Tips for ensuring e-mail privacy, deliverability

By Published on .

The U.S. Commerce Department in coming months is expected to lead a project to create an Internet identification for Americans. Called the National Strategy for Trusted Identities in Cyberspace, the first draft was released last June and calls for an “identity ecosystem” where all things digital would be authenticated, including e-mails received and sent in the business world. Until such authentication is in place, however, it's up to individual companies to help keep customers and prospects safe and ensure their privacy.

Tom Sather, director of professional services for e-mail certification and scoring provider ReturnPath, provided these three tips—based on the report “The Grande Guide to E-mail Deliverability & Privacy,” sponsored by e-mail service provider Eloqua—to help get you started.

  1. Give a disclosure statement at the point of e-mail address collection. Customers need to know what they will be receiving, how you're using their e-mail information and how often they will receive messages, so they are never blindsided, Sather said. When someone signs up for your list, they should receive a very visible disclosure. Don't bury it in the footer of your e-mail or at the bottom of your website, he said. “It's all about subscriber perception,” he said. Make sure another disclosure goes out to everyone on your list whenever you update the policy as well, he added.
  2. Educate list members about phishing. Phishing has long been a problem for financial companies, but recently there has been an increasing number of phishing attacks on standard marketers, Sather said. “In order to get people to click through to their links, spammers have been taking legitimate newsletters, swapping out the original links and inserting their own,” he said. It's up to every marketer to educate recipients that this is going on and help them distinguish exactly what a “typical” e-mail from their company looks like, he said. This starts with standardizing templates and should also include removing log-in links or applications running within your messaging. “PayPal has great subscriber education to train its users to recognize legitimate e-mails from them,” he said.
  3. Authenticate e-mails. There are two commonly used authentication standards: DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF). SPF lets users specify e-mail servers from which all of their e-mail will be originating. That policy is then made public so recipient e-mail servers and ISPs can check that the sending server matches the previously specified server. DKIM adds a digital signature based on public key cryptology—a special code—to every message that goes out, associating the signature with the domain name. Using these standards, e-mails that are purportedly from your organization but don't pass authentication should be blocked before they hit a prospect or customer's inbox, Sather said. “This helps marketers avoid brand erosion,” he said.
Most Popular
In this article: