NY Times Article on Goodmail and AOL
February 4, 2006 – 8:14 pmDave Winer points to a NY Times story on the use of Goodmail by AOL which I pointed out eariler. Apparently, Yahoo is on the act as well.
AOL to Charge Senders for Some Emails?
February 2, 2006 – 5:40 pmA recent post on Circle-ID by Matt Blumberg states that AOL is planning to charge some commercial senders for specific types of emails. A related story makes things a bit more clearer:
In a bid to protect its members from e-mail fraud and phishing, and to offer consistency to commercial e-mail senders, AOL today will begin implementing Goodmail’s cryptographic CertifiedEmail program and phasing out its IP-based Enhanced Whitelist.
As part of its e-mail security practices, AOL blocks the display of images and hyperlinks on most high-volume messages, except if senders are on the AOL Enhanced whitelist and maintain very low complaint rates. Beginning today, AOL will also allow senders who have undergone accreditation through Goodmail to display images and hyperlinks by default. Goodmail charges accredited companies a fraction of a cent per message sent.
In addition, AOL will add a “trust symbol” to messages sent by Goodmail’s CertifiedEmail senders. It will appear in the inbox and the message window, so members will understand that a sender’s identity and reputation have been verified.
There are three important points here:
1. This fee is only charged for specific types of emails (”enhanced whitelist”) - with links and images. All other emails can be sent plain text.
2. A trust symbol will be used by AOL.
3. A cryptographic token is used for signing email similar to DKIM.
Leaving aside the business aspects, what is interesting about this, is that AOL is basically providing for the community a test-case of how three different things would work: e-postage, trust symbols (like browser padlocks) and cryptographic tokens. All of this of course will be very interesting to watch, especially the spammers’ reactions to this.
UPDATE: Suresh states in the comments at Circle-ID that the entire story might be wrong and AOL is not shutting down its enhanced whitelist. ALSO, it seems that the person who wrote the Circle-ID article is in fact a CEO of a competitor to GoodMail.
Why Bad is Good in Spam
February 2, 2005 – 10:22 pmWhile perusing the news, I came across a rather interestingly titled article at CNET: “Zombie trick expected to send spam sky-high”. As many other spam-related stories, this one had an apocalyptic feel to it as well:
According to the SpamHaus Project–a U.K.-based antispam compiler of blacklists that block 8 billion messages a day–a new piece of malicious software has been created that takes over a PC. This “zombie” computer is then used to send spam via the mail server of that PC’s Internet service provider. This means the junk mail appears to come from the ISP, making it very hard for an antispam blacklist to block it. Previously, zombie PCs have been used as mail servers themselves, sending spam e-mails directly to recipients.
This will cause serious problems for the e-mail infrastructure, as it is impractical to block mail with domain names from large ISPs. Linford predicts that ISPs will see a growth in the volume of bulk mail they send and receive over the next two months, with spam levels rising from 75 percent of all e-mail to around 95 percent within a year.
“The e-mail infrastructure is beginning to fail,” Linford warned. “You’ll see huge delays in e-mail and servers collapsing. It’s the beginning of the e-mail meltdown.”
Oh no, the email infrustructure “is beginning to fail”, its a “meldown”! Man the deck, close the hatches, the spammers are coming! Seriously, this is probably a thousand times this has been said and email is still standing. Quite the contrary, this development is not the beginning of a spam meltdown but rather the beginning of the end for the spam plague in general. Why do I think so? Lets sit down, analyze the fact and think for ourselves.
Read the rest of this entry »
Stopping Spam by Being Accountable
January 12, 2005 – 1:01 pmJohn Levine just posted an excellent article from Carl Hutzler of AOL about how the real solution to spam is accountability and action by ISPs on their own outbound traffic. Excellent read.
2004: The Year That Promised Email Authentication
December 25, 2004 – 11:25 pm(This article was published at Circle-ID)
As the year comes to a close, it is important to reflect on what has been one of the major actions in the anti-spam arena this year: the quest for email authentication. With email often called the “killer app” of the Internet, it is important to reflect on any major changes proposed, or implemented that can affect that basic tool that many of us has become to rely on in our daily lives. And, while many of the debates involved myriads of specialized mailing lists, standards organizations, conferences and even some government agencies, it is important for the FOSS community as well as the Internet community at large, to analyze and learn lessons from the events surrounding email authentication in 2004.
Read the rest of this entry »
MARID News
September 4, 2004 – 9:54 pmQuite a few things happened in MARID. First, an extension of the last call was announced for Friday, September 10th. Second, the Debian Project rejected Sender-ID. Third, Earthlink is leaning against Sender-ID also (which especially suprising since the other three members of the ASTA are for it).
UPDATE: After getting an email from someone, I would like to make a correction here: Among the ASTA members, only Microsoft and AOL have announced their deployment of Sender-ID. Earthlink announced that they will not be deploying, and Yahoo, Comcast and BT are silent. Therefore, the ASTA as whole is not leaning one way or the other, and my earlier statement to that effect is incorrect.<p
AOL PC = $299
December 4, 2003 – 1:34 amAccording to this News.com story, AOL is offering a M$FT Windows XP PC for $299 if you sign up for AOL Service for a year. They also have a website “299pcdeal.com”. BUT, the most interesting stuff is on their site and documentation. This PC comes with … AOL Office by Sun - which according to the documentation look like a repacked version of StarOffice.
The “Big Six ISPs” anti-spam alliance
November 22, 2003 – 11:42 pmThere have been rumors for a few months about the secretive Microsoft / AOL alliance against spam. A recent story revealed some of those plans:
“One organization working on sender-authentication mechanism is a commercial alliance comprising the biggest consumer e-mail providers: Microsoft, Yahoo, America Online and Earthlink.”"Under the proposal, ISPs and any other organization with their own domain name system (DNS) would use a private key in their mail servers to place an encrypted code in the header of each piece of outgoing mail. When the mail arrived at its destination, the receiving mail server would get the sender’s public key from its DNS server to decrypt the header, thus verifying the message’s origin.
If the message is spam, or even a legitimate marketing message the receiver doesn’t want, then email from that DNS can be blacklisted, or automatically blocked. “Once you have identity, then you can establish reputation and trust,” Libbey said. “Those are really important concepts in e-mail.”
Yahoo has done some proof-of-concept testing of the idea internally, but the technology is still at the early stages of development and no timetable for general release has been set.”
