One analyst asks if certifying 'good' email is enough; senders may be missing an opportunity to further help consumers.
Posted Feb 7, 2006
The Internet Stamp Tax urban legend has become reality--sort of. America Online and Yahoo! plan to charge businesses a fee to deliver bulk mailings to customers. The fee, a per-message charge of .25 cent to 1 cent, amounts to an electronic postage stamp that guarantees compliance with CAN-SPAM, and certifies the sender's message as authentic. The certification is being made possible through partnerships with technology provider Goodmail Systems, announced in October 2005. AOL has started its charter program. Yahoo! will begin testing its certification program in the coming months.
"This is about creating a new class of email: certified email, a way to protect consumers from spam and phishing attempts," says Richard Gingras, chairman and CEO of Goodmail. "We give senders the ability to add cryptographic coding to messages that AOL and Yahoo! can identify as certified, and route it straight to the users' inboxes. Certification, according to Gingras, is different from the providers' whitelisting efforts, which do not provide the seal of approval that certification does. Goodmail will announce functional enhancements, as well as partnerships with more ISPs, in coming months.
Despite assurances from the partners that ISPs will continue to accept email from senders that have not paid the fee, some analysts see the initiative as a potential source of friction. "Goodmail will impose a tax on commercial senders, if they wish to have first-class delivery to AOL users' inboxes," says Richi Jennings, lead analyst for Ferris Research's email security practice. "Some senders will object to being held to ransom. The danger to Goodmail and AOL is that one of the big senders will be big enough to encourage AOL users to use a different email service." Alternatively, Jennings suggests senders may instead put more emphasis on their own portal messaging systems, like Ebay is beginning to do, sending short text-only messages to users telling them to check the Ebay site for the full email.
Furthermore, certifying good messages isn't enough, Jennings says. "Goodmail and other companies have the technology to warn users that a message is phish, for example, but don't. If a Russian mafia gang sends [your mother] some email pretending to be her bank, Goodmail says nothing--even though they should be fully capable of popping up a big red, flashing warning. The lack of phishing warnings is a huge missed opportunity, both for consumers and for Goodmail's customers. Neither you, your mom, nor her bank want to be fooled by criminals."
It's clear that certification is a step in the right direction. "The inbox is a dangerous place," Gingras says. "People have an impossible time determining the validity of their incoming email. There is a desperate need for authentication."
The FTC Cans Spam
Email Authentication: A Report From 2005's Summit
AOL Tightens Its Phishing Net
Sponsored By: Marketo and Real Magnet
Sponsored By: Genesys, Avaya, Verint, and Aspect
Sponsored By: Informatica