E-Mail Authentication Not Enough, Say Experts

New York–On the heels of Microsoft’s June announcement that its Hotmail customers would be notified when Sender ID protocol is unable to verify the authenticity of an e-mail message, marketers gathered here July 12 for an E-mail Authentication Implementation Summit.

Although e-mail marketers are taking positive steps toward safer e-mail, the consensus among those in attendance was there is still a lot of work to do. “Spam is under control, but what is coming through is that much more damaging,” said Craig Spiezle, director of technology care and strategy at Redmond, WA-based Microsoft.

In a Gartner Group survey of 5,000 online users released last month, more than 80% of online users stated that online attacks have affected their trust in e-mail from companies or individuals they don’t know personally. What’s more, 42% said it has changed their online shopping behavior.

Already Internet and e-mail service providers have begun using e-mail authentication to confirm the identify of the sender’s domain and improve the deliverability and differentiation of personal and corporate e-mail, transactional e-mail, legitimate “opt in” Can-Spam-compliant e-mail, and spam. Experts at the summit were quick to note, however, that e-mail authentication is not a silver bullet but rather a first step, admitting that spammers were early adaptors to authentication.

“Authentication is not enough to protect the ecosystem of e-mail marketing,” said Trevor Hughes, executive director of York, ME-based Email Service Provider Coalition, a cooperative group of industry leaders. The next steps, he said, are for e-mail marketers is to implement accreditation to determine what type of message is being sent and the history of the sender.