Domain Assurance by Return Path

As often happens during MAAWG, email companies are announcing new products. One of the interesting ones is the new Domain Assurance product from Return Path.

Domain Assurance […] first audit[s] a company’s email streams to be sure authentication has been properly implemented. Then, the company’s domains are added to a registry. Participating ISPs can check the registry and block any unauthenticated emails coming from the domains found there. Return Path provides on-going checks for authentication accuracy and alerts participating companies any time their brand is phished or spoofed.

While this type of authentication won’t solve phishing, it is a tool to help protect end users from malicious mail.

HTML in email
My ISP might get blacklisted

Related Posts

You must be present to win

Guest post by Phil Schott
I often have the pleasure of putting my four year-old son to bed at night and I’m usually exhausted afterward. It’s a never-ending string of questions and admonishments that goes something like this,
“Daddy, is it a stay-at-home day tomorrow?
“No, Joe, tomorrow is a go-to-school day, it’s Tuesday. Joe, stop talking and go to sleep and please stop picking your nose.”
“Daddy, how long until the Easter bunny comes?”
“A few weeks. Now, go to sleep and stop picking your nose, Josef.”
“Dude, what did I say about picking your nose?”
“Sorry daddy, I can’t help it. It’s my job.”
“Daddy, When’s it going to be my birthday?”
“Joe, you’re not going to live to see your birthday if you don’t stop picking your nose and go to sleep.”
Lather, rinse, repeat for about 10-30 minutes every night. Same questions, same answers, always picking his nose.
In retrospect it seems funny and maybe sweet, but it never does at the time and the thought of doing it all over again tomorrow night makes me want to run out screaming.
However, I realize that if not me, who? Who’s going to tell Joe to stop picking his nose? Who’s going to answer his questions? I have to. It’s my job. If I want to be his dad, that’s what I’ve got to do. If not, then I don’t get to be his dad, I don’t get to be part of his life, and I don’t get to be part of my family.
There are folks in our industry just like Joe and me–those who never seem to get it, those who ask questions over and over, and those who tire of answering the same questions.
I’d like to thank those who answer those questions over and over. Folks like Al Iverson, JD Falk, Mickey Chandler, Greg Kraios, Ken Magill, Laura Atkins, Steve Atkins, Karen Balle, Annalivia Ford, and many others who deserve to be on this list.
I’ve only been in deliverability for a few years and I’d be nowhere if these folks hadn’t answered my dumb questions, posted their thoughts, shared their knowledge, and told me to stop picking my nose on occasion.
It pains me though to read from time to time the ranting of those in our industry who want to decry the dumb marketer, give up, and take their ball home. It’s a shame, but that’s their right and their decision. However, they then don’t get to be part of the community. They lose the effectiveness to tell a dumb marketer to stop picking his nose. They become a washed-up, has been, curmudgeon with no voice. Like with my four year-old son, if I want to be a part of the deliverability community I’ve got to stick it out and deal with it. You have to be present to win.
In her post, A very young industry, Laura Atkins of Word to the Wise quotes ExactTarget’s Joel Book as stating that less than 20% of those in email marketing have more than two years experience. Yes, it’s an industry full of four year-olds. If you’re one of those in the know are you going to bemoan this fact that’s beyond your control or are you going to work to make the community you’ve helped build a better place? You absolutely can choose to move on. We will miss you and I wish you the best of luck. But either keep helping out as you’ve expertly done or get out of the way. Don’t take cheap shots at those trying to do the right thing and trying to do some good work.
For those of you tired of answering the same inane questions you’re fooling yourself if you think the folks who really need to hear your message are reading. They’re not. And they’re going to keep on asking their inane questions until somebody helps them out. I choose to help them out. I choose to be part of the community. I choose to be present.
A big part of the issue is how daunting it can be to ask for help without the risk of appearing the fool. There are far too many folks in this business of deliverability who are more interested in proving how smart they are and selectively sharing knowledge than they are in helping raise the overall level of consciousness and enlightenment.
If you want the idiots and fools to go away then help them become something more. Help them like no one helped you when you started out. With much effort, time, and frustration, I could pick through five years of your blog posts to find the one bit of information I need, or you could give me the URL to the post that will reveal all. I’m not asking you to spoon feed me, I’m just asking for a little help. There’s no books on this stuff and you can’t go to school to get your BA in deliverability. All we’ve got is each other.
Phil Schott has been handling delivery and compliance for a major ESP for the last 3 and a half years.

Read More

MAAWG SF

Blogging will probably be light next week. Steve and I are both headed to MAAWG SF. Steve will be presenting training on Monday and at one of the later sessions, too. I managed to get out of having to work this conference, so no presenting for me.
We’re both looking forward to seeing everyone. Drop by and say hi.

Read More

Who can you trust?

I’ve been recently dealing with a client who is looking at implementing authentication on their domains. He’s done a lot of background research into the schemes and has a relatively firm grasp on the issue. At this point we’re working out what policies he wants to set and how to correctly implement those policies.
His questions were well informed for the most part. A few of them were completely out of left field, so I asked him for some of his references. One of those references was the EEC Email Authentication Whitepaper.
My client was doing the best he could to inform himself and relies on industry groups like the EEC to provide him with accurate information. In this case, their information was incomplete and incorrect.
We all have our perspectives and biases (yes, even me!) but there are objective facts that can be independently verified. For instance, the EEC Authentication whitepaper claimed that Yahoo requires DKIM signing for access to their whitelist program. This is incorrect, a sender does not have to sign with DKIM in order to apply for the Yahoo whitelist program. A bulk sender does have to sign with DKIM for a Y! FBL, but ISPs are given access to an IP based FBL by Yahoo. I am shocked that none of the experts that contributed to the document caught that error.
Independent verification is one reason I publish the Delivery Wiki. It’s a resource for everyone and a way to share my knowledge and thought processes. But other experts can “check my work” as it were and provide corrections if my information is outdated or faulty. All too often, senders end up blaming delivery problems on evil spirits, or using “dear” in the subject line or using too much pink in the design.
Delivery isn’t that esoteric or difficult if you have a clear understanding of the policy and technical decisions at a range of ESPs and ISPs, the history and reasoning behind those decisions, and enough experience to predict the implications when they collide.
Many senders do face delivery challenges and there is considerable demand for delivery experts to provide delivery facts. That niche has been filled by a mix of people, of all levels of experience, expertise and technical knowledge, leading to the difficult task of working out which of those “experts” are experts, and which of those “facts” are facts.

Read More