do) then you can be even more confident that the data won't be lost. If Google/Amazon banned the accounts storing the mailing lists then I'm sure it could be recovered, especially by a company of MailChimps size.
I think it's okay to extend your durability promise to your clients, but durability isn't the same metric as availability as you've eluded to in your edit. I typically tell customers our product's durability is an extension of AWS's via a BAA. If I had to shut down a product and needed to provide the data for export, it would be simple to throw them in AWS s3 by client ID and let them sit there, but you're going to have to budget a big chunk of money for it. The only way you get a green light to have that budget is if you are contractually bound to do it. I believe a lot of companies (mine included) do have those contractual obligations in place already, but I honestly don't think what I have in mind to meet the contract, and the user's expectations are aligned. Is it the raw data they passed via API that I return or the enriched data we produced that I return? If it's the latter, we're going to need more money as that will be exponentially more information to store for export.
Those numbers are not the 99.999% you quoted and you really shouldn't think they are. If you promised your customers five nines reliability based on the one-two nines of your free suppliers, that's somewhere between disingenuous naivete and fraud.
What about when accounts are locked for users due to $reasons? What do those downtimes look like? I've heard enough horror stories to be wary of any one provider.
I hope that in the future, schools will also teach some basics of computer hygiene in IT classes, and how to behave on the internet.
Things like what internet services are, why backups are important, and how to practically do them, how to evaluate risks when communicating on the internet, how people are harmed on the internet (typical scams, phishing, running untrusted programs, ransomware,...), what privacy is on the internet, how to choose passwords, etc.
It would be wonderful if we taught people how to navigate the digital age. It would be similar to a driving course or personal finance. I know I had none of the above when I went through school, so I won't hold my breath, but I would support an initiative to provide more practical skills in school.
You're saying you never used service X, yet you would absolutely trust service X and assume that even when service X is out-of-businness, you can access data related to you.
That's very surprising to read, I'm exactly the opposite - own your data, don't trust any service, they always can go away, at any random moment.
This makes me wonder, what is more popular? Absolute trust or -ENOTRUST?
Edit since I can't reply: We're talking about durability of their mailing lists, not uptime. At least that's my intention. That Google/Amazon or MailChimp might experience downtime doesn't have any impact on the durability promises. I would also expect MailChimp (rather than all their customers) to do regular backups.
You absolutely have to consider TOS, account disablement, and other service provider-caused downtime.
And from what I've seen, no uptime calculation adds in account issues like this. And I'd really like to see how fast their resolution is.
But Mailchimp really should be making it easy for you to make your own mail backups!
(PS: We've been a customer for many years but migrated away lately)
I'm not sure why people keep trusting them given their track record.
Over the years, there are many articles on HN about Mails. And the general ( or even golden rule ) was not to setup your own server, it is too much hassle, waste of time. And just use something like MailChimp instead.
I think there might be a few mention for Mailgun, but most of the time it was MailChimp for recommendation.
And over the years NOT A SINGLE report or comment of their bad experience. It was all singing and praise.
Now something happened, and all of a sudden you get a huge flux of people mentioning it was similar to their own experience as well.
And this isn't the first time I see something like this. It wasn't until the ZOHO incident did people start telling their horror story about Namecheap and Godaddy.
Is there a psychological term for this? You knew it was bad, but you didn't tell your story then.
This is an extremely poor anti-spam "hueristic" (if it even deserves to be called that) and I would never do business with a company that handles anti-spam like this.
The last time it happened I'd created a "Mandrill" account while developing an app and just a few weeks before releasing it I got a notice saying "Mandrill has been acquired by MailChimp" and I would need to create a new account with MailChimp.
That was last straw for me using 3rd Party email services. I spent the next several weeks setting up a "MAIB" (Mail-in-a-Box) server on a DigitalOcean VPS.
Setting up that server on DigitalOcean had it's own hurdles I didn't see coming, one of which was my MAIB server IP was black listed before I even sent an email because it was running on the DO platform. I contacted DOs support and all they could offer was "We recommend you don't use DO for email servers". Apparently spammers find it appealing to do this too so some email services, like AOL, Hotmail, etc block everything coming from DO and require you request to be whitelisted.
Because of that it ended up taking a few more months to reveal and deal with all the issues that popped up and that was painful too. It ended up being worth the effort though.
It's been working great for over 2 years now and there are some additional benefits I'd not expected when I first started working on it. One of the biggest is MAIB has a built-in DNS server too. I didn't use it at first but after playing with it a bit I ended up moving all my sites over to it and configuring my desktop Mac to use it first.
Given the chance the only thing I'd do different is to set up my own email server before I ran into this kind of "Mailchimp" problem again (because my experience is it will) so I could work through those issues first and transition to it from a 3rd party service at my leisure.
It's not an easy slog, but MAIB made it a hellava lot easier.
DO has been great for everything else I hosted there, but they're a bad choice for a mailserver.
I won't say DO is a bad choice for a mailserver, nor a good one. I just did a quick search to see if that's changed in the past few years and came across "Helm", but that's not really a "good" option either.
The real problem is there is no "good" choice for a dedicated mailserver or service provider.
How many times does this story have to be posted for us as a user community to get some sense and stop relying on unaccountable cloud services to host critical data or perform critical tasks? It seems like a similar story gets posted every week. Back up your data, people, and whenever possible, self-host.
For every online account you have, ask yourself: what is the consequence of me permanently losing this account and all data associated with it? If the answer is “catastrophic loss” then FFS do something about it!
When I once travelled to Ghana, I discovered that because I was in Ghana, they blocked my entire account without warning.
I expect to finish it within a week or so.
shitty way to handle a pure profit easy paying customer
We were on a paid tier. In 2012 we decided to try sending our own email via arpReach + SES. Once we set this up we asked MailChimp how to pause our paid account. We wanted to stop sending email and return to a free account until we needed MailChimp again.
Their response was that there was no way to do that... I recall it being something like "we do not like" or "do not allow" customers to return to free accounts. You could either keep paying, or delete your account and everything in it.
We'd already moved our MailChimp-collected emails over to arpReach (on our own server). At that point, I just opted to delete our MailChimp account.
Everything was fine while we used them. But that strange incident left a really bad taste in my mouth; it was one I never forgot.
People's gmail/youtube accounts are routinely closed without prior notice.
So we need to know this is happening so we can plan accordingly. I'm glad I saw this today, we will be better prepared.
Public shaming works quite well on HN; I remember quite a few cases when the problem was solved very quickly by hitting the front page.
However, in this case I'd give MailChimp more time. It seems the author contacted them today. Maybe there is a reasonable explanation and they will provide it tomorrow?
I've been locked out of my Amazon and AWS account for more than two weeks despite numerous phone calls to Amazon support and desperate pleading on social media. "We are still looking into this matter for you." I could post some nasty blog post but I have really little faith it would get me anywhere.
She called Amazon support. The first person she talked to just told her to do all the things she had already done. She humored them by repeating the steps. She told the support person it wasn't working. The support person said she couldn't be helped because she wouldn't do the steps. My girlfriend asked to speak to someone else who could help her and the support person hung up on her. She called back and had to talk to two other people before she finally got someone who would help her. (Once she did, it was a process of about 30 seconds to resolve the problem!)
She received some gift cards from a couple of her clients and when she clicked the link, it credited them to the wrong account (the one with the wrong email). She had to call support again and although their solution was ultimately quick and simple it took another 30 minutes of nonsense on the phone to get there.
I cannot even sign into my Washington Post subscription. Thanks, Bezos!
Edit: Also, considering the author's fame, I expect public shaming on HN will work quite nicely.
Some simply delete complaints and block the people who left them...
The best way to get satisfaction (in the UK at least) seems to be to get a tabloid journalist involved....
Sent eBay a private message on both Twitter and Facebook. Facebook's was read and ignored.
Posted the complaint on their fb page wall. It was automatically deleted.
What worked was commenting on their post.
...but as normal user of email, I appreciate a heavy hand when it comes to email lists which mailchimp deems malicious or bad for its ecosystem. It's no secret that mailchimp maintains a high standard for the quality of lists and email it delivers. The common thread in these stories seems to be malicious actors, poor/spammy content, etc. So I'm not sure it's so bad?
Has anyone with a "typical" (e-commerce shop, saas newsletter, etc) mailchimp list been shutdown without notice?
I run an email marketing company called - SendX https://www.sendx.io and would be happy to help you in whatever way possible to get you up and running with Email Marketing again. Feel free to hit me up at email@example.com . Would personally ensure that our team helps you out with this asap.
Last week I had one of the best support experiences I've ever had with spotify through twitter DMs.
100% my own fault where I had signed up twice by accident by missing the "." in my email address and hadn't noticed I was being billed twice/month for 10 months.
A few questions over and back getting to the bottom of the issue and it was resolved within an hour and my €100 refunded in 3 days.
Maybe I'm just feeling reasonable after my experience with spotify, if it was my account deleted maybe I'd feel different or maybe its just the season of goodwill :-)
Also, MC did eventually respond. They refused to reactivate my account.
It appears MailChimp has a chat option for support on weekdays for paid users but since this hasn't been used, one would assume the poster is using a free plan - not exactly exemplary practice for handling anything "mission-critial".
FWIW, MC did respond, saying essentially that there is nothing they are willing to do, and that I need to create a new account. I have written them back asking if I will be able to access my old mailing list from my new account (obviously the answer to that is going to be "no" but I want to get it on the record). They have not responded.
Talking in public about the manner in which businesses conduct themselves is a good thing. It benefits businesses with good customer service and hurts those with bad service. More transparency is good for consumers and for businesses alike.
* Make sure to have a plan B for all service providers that you use for critical services.
* Make sure you have a secondary copy of critical data, and that you store it responsibly in case a provider does something.
That still doesn't excuse not informing the account holder, but given the short time that has passed, it is possible that task has ended up in someone's backlog.
I'd also add one item to your list: Proper monitoring (which is extremely difficult and time-consuming to set up). A plan B is useful if you know that you need to enact it. Here, the third party provider had silently caused an outage, possibly because they consider shadow bans more effective without considering that the same thing that makes them effective makes them extremely damaging when they're handed out incorrectly.
Shit happens from time to time in business and the normal approach is you connect and discuss by whatever SLAs you align to. You don't scream publicly sullying reputations unless you've given resolution a reasonable shot. Waiting less than 1 business day doesn't seem like giving resolution a reasonable shot. If it were my business, I'd fire this poster as a client.
This the kind of apologetics I can't stand. These things happen because businesses knowingly take actions that negatively affect a small percentage of their user base, but they just don't care if the percentage is small enough.
Software businesses enjoy extremely high gross margins, which means they can afford first-rate customer service. "Bad things happen" isn't an excuse.
But here's the deal, and this might be directly aimed at you, since you say you're in the field. As a home-user who works in the industry and with some interest for tech, I generally only get access to the free-tiers of services offered by players working at world-magnitude. Based on my experience with those services I may or may not advertise them to my friends, colleagues, employers. Especially to employers, because there's a good chance that if there's bad-blood between me and the service provider personally, I might be impaired in my professional activity.
This word-of-mouth type of adversiting is crucial to "2.0" companies, that function based on things such as scale, transparency, growth, reach, efficiency. There's also the different type of provider, the "old business" world, with more business-y and less tech-y practices, such as "call us for a quote" deals, "license per year per seat pe server core", etc. Dealing with them often times involves whole departments (legal + technical) with specific training and paid-for support channels.
If you release and roll perpetuum-beta services and software ("2.0" practice), build your brand on word-of-mouth advertising, on try-for-free honeypots for hobbyists (also "2.0"), don't act "old business" if it comes down to support for a puny user and don't push the "well, it was free, what would you expect?" button. The whole deal of your "we are awesome and scale as opposed to <brand that existed for more than 20 years and sucks just because of that>" is the fact that your machinery doesn't do politics and doesn't discriminate between your users based on estimated pocket girth. It's useless if your solution elegantly "scales" to billions of users, if your business can't secure and treat with dignity the first, lonely user.
Which is exactly what MailChimp failed to do, and what makes this an issue worth the treatment the OP has given it.
Created an account, verified my email address. Then i sent a test email to the same email I verified my MC account with.
Immediately, MC disabled my account's ability to send emails. My appeal to support was ignored and eventually, the account was deleted - banned.
So basically, if that person was a plumber, and a bath they installed worked perfectly, you'd now think maybe that was a fluke, because their professionality is "borderline questionable" (is that like borderline borderline, or questionably questionable?)
Yet you say you "don't scream publicly sullying reputations" -- so they're not professional, and now they're "screaming", both of which are things you are creating, while they're stating the cold facts, and they just don't happen to be flattering.
That you can be "professional" without being good, at all, just shows how meaningless that word is.