Home / Blogs

AOL and Goodmail: Two Steps Back for Email, Part II

There’s been a lot of noise this week since the news broke about AOL and Goodmail, so I thought I’d take the opportunity to change the direction of the dialog a little bit.

First, there are two main issues here, and I think it’s healthy to separate them and address them separately. One issue is the merits of an email stamp system like the one Goodmail is proposing, relative to other methods of improving and ensuring email deliverability. The second issue—and the one that got me started earlier this week - is the question of AOL making usage of Goodmail stamps a mandatory event, replacing its enhanced whitelist. To really separate the issues, this posting will tackle the second question, and the next posting will tackle the first question.

I have reached out to Charles Stiles [AOL’s Postmaster] this morning to try to clarify AOL’s position on Goodmail. Initially, it was reported in the press that AOL was discontinuing their enhanced whitelist on June 30, and that Goodmail stamps were the only option available to mailers who wanted guaranteed delivery, images, and links in their emails via the enhanced whitelist. But Charles has subsequently made some unofficial comments that the AOL enhanced whitelist will live on as an organically-driven or reputation-earned entity, and that Goodmail stamps will just be one option of many to gain enhanced whitelist status. This is a critical distinction, and one that AOL needs to make.

If in fact they are not shutting down their enhanced whitelist on June 30 as reported and forcing thousands of mailers to use Goodmail as opposed to organically earning their way onto the enhanced whitelist, then I will help them publicize the correction since I’ve been such a vocal critic. That would be great for the industry, and it’s my biggest hope that something good will come out of this controversy.

If AOL is making Goodmail the king—the only way to reliably reach users inboxes—then my complaints stand: the lack of affordability for many mailers is problematic; the threat of a monopoly is real; and the absence of an organic route for mailers who have clear end-user permission to send email and sterling reputations runs counter to the entire spirit of the Internet. AOL can accept Bonded Sender or not, although I hope they do some day. But to tell mailers they have no other option, and in particular no organic option, to use the AOL enhanced whitelist to properly reach customers who are requesting their email is akin to Google telling the world that they will only present paid search results in the future, and that organic search is dead.

Can you imagine how well that would go over?

Disclaimer: Matt Blumberg is the CEO & Chairman of Return Path, Inc.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Matt Blumberg, CEO and Chairman at Return Path

Filed Under

Comments

Daniel T. Dreymann  –  Feb 3, 2006 11:38 PM

Responding to my earlier comment, Matt Blumberg wrote:

Finally, Daniel, nice to meet you.  I have never claimed that Return Path has cryptographic technology to match what you have spent years developing.  Likewise, I’m sure you’re not claiming that Return Path doesn’t have a solid data-driven, quantitative approach to mailer deliverability and reputation since that’s the business we’ve been in for years and are the recognized industry leader in. 

I’m also very pleased to hear that Goodmail is now considering implementing reputation standards around who qualifies for certified mail as well, since that wasn’t your original model.  That bodes well for your program and certainly removes the appearance of being a “paid spam” model.  However, I have heard some of the standards that you’re using in industry groups, and they seem to be much looser than AOL’s current standards, which, if true, is incredibly disappointing to say the least.

Nice to meet you too Matt. Let me address three points you raised in your comment above:

First, Goodmail has been presenting the same vision for email accountability for nearly two years. We are not disclosing anything new here. The details of the system were also spelled out in the October, 2005 press release announcing our relationship with Yahoo! and AOL:

The service consists of the essential components for establishing email accountability:

•Sender Accreditation - a comprehensive accreditation process that authenticates the identity of the sending entity and confirms that the sender meets the highest standards of email sending behavior. This ensures that only qualified senders are allowed to send CertifiedEmail messages and that the sender identity displayed in a CertifiedEmail message (name and email address) is always accurate and legitimate.

•Message Certification with Cryptographically-Secure Tokens—a cryptographically-secure token that cannot be copied or stolen is inserted into each message and ensures that the Goodmail CertifiedEmail message cannot be tampered with, forged, or spoofed.

•Inbox Labeling - a distinct CertifiedEmail symbol in the email user interface allows consumers to easily distinguish legitimate email from spam and feel safe opening these messages. Placement of the icon in the email user interface rather than in the message itself ensures that it cannot be spoofed by fraudulent senders.

•CertifiedUnsubscribe and Feedback - secure unsubscribe and consumer feedback mechanisms give consumers increased control over the email they want to receive.

•Fair and Accurate Reputation Monitoring and Enforcement - measurement of the actual message volume of a CertifiedEmail sender together with consumer feedback establishes an objective and accurate reputation score for each sender. This assures that only senders who display the best sending practices continue to enjoy the privilege of sending CertifiedEmail.

Second, the standards we set for accreditation into the program, and for a sender’s continued participation in the program, are far stricter than any whitelisting program. We deeply accredit the sending entities and then assess their sending behavior which must match standards agreed to with our ISP partners. As you know, whitelisting programs lack any sender accreditation aspect; past history of IP addresses is all that counts. We go way beyond that. Our reputation scores are more accurate than any current system because tokenization allows us to have completely accurate measures of sending volume (see point #3 below).

Third, while I have no doubt you are doing the best you can to gather data for reputation analysis, I suspect all would agree that there are significant limitations inherent to an IP-based system. Back in 2004 the ESPC issued their assessment of the limitations of the Bonded Sender program. Quoting from DM News:

Another problem ESPC cited is Bonded Sender’s reliance on its SenderBase e-mail reputation system to calculate complaint levels. The ESPC reports that its test indicates widespread inaccuracy in the data. In one instance, SenderBase overestimated the amount of e-mail sent by a factor of 757. For 23 of the 39 IP addresses, SenderBase estimates were more than two times off… To compare complaint levels, the report looked at reports the IP addresses received from AOL. Bonded Sender and AOL complaint figures were more than 100 times off in the majority of the instances. One IP address received 1,104 AOL complaints to zero from Bonded Sender; another received zero AOL complaints to 775 from Bonded Sender. Overall, the report says 80 percent of the IP addresses had complaint levels more than 10 times of those from AOL.

I’m sure the program has improved since, and in any case I can’t blame you for the inaccuracy of your data: without embedding cryptographically-signed tokens and tracking every single message – good accuracy can’t be attained. This is where Goodmail’s closed-loop system comes to play.

Many senders tell us they understand the need to monitor sending behavior but have been troubled by the inaccuracy of IP-based systems and appreciate that Goodmail’s approach will support analysis with 100% underlying data integrity.

Daniel

(Daniel Dreymann is Goodmail’s co-founder and SVP of Product & Engineering)

Suresh Ramasubramanian  –  Feb 4, 2006 5:49 AM

OK. Two different things getting compared here, I’m afraid.

Returnpath - standard “build good relationships with ISPs, and act as a mediator between senders and ISPs, help senders to improve their bulk mailing practices” etc.

Goodmail - E-stamping with elements of both authentication and reputation.

If X wants to get their marketing and other types of messages through to AOL, they could just go on setting up feedback loops to AOL, and continue to use returnpath and the EWL.  It’d work even better if AOL scales up their feedback loops and does some extensive weeding out of problem customers, stale loops, etc, and encourages ESPs to aggregate all their clients under a single loop instead of multiple small loops.

If X wants specifically transactional messages to get through to AOL / other goodmail using ISPs, and additionally needs to have these distinguished in some way from phish email (for content filters that move email to a bulk folder, say), they might want to use Goodmail.

Even if they do use goodmail, I am sure they’d have to continue to do feedback loops .. but goodmail probably gives AOL some kind of edge over the other (EWL) method - reporting / stats collection / other holds of some kind (bond in escrow like bondedsender?)

In any case, in practice, for most senders of marketing / other non transactional email, there wouldnt be much difference between choosing Returnpath or Goodmail, as far as I can see.

Wes Felter  –  Feb 4, 2006 9:34 PM

According to the New York Times, Goodmail shares some fraction of its fees with ISPs who receive email. Doesn’t this potentially create a perverse incentive? For example, phasing out the EWL system may increase revenues for AOL with little or no benefit to email senders or AOL’s customers (this assumes that EWL and Goodmail have similar efficiency).

Ram Mohan  –  Feb 4, 2006 10:42 PM

One aspect that seems to get missed out on is that mobile email is a growing sector that can really do with initiatives that separate good mail from junk.

Hector Santos  –  Feb 6, 2006 11:30 PM

Matt, Daniel et al,

I am still analyzing the chutzpah of all this but this is what Santronics (SSI) is considering will need to be done for our product lines:

- Offer local mail policy options to operators to provide users options to reject email from domains who will require a fee for responding.

- Offer local mail policy options to operator to pre-empt any cost/fee occurring submissions.

- We can also add new accounting logic to reject all fee-occurring domains unless the domains pays a fee to us. i.e. AOL.COM must pay us to accept all AOL.COM.

- Enhanced our current user subscription model for operators to charge users for sending mail to fee-costing domains.  This might discourage users to avoid sending mail to such domains. But that depends on our MSA or our online mail clients will present the information to the user.  If AOL.COM wants us to accept mail for AOL.COM users, AOL.COM might have to pay us a FEE in order to enhanced their own user services.

In the end, this is a dramatic occurence. It may be premature and chaotic with little to no regard to how the mail infrastructure will be damaged across the board.  We may be just small potatoes relative to you guys, but we do have over 100,000 customers using our mail product lines. We are one the oldest mail products in the market and our customers have come to trust our judgement in our 25+ years high quality production of mail based products.

If the AOL.COM, YAHOO.COM are going to force a change, well, it goes both ways.  They want companies to pay them to target their user inbox.  Well, thats nice. But they will have to pay us as well in order to accept mail from their users.  Rest assured, if users see this happening, they will look for other ISPs, maybe not enought to discourage AOL.COM, YAHOO.COM, but we really don’t know, do we?

Hector Santos, CEO/CTO
Santronics Software, Inc.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix