ESPC to Work with Accreditation, Reputation and Accountability Services

The E-Mail Service Provider Coalition (ESPC) has formed a vendor relations committee facilitating communication between senders and third-party vendors that deliver email accreditation, reputation and accountability services.

News of the committee came the same day Microsoft formally announced plans to blend two email accreditation proposals, its own Caller ID for E-Mail and the Sender Policy Framework (SPF). The plans were first reported in ClickZ News last week.

And earlier this month, Microsoft trumpeted success of IronPort Systems’ Bonded Sender reputation program on the MSN and MSN Hotmail platforms. The company will be using IronPort’s Bonded Sender reputation service for its outgoing emails to its multitude of email newsletter lists as well.

The ESPC’s vendor relations committee’s first initiative, just completed, is an in-depth analysis of the Bonded Sender Program.

“We worked closely with Bonded Sender for many months to provide feedback,” said Joshua Baer, CEO of email service provider Skylist and co-chair of the committee. His fellow co-chair is Dave Lewis, VP of deliverability management and ISP relations for Digital Impact.

“We did an analysis across many sizes of sender and many types of mailing — transactional, business to business, business to consumer,” said the ESPC’s Margaret Olson. Olson is CTO of Constant Contact, an email marketing management tool for small businesses.

“The analysis found that not having identity other than IP address is a problem,” Olson said. “Not having sender identity limits the program to either services such as Constant Contact with very sophisticated and automated back offices, or to very large senders using dedicated IP addresses.”

According to Olson, “the analysis also found some issues with the bonded sender volume and complaint estimates; Bonded Sender will be working to address these,” Olson said.

The ESPC has said it will use Bonded Sender with Project Lumos. This is a multi-year blueprint conceived by the ESPC in early 2003 to change the architecture of email to block spam while protecting legitimate email marketers.

The vendor relations committee has also been evaluating specific authentication proposals, according to Olson. The ESPC’s technology committee tested and evaluated the authentication proposals Microsoft and SPF recently decided to merge, Olson said. The ESPC provided feedback and suggestions to Microsoft and SPF.

“The ESPC represents senders ranging from small businesses and associations to the Fortune 500 companies, so we are able to organize a good cross-section of sender profiles for testing,” Olson said.

Authentication programs such as the soon-to-be-combined Caller ID for E-Mail and SPF fight spoofing, phishing and spam. These programs address the issues of forged “from” email domains. “Right now, people don’t open email from their favorite stores because they don’t have the confidence it’s really them. It’s critical to marketers to preserve the value of email,” said Olson.

Under the merged proposals, organizations would publish information about their outgoing email servers, such as IP addresses, in the Domain Name System (DNS) using standard XML format.

The new program would make it possible for receiving systems to test for spoofing at the message transport (envelope) level, originally an SPF proposal, as well as in the message body headers, originally a Caller ID proposal.

“Solving spam and preserving the value of the inbox is critical to our businesses, but we recognize that we can’t develop the solutions,” Olson said. “So we will continue to advocate, publish blueprints, and work with the proposal authors. Depending on how you look at it, ESPC members send upwards of 25 percent of the legitimate email on the network. This gives us a very good perspective on what will work, and also a convenient place for others to gather feedback.”

Related reading