Today's web surfing takes me to investigate email authentication and its implementation costs. The hooplah that started this inquiry was from a press article about Goodmail partnering with AOL and Yahoo! to essentially get rid of the free whitelist system and replace it with a fee-based system for commercial senders. The concern for a publicly traded bank is whether or not its competitors will adopt such an authentication system to have their emails handled on a preferential basis by a consumer because it contains a "trust" tag.
What does email authentication do? Well, for starters it tries to manipulate how a commercial email is handled by an email service provider. The perception for the consumer is exactly like that of a 1st Class postage stamp versus a pre-sorted indicia, the latter of which almost entirely is for bulk postal mail, like pieces addressed to "Dear Head of the Household" or to "Current Resident." Here's Wikipedia's definition.
Goodmail is new to email authentication and has only been in existence since June 2003; not nearly enough time for it to have developed relationships. Goodmail's online documentation infers that by using their paid token system, it guarantees delivery of a commercial sender's email without blocking html, pictures, or embedded hyperlinks, to a consumer's email inbox. Click here to view their process.
There is a lot of unseen resources consumed by using or considering to use an email authentication service. Goodmail, for example, is a fee-driven company. The more fees, the more revenues. Let's just look at a few of the ones from Goodmail. There's a $399+ signup fee, an accreditation fee, token purchase fees which can rise by 25% if you ever show up on their watchlist as a probationary company, and per-email fees based on email volume.
I asked Goodmail to send me case studies of companies in the banking industry who are currently using their service and a list of references; the basics of consideration for any vendor offering. So far, no response yet.
Best practices are still the way to go, and the FTC has guidelines for business to comply with the CAN-SPAM Act of 2003.