Email authentication

The more I think about email authentication the more I believe it is going to have a major impact.  For those new to this there is a good summary here.  The technology is being developed now to verify that a mail from xx@yy.com really does come from yy.  It is long overdue in my opinion.

Picture this - you are the CTO of some corporate, and one day (in a couple of years time) your copy of the WSJ has an article about email authentication.  You don’t really follow the complicated stuff (you are a real CTO not you you) but you do understand that it means that without it, anyone can forge (bad word - flags go up) email headers.  Worse it has something (you don’t quite follow) to do with Spam and Viruses.  Both really really bad words.

You rush down to your comms guy and say ’are we allowing un-authenticated emails through - if so stop it’.

There are some threads running on other lists about how good/bad the various technologies are going to be in practice.  How easy or not to get around and so on.  The fact is its about politics not technology.  Mark my words.  In 2-5 years time all the major corporates will totally block un-authenticated mails.   My guess is that the first you know it is happening is when mails to your major client start to bounce.

So what.

In the first place email just got a lot more complicated.  Your domain name hosting and your email technology are going to become closely inter-twined.  You can no longer just order a domain name through xyz domains ltd and forget it untio the renewal comes up in a couple of years.  Now you have to do day to day maintenance on your DNS.

 Imaging the situation where you are a company with independent sales agents aropund the world.  You allow them to use email addresses like xxx@yourdomain.com as their return address and you just alias this address to the real address on your mail server.  Now you have to keep the DNS in step with the ISP your remote salesman happens to be using.  Maybe your salesman has to set up some sort of digital signature on their email client.  Maybe your salesman can’t even type and chew gum at the same time.

If you are email marketing, the news is fairly good.  Unless you forge email headers (in which case you deserve all you get) the chances of getting through should increase as the rubbish gets eliminated.

The three systems now on offer are only the first generation.  There will no doubt be an escalation as spammers try and find a way round them.  As this happens life for email administrators can only get more complicated.

Bob
Textor