Authentication is a high-tech way of signing your emails to show it’s not a forgery. It’s basically a string of code you have to add to your email (it’s built-in to MailChimp, and it’s free for all customers). The idea behind authentication has always been that eventually, ISPs may start blocking emails that are not authenticated (or at least slow those emails down). This might eventually stop all the stupid phishing scams you get in your inbox from people pretending to be eBay, or PayPal, or your local bank.
But most ISPs have not gone so far as to block non-authenticated emails…
Instead, ISPs mostly just mark non-authenticated emails with some kind of “caution” icon like this:
YahooMail, on the other hand, takes the opposite approach. They give an “approved” icon for emails that are authenticated:
Gmail seems to be taking that first step towards actually BLOCKING non-authenticated email. According to this article at ZDNet, emails claiming to be from eBay or PayPal will be totally rejected if they aren’t authenticated. It’s a nice first step towards actually using authentication to outright block scammers and spammers. Of course spammers will just think of some way to game this system (like they always do), but kudos to Gmail nonetheless.
Here’s an interesting quote I pulled from the article, from the Authentication and Online Trust Alliance (MailChimp is a member of the AOTA):
“Over 700 million mailboxes are now protected by email authentication thanks to adoption by leading ISPs including AOL, Bell Canada, GoDaddy.com, Google (Gmail), Microsoft (Windows Live Hotmail), and Yahoo!. However, there is considerable room for improvement in the adoption rate amongst all ISPs. As a best practice, ISPs are encouraged to begin to delete or block email which fails authentication, rather than placing it in bulk or junk email folders where consumers remain at risk of disregarding warnings and opening the email.”
To learn more about how you can authenticate your email marketing campaigns in MailChimp, see http://blog.mailchimp.com/authentication/
The reason ISPs don’t block un-authenticated mail is that most legitimate senders don’t authenticate yet — and even those who do only indicate that they sign some of their mail, rather than all of it.
Authentication isn’t going to be driven by deliverability, because it has very little to do with deliverability. It’s much more about security — and if brand owners don’t take even this basic step to protect their brand’s security, they only have themselves to blame when somebody sends spam (or worse) in their name.
[...] – bookmarked by 1 members originally found by pllyrain on 2008-09-12 Gmail Using Authentication To Block Scams http://blog.mailchimp.com/gmail-using-authentication-to-block-scams/ – bookmarked by 6 members [...]
I have an issue with this, all my email (for dozens of domains) comes into my dedicated server, is filtered by domain, by spam filters and finally by procmail. It then gets forwarded onto the appropriate accounts for the user.
So my personal and business email ends up in a gmail account. But, in the last few days and weeks I’ve noticed zero emails from ebay/paypal. And I guess I now know why!
The intermediate forwarding step is clearly making them look like they are coming from somewhere else, and not from a legitimate source.
How annoying, and, how do I get around it?