Imagine if your reputation was linked to your domain name, rather than your IP addresses.
It would eliminate the need to "warm up" servers - a situation that exists now because ISPs are wary of new IP addresses with no sending history. Domain reputation would essentially make reputation portable - you could add new IPs, you could move IPs, you could send mail from different systems, even different ESPs - and you'd still enjoy the benefits of your good reputation.

The domain name is part of your brand identity, part of the "you" that you're trying to portray to your customers. An IP address is just a string of numbers.

Of course, the flip side is a bad reputation will also be portable. To some extent, this has always been true. ISPs have used the reputation of domains to block content for a long time now. This is why some companies that used bad third-party marketers found that their "regular" email took a hit when the links in both types of email got tarnished and caused blocking.

So why aren't ISPs using domains for good reputation, too? Unfortunately, the IP address has for decades been the only thing - the only "identifier" - associated with a message which cannot be forged. Enter authentication, which we talk about all the time on this blog. When a message is authenticated with a domain, the receiving site knows that the message really did come from that domain - which makes domain reputation possible.

Ken Magill has joined the conversation by writing a story on domain reputation, causing renewed buzz in the industry.

According to Magill's story AOL will implement a domain reputation system sometime between October of this year and March of 2010, a little later than they told us last year. Yahoo! says they will implement something similar "soon," likely building from their unique domain-based feedback loop.
But meanwhile, Gmail has already implemented an authenticated domain reputation system using both DKIM and SPF together. And, one of the interesting features of the Gmail implementation is the addition of a "trusted unsubscribe" for good senders.

Some of the metrics that Gmail looks at, and that Yahoo!, AOL, or anyone else creating a domain reputation system are also likely to employ, include:
How many times mail from this domain went into the spam folder automatically, due to IP reputation or content filters.

How many times mail from this domain went into the inbox automatically.
How many times a user marked a message from this domain as spam.
How many times a user marked a message from this domain as "not spam."
What should senders do now take advantage of domain reputation when it becomes more widely adopted? We recommend the following steps:

AOL is making a change which will affect the behavior of ALL bounce messages for both inbound and outbound mail.

Currently all bounce messages have the sender name of MAILER-DAEMON@aol.com.

With the changes for outbound mail, ALL bounce messages will have the sender name of MAILER-DAEMON@sender-domain. For example, an AIM account sending invalid recipients to the internet, will receive a bounce from MAILER-DAEMON@aim.com, and a switched.com member from MAILER-DAEMON@switched.com, UK member from MAILER-DAEMON@aol.co.uk.

With the changes for inbound mail, ALL bounce messages (mostly due to user-defined spam settings) will have the sender name of MAILER-DAEMON@recipient –domain. For example, a member of yahoo sending to an AIM account with a user-defined block, would receive a bounce message from MAILER-DAEMON@aim.com.

This may result in multiple bounce messages generated for a single piece of email being returned to the same sender. One bounce message is generated for each unique recipient domain.

For example, a member of yahoo sending a message with four recipients, two AIM accounts and two switched.com accounts (all with user-defined blocks), would receive ONE bounce message from MAILER-DAEMON@aim.com and ONE from MAILER-DAEMON@switched.com.

These changes will be installed into production over the next couple of weeks.

When an email references external images, Gmail usually doesn't display them automatically. Instead we show placeholders and present you with the option to "Display images below" or "Always display images from" that sender.

We do this to help protect your privacy from spammers, who can use images and links to verify that your email address is real.

But often the messages you get with images are from friends or family and there's no reason to worry about your privacy — you just want to see the photo of your newborn niece or the invitation design they're sending you. So, in these cases, we've decided to start displaying images by default. Now, whenever someone you've emailed at least twice sends you a message containing images, you'll see them right away. Note that we picked this threshold of two messages to start with, but we may tweak it if it doesn't seem right going forward. And we only display images by default for authenticated messages (using SPF or DKIM). Gmail and other big mail providers usually authenticate their mail, but other services might not, so it's possible you'll get an email from one of your contacts where images aren't displayed by default.

I was speaking at a webinar this week and the moderator said, "Stephanie, we have 30 seconds. How can marketers avoid being filtered as spam?!"

No pressure, right? Luckily, I talk fast!

I responded with something like this:

"Reaching the inbox is the only way you can earn a response. So it's pretty important to focus on this.
"Avoiding the spam filters is simple in concept: You must be welcome in the inbox - and you must maintain an ongoing reputation for being welcome in the inbox. The minute you bore me, or abuse my trust or send something irrelevant, you are spamming me.

"It's simple in concept, complex in practice. Being relevant and earning a high sender reputation is not a box you can just check off. It's an attitude. It's got to infuse every aspect of your email marketing approach - your content strategy, your frequency caps, your permission practices, your metrics and tracking, how you source your data, process your bounces, and in the approach of every person you hire and train and reward around email marketing success.

"Every time you send an additional mailing this week to pump up revenue, or you mail to a list with a dubious source or you send the same promotion to every person on your file; you are putting your sender reputation at risk. And you are also leaving money on the table.
"There is no good reason NOT to track your inbox placement and work a bit harder to be welcome in the inbox. It's too easy for subscribers to ignore us. And that isn't just for today's mailing, a poor sender reputation will harm you for all your mailings.

We're always looking for new ways to protect Gmail inboxes from spam and phishing. Last year, we started taking extra steps to protect you from fake eBay and PayPal emails, requiring that any email claiming to come from one of eBay's or PayPal's domains actually comes from them. We do that by looking at the "From" header, and when it says "ebay.com" for example, it means it really did come from ebay.com. Anything else is rejected; it won't even appear in your spam folder because Gmail won't accept it.

Now, unless you are a regular reader of this blog with a photographic memory, you may not be aware of this extra protection. So, we thought we'd add a little something to remind you. Turn on "Authentication icon for verified senders" from the Labs tab under Settings, and you'll see a key icon next to verified emails that are super-trustworthy.

"Super-trustworthy" is a technical term I just invented that means: (1) the sender, usually a financial institution, is a target of phishers, (2) all of the sender's email is authenticated with DKIM, and (3) Gmail rejects any fake messages that claim to come from this sender, but actually don't.

It's a bit of work for senders to make their email super-trustworthy, which is why this feature is limited to just eBay and PayPal right now. We hope to add more senders in the future, and when we do, you'll know because you'll see the super-trustworthy key icon magically appear by those senders too. Give it a whirl and let us know what you think.

Press Release
Federal Trade Commission
July 2, 2009

URL: http://www.ftc.gov/opa/2009/07/spear.shtm

A U.S. district court has ordered key players in an international spam ring to give up $3.7 million that they made by sending out illegal e-mail messages pitching bogus hoodia weight-loss products and a “human growth hormone” pill they claimed reversed the aging process.

In a Federal Trade Commission law enforcement action, the court found that the five defendants, located in Canada and St. Kitts, violated the FTC Act and the CAN-SPAM Act by participating in the spam operation. The court order bars the defendants from violating the CAN-SPAM Act and from making false or unsubstantiated claims about the health benefits of any food, drug, or dietary supplement.

The FTC charged that the operation used spammers to drive traffic to Web sites selling an extract of the hoodia gordonii plant it claimed would cause significant weight loss, and a “natural human growth hormone enhancer” it claimed would reverse the aging process. The FTC alleged that these claims were false or unsubstantiated, and charged the defendants with deceptive advertising in violation of federal law. It also alleged that the spammers sent e-mail that contained false “from” addresses and deceptive subject lines, and that they failed to provide a required opt-out link or physical postal address.

The case, filed by the FTC in October 2007, marked the first time the Commission invoked the US SAFE WEB Act, a federal law designed to protect consumers from cross-border fraud and deception. The Act enhances the agency’s ability to exchange information with foreign counterparts and helps protect consumers from cross-border spam and spyware distribution, as well as Internet fraud and deception. The FTC’s complaint charged eight defendants – Spear Systems, Inc., three other corporate defendants, and four individuals.

The Commission settled with three defendants in the case – Spear Systems, Inc. (a U.S. company) and two individuals, one in the United States and one in Australia – in May 2008. The agency was unable to reach settlements with the remaining five defendants, who are the subject of the court order announced today: Xavier Ratelle and Abaragidan Gnanendran, of Quebec, Canada; and corporate defendants 9151-1154 Quebec, Inc., 9064-9252 Quebec, Inc., and HBE, Inc. The final orders were entered by the United States District Court for the Northern District of Illinois, Eastern Division.

By Michael Geist
Toronto Star
Jun 22, 2009

URL: http://www.thestar.com/sciencetech/article/654448

Last Thursday began as an ordinary, rainy spring day in Ottawa. Canadian politicians, having just avoided an unwanted election, were only two days away from an extended summer break.

Yet by the end of the day, a trio of events unfolded that could help shape the Internet in Canada for years to come.

The first took place mid-morning, with the introduction of new lawful access legislation.

The bills would dramatically change the Internet in Canada, requiring Internet service providers to install new surveillance capabilities, force them to disclose subscriber information such as name, address and email address without a court order, as well as grant police broad new powers to obtain Internet transmission data.

The introduction of the legislation by Justice Minister Rob Nicholson and Public Safety Minister Peter Van Loan – accompanied by more than a dozen law enforcement representatives –generated an immediate wave of criticism.

Internet service providers expressed concern about the cost of the program, while privacy groups lamented the government's about-face on the issue of court oversight since Stockwell Day, the previous public safety minister, had pledged not to introduce mandated disclosure of subscriber information without it.

Given the experience with misuse of surveillance powers in other countries, the bill will likely continue to attract attention as Canadians ask whether the government has struck the right balance between providing law enforcement with the necessary investigative powers, ensuring robust oversight, and preserving online privacy.

Hours later, the scene shifted to question period, where Liberal Industry critic Marc Garneau surprised Internet watchers by emphasizing the importance of an open Internet and declaring that the Liberal party now firmly supports net neutrality. The party has adopted a position opposing the management of Internet traffic that infringes privacy and targets specific websites, users and legitimate business applications.

The move represents an unexpected shift in policy direction just weeks before the Canadian Radio-television and Telecommunications Commission is scheduled to conduct hearings on network management practices. For months, the NDP has stood virtually alone among the major Canadian political parties in its support for web neutrality.

With the Liberals onside, the door is open for a bipartisan effort this fall to enshrine net neutrality principles into law.

Immediately after Question Period, the standing committee on industry held its final hearing before the break on the Electronic Commerce Protection Act, Canada's new anti-spam bill. Some business groups have sought to water down the legislative proposal, implausibly arguing that Canadian privacy law is sufficient to address persistent spamming activities and that the ECPA's tough penalties could dissuade talented business leaders from taking on corporate directorship positions for fear of potential liability.

Representatives from the Office of the Privacy Commissioner of Canada and the Competition Bureau and CRTC chairman Konrad von Finckenstein firmly put those fears to rest. Assistant Privacy Commissioner Elizabeth Denham rejected the view that current privacy laws are up to the task of countering Canadian spam and welcomed the clarity of the anti-spam bill.

Von Finckenstein was similarly supportive of the ECPA, expressing optimism about its potential to address long-standing spam concerns.