large email senders
Email authentication refers to a process (or processes) that enables those that actually put emails into people's inboxes (the ISPs and email providers) to verify the alleged identity of the email sender. Email authentication allows an ISP to be pretty certain that an email purporting to be from bigbrand.com really does come from bigbrand.com. What are the issues here? Once an ISP or email provider has the capacity to verify the authenticity of the sender, they have another criteria on which to judge whether they should deliver that email or how they should tag that email when it is delivered. And there's more than one authentication process. Messy! An SPF record is a single TXT entry in the DNS database for each domain. TXT entries have been standard record types in DNS since DNS was developed. SPF has a number of mechanisms defined in the SPF draft standard, but SPF is so flexible and extensible that new mechanisms can be implemented without having to rewrite the standard. But don't let that mislead you into false security. ISPs and others are a long way down the road to agreeing on common standards. And most major ISPs and email providers are already implementing authentication processes. Current status Get Google Gmail. Google Mail, aka Gmail, is a relatively new contender in the email reader market, free or otherwise. The problem is, you either have to be invited or use your mobile phone, with text messaging capability, to sign up, if you live in a select country (Australia, Indonesia, Malaysia, New Zealand, Philippines, Singapore, Thailand, Turkey, United States). It's a strange list of countries, and the ones not included are as much a surprise. But if you can manage to get a Gmail account, it's worth it. It's an incredibly effective webmail system. Now is the time for SPF. SPF allows an Administrator of an Internet Domain to specify which machines are authorized to transmit e-mail from that domain. SPF makes it more difficult for spammers to send spam, because if they email sender forge a "From" address from an address that implements SPF, receivers that implement SPF will ignore the e-mail. A recent report from the Email Sender and Provider Coalition showed just how many ISPs already tag emails based on authentication data and/or use this data within their email filtering approach. At the moment, for example, Yahoo, Hotmail and Gmail tag authenticated email as such and/or tag non-authenticated email as not verifiable. Additionally, an Ironport study discovered that 35% of all emails are already sent using the popular Sender ID authentication standard, and 9% use DomainKeys Identified Mail (the other popular standard). The same study showed that 75% of all Fortune 100 companies use Sender ID for their marketing-related email and 45% use DomainKeys. In other words...authentication is already playing a role in email sender delivery and labelling. And it's well on the way to achieving the critical mass that allows all ISPs to start acting on non-authenticated email.