The ins and outs of anti-spam technologies -- in layman’s terms.
I admit it. Not too long ago, I understood the concept behind SPF (define), Sender ID, and DomainKeys, as well as the importance of them. But the subtleties of each eluded me. That was before Rick Buck, director of e-media and privacy/ISP relations at e-Dialog, was kind enough to translate the tech-speak surrounding these terms into plain English even a marketer could understand.
SPF, Sender ID, and DomainKeys are relatively new technologies on the cutting edge of the fight against spam and false positives. False positives, basically legitimate email messages mistaken for spam, are one of the biggest issues facing email marketers.
The goal of all these technologies is to verify a message’s sender is who he says he is. Falsifying sender addresses is a common practice among spammers. The logic: if you make it harder for spammers to hide their identities, it’s easier to hold them accountable for the email they send. This may discourage their efforts.
Though these technologies aren’t silver bullets for stopping spam, they should help diminish false positives. They’re the first steps toward a technical solution to spam, combined with reputation, authentication, and accreditation technologies.
The three technologies are somewhat hierarchical. SPF provides the most basic level of authentication. Sender ID takes it a step further, while DomainKeys offers an additional verification level. SPF is already used, most notably by America Online, to filter spam.
SPF, once known as sender permitted form, works by looking at an incoming message’s sender address and the server sending it. If the server is authorized to send email on behalf of the domain name in the sender address, the message gets through. If not, it’s filtered as spam.
SPF relies on what’s called the "envelope address," the sender address appearing as the "return-path" in the email header. It only looks at the domain name (the portion of the address after the "@"), not the complete address. SPF doesn’t confirm the message came from a specific user at that domain name, only that it came from that domain name’s server.
To get through SPF filters, senders must publicly identify servers authorized to send email from their domain name in their DNS (define) record. It’s not a time-consuming, difficult, or costly endeavor. If you send email from your own server, your IT folks should be able to handle it. If you use an email service provider (ESP) to send your bulk email, they should handle this for you.
You can also use SPF to decrease the amount of spam you receive. It’s simple for your IT folks to implement this, and there are lots of online resources to help (a few are listed at the end of this column).
If you use SPF, you won’t be alone. All the major ESPs use it, as do most major ISPs. Additionally, hundreds of thousands of organizations that send email have already published SPF records.
There’s an additional benefit to publishing your SPF record. You know all those bounces you receive from spam email that appear to be from your domain but aren’t? An ISP filtering with SPF technology won’t send them to you. It "knows" the message didn’t originate from your server.
By enabling SPF technology on your sent and received email, you’re doing your part to take email back from spammers.
SPF isn’t perfect. Many legitimate email marketers have already published their SPF records. So have many spammers. Those spam messages are authorized via SPF just as legitimate messages are.
There’s some controversy around SPF. As a traveler, I worry about tying my domain name to a single server. I use my own ISP to send mail when I’m home, and I use a patchwork of networks provided by hotels, clients, and my home away from home, Starbucks, to send mail when I travel. There’s no way to submit SPF records for all these locations and servers, especially the ones I haven’t yet visited.
SPF also appears to be incompatible with forwarding email, among other things. Still, I support SPF. I’m confident kinks like these will eventually be worked out.
This is just the tip of the SPF iceberg. If you want to learn more about the benefits, drawbacks, and details on implementing SPF for sends or as a filter, there are many resources. Wikipedia offers a good basic background and more details on the downsides of SPF. AOL does a good job of laying out SPF’s benefits, especially as they pertain to its white list. Pobox.com has more information and a wizard to help you publish your SPF record.
Next: Sender ID, which many view as an improvement on SPF but not yet perfect. Future columns in this series will discuss DomainKeys and some of the other technologies that tie delivery to reputation, authentication, and accreditation.
Want more email marketing information? ClickZ E-Mail Reference is an archive of all our email columns, organized by topic.
Twitter Canada MD Kirstine Stewart to Keynote Toronto
ClickZ Live Toronto (May 14-16) is a new event addressing the rapidly changing landscape that digital marketers face. The agenda focuses on customer engagement and attaining maximum ROI through online marketing efforts across paid, owned & earned media. Register now and save!
Jeanne Jennings is a 20 year veteran of the online/email marketing industry, having started her career with CompuServe in the late 1980s. As Vice President of Global Strategic Services for Alchemy Worx, Jennings helps organizations become more effective and more profitable online. Previously Jennings ran her own email marketing consultancy with a focus on strategy; clients included AARP, Hasbro, Scholastic, Verizon and Weight Watchers International. Want to learn more? Check out her blog.
Marketing Apps for Landing Pages White Paper
Marketing apps can elevate a formulaic landing page into a highly interactive user experience. Learn how to turn your static content into exciting marketing apps.
Redefining 'Mobile-Only' Users: Millions Selectively Avoid the Desktop
A new breed of selective mobile-only consumers has emerged. What are the demos of these users and how and where can marketers reach them?
March 19, 2014