At Thanksgiving time it's traditional to think about what we're thankful for. I've usually limited this practice to my personal life, but I thought this year I'd extend it to the email world. When I put the list together, I was surprised to find that my "thankful list" was probably not the most obvious list of things and focused a lot on the safety and security of email. Why is that?
At the gateway, email is a very bad neighborhood.
Over 85% of inbound messages are spam. Phishing attacks are up 30%- to % year over year. The brands being spoofed are much broader than in the past because the gain from the attacks has moved from just being about simple phishing of credentials. Alll it takes is for someone to click on a link to a malware-infested site to have their machine "owned" by the bad guys. This means more trusted brands are being spoofed.
So, why am I thankful? I'm thankful, because the inbox isn't a bad neighborhood. It's a place where we can communicate with friends, work colleagues, and the companies that we do business with (as subscribers to newsletters and promotions or through transactional mail). Spam in the inbox is far under 0.1% of messages in many systems. I'm thankful to all the people and technologies that make this the case, and make it possible for many of us to make a living in email.
Specifically, I am thankful for the following:
Anti-Spam Technology and Technologists -- I hate to imagine what my inboxes would look like if all anti-spam technology were removed. It would be an ugly place. My company works with a lot of anti-spam companies and anti-spam technologists. As a group, they are a passionate, committed group of folks that love email and have shown great ingenuity in fighting a very difficult fight versus a very clever adversary.
Email Authentication -- Although it's been slow to come, we're starting to see wider-spread adoption of email authentication, specifically DKIM. This will make possible (with and without other standards) the reduction of phishing and spoofing and will increase the level of trust in the email ecosystem.
Abuse Teams at Mailbox and Hosting Providers -- A lot of the spam and spoofing comes from compromised resources at ISPs, hosting providers and Web mail providers. However, there is far less spam than there would be if it weren't for the hard work of the abuse teams that look for this "outbound" abuse and shut it down at the source.
Compliance, Deliverability and Email Operations Teams at Email Service Providers -- An Email Service Provider could be a good place to send a lot of bad mail. However, ESPs generally do a good job of finding and stopping the abusers. In my experience, they are understaffed and underappreciated in their organizations, but are an important part of keeping the inbox a good neighborhood.
So, when I peek at my email between football games on Thanksgiving, I might just spend a few seconds thinking about the people who make it possible for me to do so.
Have a good Thanksgiving.