In its 2003 Project Lumos white paper, the ESPC outlined the path to curbing spam, phishing, and other abusive e-mail practices. In it, the plan was made to push for widespread adoption of authentication services by senders and receivers first, and then to layer on reputation and accreditation services after that.
In a report released today, the ESPC found that 16 of the top 18 ISPs in the U.S. was applying authentication to outgoing e-mails, and eight of those ISPs were also checking for inbound authenticated e-mail and applying some sort of filter to the mail as a result.
Yahoo, Microsoft and Google were found to be the most assertive in their use of authentication. Yahoo and its cable and telecom partners are verifying incoming messages and signing outgoing messages using the DomainKeys cryptographic method, filtering e-mail as a result, and notifying users of passing and failing results. Microsoft performs similar functions using SPF and Sender ID records.
Google, whose Gmail is much smaller than Yahoo mail or MSN's Hotmail, is going all-out and matching Yahoo's use of DomainKeys, and also publishing SPF records for outgoing messages. Among other notable ISPs, AOL is publishing SPF and Sender ID records on outgoing messages, but not yet doing anything with incoming messages. Earthlink is signing messages with DomainKeys. A few other ISPs on the list, like Verizon, Roadrunner and NetZero, are publishing SPF records.
The full report is available at the ESPC's site.
The Original Search Marketing Event is Back!
SES Denver (Oct 16) offers an intense day of learning all the critical aspects of search engine optimization (SEO) and paid search advertising (PPC). The mission of SES remains the same as it did from the start - to help you master being found on search engines. Early Bird rates available through Sept 12. Register today!