Links Sept 29, 2011
Al Iverson has a post up about his experiences with customers who try to acquire email addresses through appending.
J.D. Falk has a post up about the history of DKIM.
Al Iverson has a post up about his experiences with customers who try to acquire email addresses through appending.
J.D. Falk has a post up about the history of DKIM.
How many readers have ever submitted an email change of address form? How many readers even know where to go to submit an email change of address form?
And I’m not talking about going to a particular retailer and saying “change my email address” I’m talking about using one of the companies that offer email change of address as a service. Where do they get their names and email addresses? I sure don’t know.
How many readers have actually purchased an email change of address service for one of your mailing lists? Do you know where the addresses came from?
I’m wondering how many people buy email change of address services, but have zero clue how to sign up for them. I mean, I know, you can go to FreshAddress or Experian and get ECOA services. But I don’t know how to tell either of them that I want to be included in their ECOA services.
So how do consumers get to be on a change of address list? And how opt-in is their participation?
One reason I ask is that a number of my clients have stumbled into serious delivery problems recently. Investigation generally points back to the ECOA service they used. So I’m wondering how actively and knowingly consumers are using ECOA services.
We’re iced in here in DC so I’ve been catching up with some industry news while camped in front of a heater and the TV.
Best of the ESPs by Forrester Research. Congrats to ET and Responsys for coming out on top. The results, as reported by MediaPost, match reasonably well with my overall impressions of the industry (so they must be right!)
Return Path is rolling out a new version of SenderScore. A welcome change for those of us who regularly refer to an IP’s sender score and find it doesn’t match other data.
CAUCE has done a series of posts looking back at significant events in spam over the last decade.
Al has a retrospective on various data breaches affecting email addresses over the last few years.
Happy New Year, everyone!
Yesterday Gmail rolled out some changes to their interface. One of the changes is that they are now showing end users authentication results in the user screen.
It’s really the next step in email authentication, showing the results to the end user.
So how does Google do this? Google is checking both SPF and DKIM. If mail is authenticated and the authentication matches the from address then they display the email as:
If we click on “details” for that message, we find more specific information.In this case the mail went through our outgoing mailserver to gmail.
Mailed-by indicates that the message passed SPF and that the IP address is a valid source of mail from wordtothewise.com.
Signed-by shows the domain in the DKIM d=. In this case, we signed with the subdomain dt.wordtothewise.com. That’s what happens when you sign using the domain in the From address (or a subdomain of it).
For a lot of bulk senders, though, their mail is signed using their ESP’s domain instead. In that case Gmail shows who signed the mail as well as the from address.
And when we click on “details” for that message we see:This is an email from a sender using Madmimi as an ESP. Madmimi is handling both the SPF authentication and the DKIM authentication.
As an aside, this particular sender has a high enough reputation that Gmail is offering me an unsubscribe option in their interface.
Gmail is distinguishing between first party and third party signatures in authentication. If the mail is authenticated, but the authentication appears to be handled by a separate entity, then Gmail is alerting recipients to that fact.
What does this mean for bulk senders?
For senders that are signing with a domain that matches their From: domain, there is no change. Recipients will not see any mention of your ESP in the headers.
However, if you are using an ESP that is signing your mail with a domain they own, then your recipients will see that information displayed in the email interface. If you don’t want this to be displayed by Gmail, then you will need to move to first party signing. Talk to your ESP about this. If they’re unsure of how to manage it, you can point them to DKIM Core for an Email Service Provider.
Gmail blogpost about the changes
Gmail help page about authentication results