ESPC publishes Data Security Best Practices
Strong information security practices are essential to maintain trust in, and the viability of, the email ecosystem. ESPC members understand that their customers, employees, and consumers expect that member companies will handle information received from or about them in an accurate manner, protected against errors, secured from theft and protected against unauthorized access and disclosure. This document describes the information security principles that members believe are appropriate for companies in the email service provider industry.
New ESPC Member Initiative: Support for Suppression File Encryption
Suppression file abuse is a significant source of spam. The simple act of encrypting these files makes this sort of abuse more difficult. The ESPC is implementing a new membership requirement that members should support MD5 suppression file encryption. The ESPC is encouraging members to target September 1, 2009 for implementation. It is our hope that adoption of this standard will not only help reduce spam, but also drive broader encryption adoption within the industry.
Suppression File Encryption Requirement Document
Suppression File Encryption Requirement FAQ
Email Reputation Position Statement
This positioning statement is intended to clarify the governing principles of email sender reputation, as well as guide providers of public or private reputation services on the meaning and utility of these principles.
ESPC Report on Email Authentication by Leading ISPs
Over the past months, the ESPC's Receiver Relations Committee, a group dedicated to helping facilitate better understanding and ongoing dialog between the sender community and the established receiver community, collaborated with leading ISPs and compiled authentication information about their email programs. The resulting report provides a list of ISPs and the types of email authentication they currently support. The report is a powerful representation of the broad based endorsement of authentication by receivers.
Email Authentication Position Statement
Consumer confidence is under assault on two fronts: being able to trust that messages are safe and are from whom they claim to be from; and being able to rely upon email to deliver the communications that consumers want, need and expect to receive. The ESPC authentication statement encourages providers of email accreditation and reputation services to make authentication a prerequisite for their solutions. It also urges receivers to test incoming mail for an SPF record, routinely publish adoption statistics and provide overt notice to their members when a sender's identity cannot be authenticated.
ESPC Email Best Practices Guide
Email is an excellent channel for mailers to establish and maintain valuable relationships with their subscribers. There are multiple stages of such a relationship, and in order to maximize the value of the relationship, mailers should be attentive to the application of best practices. The ESPC Best Practices Guide is to be used in conjunction with the ESPC Membership Pledge. The Best Practices Guide enhances the Membership Pledge by outlining specific practices that are recommended for use by ESPC members. By following these recommended best practices, mailers will improve their relationship with recipients which in turn will reduce complaints and increase subscriber response. Equally as important, adoption of the best practices shows member support of the ESPC's efforts to be at the forefront of industry best practices.
Email Marketing Pledge
Acknowledging the critical importance of consumer consent in email marketing, the ESPC, IAB, and TRUSTE release the clearest, most concise set of email marketing guidelines to date, the Email Marketing Pledge. By requiring informed consent before sending email, the Pledge will increase industry accountability by creating a distinct line between spam, and legitimate email marketing. As a result, consumers will be better able to trust those organizations that have taken this pledge and ISPs will be better able to filter those messages from organizations which have not.
Marketers Guide to Accreditation, Reputation and Authentication Resources
Increasingly, a marketer's email "reputation" will play a significant role in determining whether or not email is delivered. In addition to following industry best practices, marketers can take specific steps that can improve their "reputation" and maximize deliverability and ROI. This guide, developed by the ESPC and IAB, will help marketers navigate the offerings available today.
ESPC, IAB, and TRUSTe Oppose Do Not Email Registry
The groups co-authored a white paper detailing why they believe that a DNE registry will not materially reduce the amount of spam plaguing consumers and will burden the senders of legitimate email. Technological challenges abound making a DNE Registry impossible to enforce, prohibitively expensive, and difficult to secure. At the same time, the DNE registry would impede the growth of e-commerce, confuse consumers, and provide a rich source of valid email addresses for spammers and hackers to target.
Details of Project Lumos technical architecture were unveiled in a white paper entitled Project Lumos: A Solutions Blueprint for Solving the Spam Problem by Establishing Volume Email Sender Accountability. The white paper illustrates how the registry can easily be implemented in conjunction with current spam fighting technology. The white paper also provides a blueprint for easy implementation of Project Lumos by ISPs. Project Lumos will allow ISPs, without significant infrastructure changes, to quickly and inexpensively reject mail connections from spammers without needing to accept, store and analyze the fraudulent mail. This should dramatically reduce the amount of resources required to handle spam.
Assurance Systems: 4th Quarter Report on False Positives
"Assurance Systems Fourth Quarter Email Blocking and Filtering Report indicates that approximately 15% of permissioned messages do not make it to the inbox as intended at the top 10 e-mail account provides." Read Assurance System's Featured Research White Paper published February 2003.
"I_Did_Not_Get_My_Email forum on Yahoo! Groups"
In the fight against spam some email messages that are genuinely wanted are being blocked by a spam filter or block. In an attempt to improve spam filtering techniques, the ESP Coalition has established this forum as a place to report the non-delivery of email that was wanted, but was blocked.
"The Internet Alliance (IA) is the premier organization of Internet policy professionals representing the Internet online industry on the state, federal and international levels. Through public policy, advocacy and strategic alliances, the IA is building the confidence and trust necessary for the Internet to be the global mass market medium of the 21st century."