Interesting tips re: email authentication (a free, built-in feature in MailChimp) and how it affects your deliverability:

Deliverability and Authentication:

1. “If your mail is not authenticated, it will go through more filtering,” said Ken Takahashi of Return Path. “If you want less filtering criteria, get authenticated.”
2. “We’re going to get to the point very soon where ISPs will just dump the mail if it’s not authenticated,” said David Daniels of JupiterResearch. He added, “Deliverability is usually the marketer’s fault. It’s your own list.” When choosing an ESP, marketers should put more emphasis on the ESP’s sender reputation than their deliverability.
3. Email marketers should key code their [email address acquisition] data sources and invest in those that perform, said Takahashi. “Grade your partners on the quality of data they give you, not just the volume.”
4. “A clean IP starts with a negative reputation,” said Matt Elliott of Listrak. So you’re better off rehabilitating your reputation.

But most ISPs have not gone so far as to block non-authenticated emails…

Instead, ISPs mostly just mark non-authenticated emails with some kind of “caution” icon like this:

YahooMail, on the other hand, takes the opposite approach. They give an “approved” icon for emails that are authenticated:

Gmail seems to be taking that first step towards actually BLOCKING non-authenticated email. According to this article at ZDNet, emails claiming to be from eBay or PayPal will be totally rejected if they aren’t authenticated.  It’s a nice first step towards actually using authentication to outright block scammers and spammers. Of course spammers will just think of some way to game this system (like they always do), but kudos to Gmail nonetheless.

Here’s an interesting quote I pulled from the article, from the Authentication and Online Trust Alliance (MailChimp is a member of the AOTA):

“Over 700 million mailboxes are now protected by email authentication thanks to adoption by leading ISPs including AOL, Bell Canada, GoDaddy.com, Google (Gmail), Microsoft (Windows Live Hotmail), and Yahoo!. However, there is considerable room for improvement in the adoption rate amongst all ISPs. As a best practice, ISPs are encouraged to begin to delete or block email which fails authentication, rather than placing it in bulk or junk email folders where consumers remain at risk of disregarding warnings and opening the email.”

To learn more about how you can authenticate your email marketing campaigns in MailChimp, see http://www.mailchimp.com/authentication/

I stumbled upon a pretty interesting piece of spam this morning (click thumbnail to zoom in—I censored the naughty stuff). It was a perfectly legit HTML email newsletter that a spammer stole from Men’s Health. They took the Men’s Health logo, design, code, and content, and left it all intact. Then they just replaced the lead story with their own “pharmaceutical” promotion. They even threw in an eye-catching thumbnail. Scary.

On the surface, it was pretty smart. A spammy piece of parasite content hiding inside of lots of “real” content. Surely, the spammer was banking on the fact that Men’s Health probably invested lots of time and energy in creating a newsletter that would “get past the spam filters.” Also, they used a publication that sends slightly racy content anyway, so inserting their spammy stuff wouldn’t really raise any red flags.

In the end, my spam filter still caught it. The spammer used “known-spammer” domains throughout the message. And despite the sophistication of the message itself, the subject line and “from” seemed like run-of-the-mill amateur spam. But this is a sign of things to come.

Just like how every email address in the universe has been spoofed by now, your HTML email newsletters will inevitably be spoofed as well.

If you’re a legit email marketer, one way to protect your newsletter’s “identity” is by authenticating all of your email marketing. An authenticated email basically contains a secret little piece of code that says, “this email is not a forgery.” Authentication is getting adopted by more and more ISPs, so it’s something you should be thinking about now. ISPs have already begun marking authenticated emails with little “verified” icons and stuff like that. But ISPs are suggesting that soon, they’ll outright block non-authenticated emails.

Here’s how to authenticate your campaigns in MailChimp (it’s free, and all it takes is one click).