Domain: goodmailsystems.com
Stories and comments across the archive that link to goodmailsystems.com.
Comments · 15
-
Re:Charging for E-mail?
Well, the system was horrible. I worked at a place where we sent a lot of mail. It was all customer service related, like password resets, billing confirmation, and expiration notices. They wanted a little something, but with the huge numbers of customers that we had, it would have been unmanageable. That doesn't even account for the normal business emails, exchanged between our network and customers.
We looked at it, said "when it's been accepted by more systems, we'll use it", and that was the end of it.
Luckily, goodmail seems to have died off.
It would have really sucked for one of my sites. We sent a few thousand newsletters out daily (specifically requested by the users, no dirty tricks to "encourage" them to sign up). With other associated costs (server hardware, hosting, SSL cert, etc), we've been in negative cashflow for about 8 years. But we like it, our users like it, so it survives. If we had to pay per email, the newsletters would stop. And one thing I learned years ago, once you start delivering news straight to people's email, and they want it, if your newsletter doesn't even go out for *ONE* day, people start complaining.
Sure, it'd impact spammers more (hopefully), but for us little guys, it would have killed us.
-
Re:Pay to email
There have been many variations on the "pay to email" theme over the years. The oldest relevant citation of which I am aware is Brad Templeton, E-Stamps. His proposal does not involve the middle-man that takes a cut. Esther Dyson has also advocated this kind of solution for many years. The nearest equivalents to "pay to email" that we have in the actual marketplace are certification schemes like those from Return Path and Goodmail. These involve paying to receive certification as a responsible practitioner of bulk email, and thereby receive a recommendation which will prevent your mail from being filtered in some cases. That's not much like an e-stamp, admittedly, but it's as near to the concept that the market actually bears. Nobody has yet figured out how to introduce an e-stamp system which any email senders have the slightest incentive to use.
-
Re:Typo
"So is his name Goodfellow or Goodnight?"
Lemme gues, he's working at Goodmail. -
Re:Emailed Subpoenas
Goodmail provides "receipts":
"Delivery Confirmation and Enhanced Reporting. A unique token in every message allows Goodmail to track and confirm delivery at the message level. With this feature Goodmail can manage volume, provide accurate delivery and non-delivery reports to senders, and track recipient feedback for fair and straightforward enforcement of the service."
http://www.goodmailsystems.com/senders/#4 -
Re:Secondary Effects
Actually none of the ISPs have any interest in reducing spam. They make to much money off of the spam operators and the sites that host the products provided by the spammers. Taking actual measures to reduce spam would cost the ISPs to much money.
Spammers steal to advertise a "product." They steal resources from anyone they need to advertise their product. You don't suppose these people run the other parts of the their business the same way? Legitimate IPSs don't enjoy hosting spammers in any fashion. This is why nearly all spamming done using cracked botnet zombies (baring a sizable chunk of mainsleaze spam). A quick check of the spam in my Junk folder indicates that most spammers host their websites on non-US systems, or are broken. On a nearly weekly basis I watch a small shared webhosting provider get hosed when his spamming customer lies to him, then screws him out of payment when the webhoster's provider gets involved. The vast majority of the ISPs in the civilized universe want spammers to loose IP connectivity. The largest of sites spend *millions* blocking spam both inbound and outbound.
Instead, they want to make money from legimate companies that want to get their messages to end users. This is a win win for the ISPs, but does nothing for end users.
It's a win for the users as well. The AOL mail client will be able to tell the user that the mail they're reading is indeed from Bank of America, and that other piece of mail is not from BoA. If AOL and Yahoo! know that BoA's mail all has goodmail tokens, and BoA mail shows up that doesn't have mail, it must therefore be a phish (seriously, go look at Goodmail's website complete with the AOL mail client screen shots). AOL's goodmail implementation is ONLY for transctional mail. That was the basis of Gingras' statement.
The handwaving about AOL charging to deliver mail is, of course, interesting. One would think that AOL is going to make out like bandits on all of the spam they'll be delivering now. That's simply not the case. The goodmail system is designed to support itself, not AOL or Yahoo!. Goodmail will be charging enough to keep themselves in business and keep the accreditation program working. I somehow doubt there's much left in the cost structure to kickback to AOL in any amount they can measure.
As discussed many times here the only way to defeat spam is to choke off the money flow to the people that use spam to advertise. There are two ways to stop the flow of money. First is to go after the spammers and advertisers. So far this has proven ineffective.
Is the strategy ineffective or is our execution of the strategy ineffective? We have weak anti-spam laws that do more to enable the practice than to actually put a stop to it. We have standards bodies that can't come up with effective reputation and sender authorization systems, leaving ISPs to invent their own solution (see goodmail). We have transit providers who don't have the guts to de-peer a rouge network who won't clean up what they're transiting.
Second way is to go after the idiots that actually buy stuff from spammers.
Wow. You don't actually think people *buy* real stuff from spammers? And that the spammers are really selling the stuff they're advertising? Ok, maybe the pharma spammers, but the rest of them? Not so much. These people are theves. They steal for a living.
Going back a week in my Junk box, I see pharma spam, penis pill spam, p0rn spam, mortgage spam, 419 spam, and pump-n-dump spam. Exactly what products are being sold in the spam I've gotten in the last week? Of the things in my list that even sound like products (drugs, penis pills, p0rn, and mortgages) none of those are products that need to be sold by cost shifted advertising. If you have to resort to these tactics to see these products, there's something wrong with the products. That's assuming -
Re:Secondary Effects
Actually none of the ISPs have any interest in reducing spam. They make to much money off of the spam operators and the sites that host the products provided by the spammers. Taking actual measures to reduce spam would cost the ISPs to much money.
Spammers steal to advertise a "product." They steal resources from anyone they need to advertise their product. You don't suppose these people run the other parts of the their business the same way? Legitimate IPSs don't enjoy hosting spammers in any fashion. This is why nearly all spamming done using cracked botnet zombies (baring a sizable chunk of mainsleaze spam). A quick check of the spam in my Junk folder indicates that most spammers host their websites on non-US systems, or are broken. On a nearly weekly basis I watch a small shared webhosting provider get hosed when his spamming customer lies to him, then screws him out of payment when the webhoster's provider gets involved. The vast majority of the ISPs in the civilized universe want spammers to loose IP connectivity. The largest of sites spend *millions* blocking spam both inbound and outbound.
Instead, they want to make money from legimate companies that want to get their messages to end users. This is a win win for the ISPs, but does nothing for end users.
It's a win for the users as well. The AOL mail client will be able to tell the user that the mail they're reading is indeed from Bank of America, and that other piece of mail is not from BoA. If AOL and Yahoo! know that BoA's mail all has goodmail tokens, and BoA mail shows up that doesn't have mail, it must therefore be a phish (seriously, go look at Goodmail's website complete with the AOL mail client screen shots). AOL's goodmail implementation is ONLY for transctional mail. That was the basis of Gingras' statement.
The handwaving about AOL charging to deliver mail is, of course, interesting. One would think that AOL is going to make out like bandits on all of the spam they'll be delivering now. That's simply not the case. The goodmail system is designed to support itself, not AOL or Yahoo!. Goodmail will be charging enough to keep themselves in business and keep the accreditation program working. I somehow doubt there's much left in the cost structure to kickback to AOL in any amount they can measure.
As discussed many times here the only way to defeat spam is to choke off the money flow to the people that use spam to advertise. There are two ways to stop the flow of money. First is to go after the spammers and advertisers. So far this has proven ineffective.
Is the strategy ineffective or is our execution of the strategy ineffective? We have weak anti-spam laws that do more to enable the practice than to actually put a stop to it. We have standards bodies that can't come up with effective reputation and sender authorization systems, leaving ISPs to invent their own solution (see goodmail). We have transit providers who don't have the guts to de-peer a rouge network who won't clean up what they're transiting.
Second way is to go after the idiots that actually buy stuff from spammers.
Wow. You don't actually think people *buy* real stuff from spammers? And that the spammers are really selling the stuff they're advertising? Ok, maybe the pharma spammers, but the rest of them? Not so much. These people are theves. They steal for a living.
Going back a week in my Junk box, I see pharma spam, penis pill spam, p0rn spam, mortgage spam, 419 spam, and pump-n-dump spam. Exactly what products are being sold in the spam I've gotten in the last week? Of the things in my list that even sound like products (drugs, penis pills, p0rn, and mortgages) none of those are products that need to be sold by cost shifted advertising. If you have to resort to these tactics to see these products, there's something wrong with the products. That's assuming -
Re:Certified delivery of spam
CertifiedMail is here to certify the delivery of spam by the "important" spammers who have the resources to pay for it.
Those who can pay, yes, and also agree to abide by responsible mailing list practices, use only opt-in lists (it doesn't require confirmed opt-in, unfortunately) with working unsubscribe procedures, eschew email harvesting and list sharing, use accurate headers, maintain a low level of complaints... and submit to a background check to show that they aren't spammers.
If they enforce their TOS, it'll be really difficult for spammers to get on their list, and harder for them to stay.
But it's OK to ignore all that, 'cause it doesn't make good copy. It's so much more satisfying to claim that this will only legitimize spam, because, y'know, it's being used by AOL, and AOL is evil. -
My experiences with email sending..
I work for a financial services company who has a clients who are supposed to receive emails from us related to trades. Since I manage our web presence, email deliverability is also my problem.
Here are the places to start:
Free Certification
AOL: http://postmaster.aol.com/whitelist/
Yahoo: http://add.yahoo.com/fast/help/us/mail/cgi_bulkmai l
Verizon: http://www2.verizon.net/micro/whitelist/request_fo rm.asp?id=isp
Reporting
Spamcop: http://www.spamcop.net/w3m?action=ispsignupform
Hotmail: http://postmaster.msn.com/snds/
Senderbase: http://www.senderbase.org/
Email Signing
SPF: http://www.openspf.org/
DomainKeys: http://domainkeys.sourceforge.net/
Paid Certification
Bonded Sender: http://www.bondedsender.com/
Habeas: http://www.habeas.com/
Goodmail: http://www.goodmailsystems.com/
A lot of providers outside the US have many of their own rules and regulations to follow, which makes it quite difficult to achieve deliverability. At the end of the day, we try to follow all the rules that have been laid out from existing companies and then deal with individual providers on a needs basis. The more users that use that ISP, the more we are willing to obey their individual rules.
Unfortunately, I see paid certification becoming the way of the future. If I can pay to guarantee to have my clients email delivered rather then negotiate with ISPs every other week based on their varying criteria, I'm pretty sure my company will pay for it. I don't like it, but results are the bottom line. -
Re:Block SENDERS of paid emails
Yes, block all email from the American Red Cross, including donation receipts.
I wonder how popular that'll be. -
Re:Let's summarise the changes
So that's a net gain of spam.
Depends entirely on what companies get onto the list. According to Goodmail, they'll only certify mailers who stick to opt-in list management. They explicitly prohibit list-sharing, harvesting, etc. The only drawback is that while they require lists to be opt-in, they don't require confirmed opt-in. That could be a potential loophole, but it's still stricter than CAN-SPAM.
Assuming Goodmail does their job correctly, the result is a net decrease in false positives, not a net increase in spam. -
UK Companies Need Not Apply
..likewise new businesses. "In order to meet the strict qualifying criteria, an organization must, among other things:
* have at least one year of business history, as verified by a commercial identity verification service
* have business headquarters located in the United States or Canada"
- Accreditation Criteria
Is this a mistake, or should I contact my MP and a lawyer? -
Much Ado About Nothing
This has been way overhyped and misrepresented.
From http://www.goodmailsystems.com/certifiedmail/
The Facts About CertifiedEmail
* FACT: AOL and Yahoo! are not taxing email.
There is no 'email' tax. A tax is something one is required to pay. Taxes are uniformly imposed charges agreed to by a recognized & responsible government entity. Qualifying senders may elect to use CertifiedEmail at their option, the same way a sender of traditional mail might elect to use Express mail or regular USPS mail. Consumers will not pay anything to send or receive email!
* FACT: Small business and non-profits will not have to pay for something that used to be free.
First of all, no one has to pay. The service is optional. First class email has not suffered with the introduction of priority and Express Mail. With CertifiedEmail there is literally no change in the ability of Internet users to participate however they desire, nor will any user incur any new charges. Optional offerings, such as CertifiedEmail, allow ISPs to provide better and better services to those who choose them, and in turn provide a higher degree of safety to their members.
* FACT: The purpose of CertifiedEmail is to identify "good" mail, not to prevent spam.
Goodmail's goal is to raise the bar on sender behavior so that messages are not second-guessed by filters and instead follow a direct path to the inbox with a visual identification that the message is good. Goodmail has never suggested CertifiedEmail is the silver bullet for all of email's ills, or that it will prevent spam from getting into the inbox.
* FACT: Spammers can not pay to reach AOL and Yahoo! email inboxes.
The Goodmail service will NOT increase the amount of spam consumers receive. CertifiedEmail messages will be delivered only from senders that have obtained prior permission from recipients. CertifiedEmail is only for permissioned email from accredited senders who must meet strict qualifying criteria and agree to Goodmail's Acceptable Use and Security Policy. Qualified, accountable organizations will use the service only to communicate with existing, "opt in" customers.
* FACT: AOL and Yahoo! will not profit from spam and phishing protection.
ISPs currently bear the full burden of addressing the spam problem. The average ISP now spends $8-12 per subscriber per year on email hygiene, an expense that can only hurt the availability of low cost internet access and free email services. While Goodmail does share an appropriate portion of the revenue from CertifiedEmail with the ISPs to help defray the high cost of fighting spam, it is only a fraction of the amount they are already spending to protect their members' inboxes.
* FACT: Goodmail will offer a generous program for non-profits.
Some non-profits, like the American Red Cross, who's brands are targets of online fraud and phishing, will choose CertifiedEmail. Those who have had no issues with fraud and are satisfied with their current practices, will not need the service. Some opponents base their rhetoric on this fear. Be assured, the service is not required to get "good" mail through. Non-profits who see the benefits of the service will be able to try the service for free throughout 2006. Beyond 2006, Goodmail will provide generous discounts to non-profits and price CertifiedEmail as low as possible yet maintain the system's integrity and security.
* FACT: Goodmail and its ISP partners will only allow legitimate, qualified senders t -
Re:Misleading article subject line...
According to Goodmail's qualifications there's a non-refundable $399 fee to apply (which is slashed to $199 for the time being). Very gratious of them, on top of the per-message fee.
-
Re:Did you get that?
Check http://www.goodmailsystems.com/. It's a $199.00 application fee, until July 2006, when it goes up to $399.00. There's no mention on the per-message costs, or at least I didn't manage to find them.
It's pretty much for anyone who runs a mail server. It's more for us administrators, not the end users.
For me, I need to do the application, and pay the per-message rate. Since our mail servers are used for our staff, the per-message rate will need to be absorbed by the company. We can't pass the cost on to the users. -
Why not just use SSL Cert for email instead?
from Goodmail System
http://www.goodmailsystems.com/senders/qualificati ons.php
CertifiedEmail Charter Sender Program Qualifications
To prevent fraudulent use of the CertifiedEmail service, all applicants must meet the highest standards for mailing practices. Goodmail's comprehensive accreditation process confirms a sender's identity and sending domains, ensures that a sender's email programs conform to Goodmail's acceptable use policies as well as compliance with anti-spam legislation. Privileges to use the service are established in accordance with a sender's reputation.
Accreditation Criteria
In order to meet the strict qualifying criteria, an organization must, among other things:
* have at least 1 year of business history, as verified by a commercial identity verification service
* have business headquarters located in the United States or Canada
* transmit messages from dedicated IP addresses, even if sending email through an email service provider (ESP), and must have at least a 6 month mailing history from that IP
* have a sending history which indicates that the complaint rates associated with their IP addresses are among the lowest of senders transmitting to Goodmail's ISP partners
* be able to comply with Goodmail's Acceptable Use and Security Policy and agree to the Token Purchase Agreement
If you are interested in participating in the CertifiedEmail Charter Program, you must apply for and successfully complete Goodmail's accreditation process. Initially, the Charter Program's enrollment will be restricted to a limited group. It is possible to pass accreditation but be ineligible for the limited charter program. In that case, an organization's accreditation application will be considered when the system is open to broader commercial availability. The Charter Program will be limited to brands that are well regarded by most consumers or small businesses.
The accreditation application processing fee is regularly $399.00. A special charter price of $199.00 will apply to all applications submitted by July 31, 2006. This fee is non-refundable. Please review the accreditation criteria above before beginning your application.
Why not enforce usage of SSL Cert for email??? Can it be true that AOL is just that stupid? So AOL actually think that spammers can be detered by using Goodmail? So now, AOL users can only recieved spams from ESP legitimate network spambots and "trusted" network. Soon, AOL users will only be able to send and recieve emails among themselves. AOL will need to change their name to "Among Only Losers" ...