And, as a sender of authenticated email, you're contributing to a positive reputation for your emailing practices. This has benefits for other deliverability hurdles where reputation plays a role.
But it's not a global panacea to the spam problem. Remember: all authentication does is verify that the alleged sender is the actual sender. It says nothing about whether the email is solicited or unsolicited, opt-in or opt-out, spam or a personal message from mom.
You'll find explanations of why each one is good, how they work, and how you implement them (not that I understood much of that bit, hence the recommendation to enlist appropriate help) at these two sites:
* The DKIM page at email sender (DKIM also requires changes to your outgoing emails, as well as to domain name records)
* The Sender ID page at Microsoft
I would also advise browsing the deliverability archives for articles on authentication and implementation help. To reinforce my point about getting help, here's an article covering some of the pitfalls of implementation.
As standards are refined and authentication spreads, the process required to implement the standards for your emails will undoubtedly get simpler.
So it's just one step on the road to a pristine email system.
OK, so how does it work? How do we implement it?
Unfortunately, there is no one universal authentication system in place. But competing standards follow similar principles.
Basically, it involves your domain name records. This is the formal information associated with your domain name.
You can modify these domain records to indicate which IP addresses (think of these as particular machines at particular locations) are allowed to send email on behalf of your domain.
When an ISP, for example, gets an email sender purporting to be from a particular domain, it can check these records and identify which IP addresses are allowed to send email for that domain.
It then compares the physical source of the email with the records. If the sending IP address is on the approved list, the email is authenticated. If not, it's not.
This is a simplistic not-totally-accurate description, but it will do for us marketers.
The important point is this: you need to modify your domain name records so that ISPs have something to refer to when attempting to authenticate your email.
If they find no appropriate entries in your record, then they cannot authenticate your email.
You may also need to modify the information sent with your emails to support authentication, too.
And this is where most marketers run into a brick wall. Me included.
How do you modify and publish a domain name record email sender. Where is it? What exactly do you need to put in it? What else do you need to do? Which standard do you follow?
This is, if you'll forgive me, an issue where you probably need to enlist the help of an IT expert or your list host and email service provider.
They have the know-how to help you with this process.
Standards
For the record, there are two authentication standards that seem to have established themselves and you would be wise to follow the requirements of both.
These two are Sender ID and DomainKeys Identified Mail (DKIM).
Another standard you'll see quoted is SPF, which is incorporated within Sender ID as well. So you only need worry about the latter.
Anyone who has seen the film, or reviews of the film, know that this is very much an accurate description of the main theme of the film. Should that mean that people who requested our newsletter should not receive it? I think not. I hope not!
Most email sender authentication systems rely on those who own domains to publish the servers or e-mail addresses from which legitimate mail from that domain can be sent. These lists of legitimate address-domain correlations are than checked when a message arrives. If the sending address matches the address that is related to that domain in the list, it is authenticated. If the mail came from a server that is not listed by the domain owner as a legitimate sender for that domain, authentication fails.
* Addresses were deliberately reported as spammers when they aren't. What better way to disrupt the life of someone you don't like than to get his name on the spam blacklists so his mail won't get through to his friends and business associates?
* Entire domains were blocked as spam sources when only a single user from that ISP sent spam.
* Spammers forged the addresses of legitimate users as their return addresses, and the legitimate users' addresses ended up on the blacklists.
I think many of the ISPs go beyond attempting to detect legitimate vs. illegitimate email into the realm of moralistic filtering. Basically they’re trying to ensure that no one is offended. OK great I get that, totally cool. Except when that email that is being sent to someone has been legitimately requested by them. I think it’s the receiving ISP’s responsibility to ensure delivery of email which people have actively requested AS MUCH or even more than ensure they don’t get what they don’t want.
To protect MSN and Hotmail users from phishing and spam, Microsoft uses Sender ID to validate the origin of an e-mail message. By verifying the IP address of the sender against the owner of the sending domain, Microsoft can identify unauthenticated messages and divert them to junk e-mail folders. Making sure that your SPF record is up-to-date will assure that Sender ID will validate your messages, and that they will get through to Hotmail and MSN users.
DomainKeys is a different kind of authentication using a cryptographic signature to verify both the domain of each email sender and the integrity of the messages sent (i.e., that they were not altered during transit). Yahoo! employs the DomainKeys approach, which alerts recipients whenever the identity of email senders cannot be verified. Read more about it on Yahoo's DomainKeys page.
Imagine if ISPs applied the same filtering rules they used for email to people’s surfing under the guise that they were trying to protect them from malicious sites. People would switch in a heart beat to ‘unfiltered’.
My biggest hope honestly is that all the major ISPs integrate RSS into their email systems, so that we can stop sending email all together and just use RSS to deliver our information. Already our main DVD Talk RSS list is at 85% the number of subscribers that our email newsletter is and my hope is that we’ll surpass it this year.
We’ve even added a blurb to the bottom of each newsletter asking people to sign up to the RSS feed.
Life is such that soon after someone comes up with a good thing, someone else comes up with a way to ruin it, and e-mail is no exception. Spam or UCE (unwanted commercial e-mail) has proliferated out of control. Literally thousands of spam messages flood into the typical company's mail server; luckily, good spam filtering software can prevent most of them from finding their way to users' mailboxes. Laws have been passed with the goal of curbing the spam tide, but they are difficult to enforce, in part because spammers often disguise the real source of their messages by forging return addresses and e-mail headers.