May 26 2004

SPF and Caller ID for Email Merge – What Does This Mean?

Yesterday’s announcement that Microsoft is going to merge its nascent Caller ID for Email authentication standard with the more populist Sender Policy Framework (SPF) is an interesting development in the war on spam.

But what does it really mean?

It means that sender authentication is headed towards a standard. Where once there were three, now there are two (Yahoo Domain Keys is another standard, although it’s still a little unclear whether it’s competitive or complementary).

Authentication is an important component of the war on spam because it allows ISPs and other email receiveing servers to verify that the sender of the email is who he says he is. Spammers don’t do that.

But authentication is only one facet to the war on spam. The others, at least the way we see them at Return Path, are (in no particular order):

Reputation: Proving you, as a mailer, are a good guy. Low complaints, good email capture policies, working unsubscribe, proper server configuration, and a host of other components.

Monitoring: Understanding how your mailings fare in the real world. Are you being blocked? Filtered? Blacklisted? Greylisted? When? Where? By whom? And most important, why?

Best Practices: Making sure you’re doing things the right way as an emailer, attacking the root causes of complaints and blocking, creating email programs that not only work economically, but work socially as well.

Payment: Ultimately, although I’m not sure what form it will take, someone will have to eliminate the economic free ride problem that created spam in the first place. Translation: mailers will probably have to pay something, to someone, to guarantee delivery.