Re: [mailop] mailop Digest, Vol 121, Issue 9

2017-11-02 Thread Jacob Hansen via mailop 
I can say that after digging into DMARC with numerous marketers that work
with our delivery team, sometimes getting past that barrier of creating a
p=none DMARC policy helps so much in moving to enforcement. I personally
like the push for a required DMARC policy. Yes, a false sense of security
at its initial stage but sometimes that first push helps to make the next
step (enforcement) happen faster.

*Jacob Hansen*
Senior Delivery Consultant | Expert Services
jacob.han...@sendgrid.com

On Thu, Nov 2, 2017 at 6:53 AM,  wrote:

> Send mailop mailing list submissions to
> mailop@mailop.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
> or, via email, send a message with subject or body 'help' to
> mailop-requ...@mailop.org
>
> You can reach the person managing the list at
> mailop-ow...@mailop.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of mailop digest..."
>
>
> Today's Topics:
>
>1. Re: About the Certified Senders Alliance (Tobias Herkula)
>2. Re: About the Certified Senders Alliance (Alexander Zeh)
>
>
> --
>
> Message: 1
> Date: Thu, 2 Nov 2017 12:53:56 +
> From: Tobias Herkula 
> To: David Hofstee 
> Cc: "mailop@mailop.org" 
> Subject: Re: [mailop] About the Certified Senders Alliance
> Message-ID:
>  eurprd02.prod.outlook.com>
>
> Content-Type: text/plain; charset="Windows-1252"
>
> By forcing Domain Alignment you would inevitably sacrifice the ability to
> send marketing mails for a huge amount of mom-and-pop shops. Even destroy
> the business model of a couple of ESPs. I don't argue against it, on my
> platform here, we even go the next step and try to force our customers to
> even hide the used subdomain (5321.From == t.example.com | 5322.From ==
> example.com) signed by example.com and our own domain. But we do this out
> of data protection reasoning, we simply don't want to handle "answers" of
> recipients.
>
> I also think that even if you are a mom-and-pop shop you should get your
> own domain and not using gmail.com or whatever as your primary business
> contact. But we are not there yet and pushing to hard on this change would
> simply engage an even bigger unwillingness to change the status quo.
>
> The CSA requirements are being reevaluated every year and if the ISP
> representatives in the CSA counsel think it's time to tighten the rules it
> will happen. From my personal experience, they lag the ability to do an
> ongoing vetting of their members and it often hurts to see competitors not
> getting punished for obvious violations. But they bring something to the
> table that helps to clean up a lot of communication problems an ESP
> normally faces on the day to day operations.
>
> PS: i will bring the domain alignment issue as topic to the discussion for
> adding that as an requirement for the next iteration of the CSA rules...
>
> Kind regards,
>
> Tobias Herkula
> --
> optivo GmbH
> Product Management (Infrastructure)
> 
> From: David Hofstee 
> Sent: Thursday, November 2, 2017 13:33
> To: Tobias Herkula
> Cc: mailop@mailop.org
> Subject: Re: [mailop] About the Certified Senders Alliance
>
> Hi Tobias,
>
> > I'm working for an ESP who is member of the CSA and ECO and I'm one of
> the biggest contender on the authentication requirements front, I don't
> think that DMARC is an ESP responsibility, but think that an ESP should
> provide everything necessary so that a Brand can use DMARC.
> So you agree with me? Good.
>
> > By forcing the ESP community of CSA to implement DMARC we would not help
> our customers, we would simply give them a false feeling of having done
> something, that does not solves the underlying problem.
> I did not say DMARC. I said DMARC-type authentication (SPF and DKIM
> aligned to sender domain). I specifically made that distinction because I
> agree that requiring (a) DMARC (policy) is not our job.
>
> That said: As an ESP you are not required to support DKIM and SPF aligned
> to the sender domain according to the CSA. Therefore an ESP could become a
> member and their customers may not be able to follow the advise to
> implement DMARC (as given in the guidelines, paragraph 3.10).
>
> Yours,
>
>
> David
>
> On 2 November 2017 at 13:00, Tobias Herkula  mailto:tobias.herk...@optivo.com>> wrote:
> I'm working for an ESP who is member of the CSA and ECO and I'm one of the
> biggest contender on the authentication requirements front, I don't think
> that DMARC is an ESP responsibility, but think that an ESP should provide
> everything necessary so that a Brand can use

Re: [mailop] mailop Digest, Vol 119, Issue 42

2017-09-20 Thread Jacob Hansen via mailop 
Brandon,

The cost we've seen with that affiliate "forced co-registration" is when
the affiliate business are under an overarching "OEM" or organizer of the
brands and subsequent "ads" also placed in the message when common links,
image hosting or headers/footers are used. Even though the "FROM" and
authentication changes, sometimes it's the root brand that allows co-reg
brands within their mail that gets dinged for being guilty by overlapping
fingerprints and it may be bad enough to affect some of the transactional
mail of the root good sender.

Then, I guess the cost to the consumer may not get the wanted mail by
marketers slipping down this slope and gray area of transactional/marketing
overlap. Totally the fault of the marketer obviously but it's crazy how
many marketers don't know all the factors by which they get judged for
inboxing and don't know how much to separate themselves from negative
reputation elements.

I don't have any exact brand examples we've seen in recent weeks but
previously these were job sites, daily deals and, of course, financial
"advice" brands that ran into these issues. Most of which don't last long
with SendGrid.

*Jacob Hansen*
Senior Delivery Consultant | Expert Services
jacob.han...@sendgrid.com

On Wed, Sep 20, 2017 at 10:15 AM,  wrote:

> Send mailop mailing list submissions to
> mailop@mailop.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
> or, via email, send a message with subject or body 'help' to
> mailop-requ...@mailop.org
>
> You can reach the person managing the list at
> mailop-ow...@mailop.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of mailop digest..."
>
>
> Today's Topics:
>
>1. Re: DMARC reports not received from Google (Brandon Long)
>2. Re: Contact Cloudmark ? (Brandon Long)
>3. Re: DMARC reports not received from Google (Bressier Simon)
>4. Re: DMARC reports not received from Google (Vladimir Dubrovin)
>
>
> --
>
> Message: 1
> Date: Wed, 20 Sep 2017 08:57:06 -0700
> From: Brandon Long 
> To: "Ken O'Driscoll" 
> Cc: mailop 
> Subject: Re: [mailop] DMARC reports not received from Google
> Message-ID:
>