|
The recent Email Authentication Summit in Chicago made it clear that more email senders and receivers are adopting authentication as the first line of defense against fraudulent email.
Also, Sender ID Format (SIDF) is the most prominently used protocol, primarily to authenticate email going in to MSN Hotmail, but DomainKeys Identified Mail (DKIM), used by Yahoo! Mail and Gmail, is rising quickly.
However quickly authentication is moving as a defense against spam and phishing, it's still one of several approaches email senders can use to prove their identity and trustworthiness.
A new study by email security vendor Ironport reveals these statistics on authentication adoption:
- 35% of all email sent uses SDIF, and 10% uses DKIM.
- Five of the brands most frequently targeted by phishers use DKIM, while nine of the top 10 use Sender ID.
- 75% of all Fortune 100 companies now use Sender ID for their marketing-related e-mail and 45% use DomainKeys.
For more statistics on authentication, see our recent ClickZ column.
Authentication, Reputation, Accreditation: What's the Difference?
Authentication is the process of proving you are whom you claim to be and that you have the authority to send email from your IP address. ISPs that use authentication add either a "positive", such as the DKIM icon, a key with an envelope, that shows up in authenticated messages sent to Yahoo! Mail addresses, or a "negative" indictor, such as SIDF's warning to MSN Hotmail users that the sender could not be verified.
Authentication helps you prove you are who you claim to be and is designed to block fraudulent email that forges its identity or hijacks someone else's server or IP address to send email.
Reputation differs from authentication because it relies primarily on your email sending performance. Even a spammer can prove his authenticity, but the large number of bounces and spam complaints his mailings generate will ruin his reputation among ISPs, resulting in blocking or filtering. Blacklists and whitelists use sender reputation as one of the considerations in determining whether to permit or block a message.
Accreditation is kind of the middle ground between authentication and reputation and is the only one that requires payment to participate. As with authentication, you can initiate the steps necessary to qualify by applying to a third-party vendor such as Return Path, Goodmail or Habeas. However, your email reputation, including sending performance, privacy policies and permission procedures will go a long way toward determining whether the vendor accepts you as a client.
If you are accepted, your email messages display a line of code in the header area or an icon recognized by the ISPs and other servers that use the service. More information on authentication, reputation and accreditation is available here:
|
