E-mail authentication services have arrived, and they’re taking hold fast. Both the Federal Trade Commission (FTC) and the Anti-Spam Technical Alliance (ASTA) of companies such as Microsoft, Yahoo, EarthLink, and AOL have made their positions clear: The next major step in the coordinated war on spam must address the fraud-prone nature of current email technology.
The email-processing industry agrees authenticating email is a good thing. The ability to conclusively determine where an email originated has advantages to both senders and receivers. An ISP can detect whether an email was sent from an authorized source and, thus, potentially bypass a few layers of content filtering, saving processing power.
It also enables ISPs to better identify and process abusive traffic coming into their networks. E-mail senders can deter fraudulent use of their domains and begin working with accreditation services such as Bonded Sender and Habeas to help assure deliverability.
Sender ID combines SPF and Microsoft’s Caller ID standards. The system allows a domain owner to specify in its published DNS records the mail servers authorized to send email from that domain. During the email transaction process, the receiving server looks up the DNS information for the domain the mail purports to be from and makes sure the origin IP address is authorized. If attempted forgery is detected, the receiving server can tag the email as suspicious or reject it.
AOL has endorsed SPF and is asking current and prospective members of its whitelist to set up SPF records. AOL is targeting late summer to begin checking for SPF information. The merger of SPF and Caller ID means Microsoft’s MSN and Hotmail will soon get on board.
Yahoo’s DomainKeys helps ensure both sender and message content. The program is analogous to a notary public: A cryptographic key ensures the message was sent by the domain in the sender field and wasn’t altered or tampered with in transit. With DomainKeys, a sending server “signs” the message with a key string, attaching it to the email’s header information, and publishes a public key in its DNS information. The receiving mail server can compare the key pair to determine authenticity. Upcoming support for DomainKeys is expected for two of the most popular mail transfer agents, Sendmail and Qmail.
Authentication alone won’t solve the spam problem, but it’s an important step in identifying an email’s source, thus separating email from legitimate marketers who wish to be identified from spammers who work to evade both laws and filters. Making these distinctions will help make spamming more difficult for those who practice it and increase trust in email communication.
For email marketers, authentication is quickly becoming more requirement than best practice. Fortunately, both proposed standards are fairly straightforward to implement and are gaining in adoption.
Want more email marketing information? ClickZ E-Mail Reference is an archive of all our email columns, organized by topic.
Nominate your favorite product or campaign from July 7 through close of business July 14.
Industry experts say AI and machine learning will revolutionize email marketing. From self-running campaigns to clairvoyant customer insights, the hype is building. But is your marketing technology ready to deliver?
Many companies use SMS, email and push notifications to deliver updates to customers and stakeholders, and such notifications are especially important to publishers ... read more
Online presence requires a lot of work. Your team has to be keeping an eye on search rankings, competitors, security, web mentions, website performance, trends, and so much more. Here are five multi-purpose tools that can manage every aspect of digital marketing and save your team time and money.
Email marketing is nothing new, but as our ability to harness big data improves, so does email’s potential as a marketing channel. In this article, we discuss data-driven personalization, what it means for email marketing, and how to deliver 1:1 communications at scale.