Commentary
Authentication And Online Trust Summit
- by editor , David Baker , April 30, 2007
Thanks to Len Shneyder, director of partner relations & industry communications at Pivotal Veracity, for writing this very timely update.
AOL & AIM. Not much new to report except that they plan to incorporate Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) into the reputation model in the coming months. By late summer they hope to be actively using both as a means of authentication and reputation checking for connecting IPs as an added data point to help them determine the final disposition of email. As is always the case, they advocate being responsible with your sending patterns and trying to limit your email to "active" customers who have purchase patterns or some form of response-based relationship.
advertisement
advertisement
Comcast. Ninety-one percent of all inbound email to Comcast, the largest broadband provider in the United States, is flagged as spam. Comcast monitors the quantity of hard bounces, specifically unknown users, sent to their domains. They use this as a measure of list quality and maintenance. By the end of the year, Comcast announced, they will adopt DKIM as an extension of their reputation check, in addition to launching a feedback loop.
MSFT, Hotmail, Windows Live Mail. Hotmail receives 4.5 billion emails a day, of which 90 % is flagged as spam. Statistics show that 35% of all spam today is "image spam," or messages comprised solely of one or multiple images. Microsoft advised mailers to use the hard fail flag in their SPF/SenderID records (-all), in addition to covering every sub domain with its own SPF/SenderID record. If you are lost at this point, contact your ESP or one of the delivery auditing companies and they can help you understand how to set this up. It is important to note that IPs sending a low volume of email at infrequent intervals will most likely be flagged as "suspect" by this filter as they have similar characteristics to spammers. Because of this, new IPs with no mailing history will have a harder time getting their email to even the junk mail folder. Microsoft is relying heavily on an IP's mailing history as one aspect of reputation in order to determine where email should be placed. Further insights from Microsoft personnel included information on mailing volumes: It's better to email smaller volumes more often rather than larger volumes at infrequent intervals. Consistent mailings of 5-10K emails per day have been documented as performing well.
Implications. ISPs use a variety of filters, including third-party filters, blacklists, whitelists, reputation metrics, volume filters, and content filters. There are many reasons your message may not make it to the recipient's inbox. Reputation metrics consist of one or all three of the following, depending on the ISP: spam complaints (the number of recipients complaining you are spamming them); unknown user bounce rates (bad addresses), and spam traps (emails you send to email addresses harvested from the Web or purchased). Managing feedback loops (spam complaints), good bounce management (removing bad addresses), and carefully governing your email acquisition methods will remain crucial to sustaining a good delivery reputation with the ISPs.
Authentication will become increasingly important as well. If you are not already authenticating with a combination of SPF, SenderID, and DKIM now is the time to get started. Whereas Microsoft adopted SenderID, many others adopted a combination of SPF + DKIM or SenderID + DKIM. Yahoo is even requiring DKIM in order to sign up for their feedback loop (spam complaint reporting).
I've published an extended version of this article with comments and links to some valuable sources and partners that you may find useful, on my blog.
