Inbox.
All About Email - The Last Word in Email Publishing

Wednesday, August 15, 2007

The other side of spam

We all get spam, some more than others. Upcoming legislation in NZ, originally aimed at preventing spam, will simply prevent spammers from operating in NZ - it will not diminish the volume of spam we receive.

So what will?

For legitimate email marketers and publishers, spam is a problem in that due to ISP and desktop filtering practices, quite often our emails get blocked or filtered even when the recipient is dying to receive it. So we have a commercial and conceptual interest in diminishing spam.

In the USA, where email is a sophisticated and specialist discipline, Authentication is catching on. 44% of all emails are sent using either Sender ID or Domain Keys, the two main standards of authentication.

Put simply, Authentication ties the senders IP address to the domain name used - thus preventing spammers from pretending to be abc@bigbrand.com or whichever well known name they hide behind. So this would enable ISPs to eliminate a great deal of spam, and all phishing emails at source.

Then there is the perspective of legitimate email marketers and publishers; using authentication, ISPs can whitelist proper email senders - so that all legitimate emails get as far as the desktop.

Senders of bulk email who were not whitelisted could be identified and encouraged to demonstrate their legitimacy so that they could be whitelisted too. After a while, any bulk sendouts which were not authenticated and whitelisted could also be blocked at source until such time as they either stopped emailing, or adhered to the ISP standards.

The Unsolicited Commercial Messages Act states that it is merely one of a number of measures that will fight spam, and stresses the importance of self regulation amongst the email industry.

Authentication is a relatively cheap and simple solution to implement, yet when asked Xtra, Ihug and Clear all said it was "too hard".

So next time you miss a really important email because your ISP guessed it might be spam, remember, ask them to adopt authentication.

1 comment:

Craig said...

Adoption is now surpassing 50% as measured worldwide for non-spam, legitimate email including both Sender ID (SIDF) and DKIM authenticated email. SIDF (which per the IETF includes SPF) is now at 47% and DKIM/DK is approaching 10%. About a 7-8% overlap of senders adopting both. The next step is to apply reputation data and improve the polices pertaining to senders records / signing.

Having definitive records provides receiving networks a higher confidence to accept delivery and to curb spoofing and band abuse leading to phishing on other forms of messaging abuse.

More info is at www.aotalliance.org