Few issues concern my professional life more than the waning confidence and trust in electronic mail. Regardless of how much I might wish to spend my time focused on other aspects of online communication, the reality that spam, phishing, and mal-ware pose to the trust and confidence that users place in email continues to preoccupy me. How long will it be before consumers of electronic mail realize that if email can’t be trusted, then perhaps it shouldn’t be used?
This past week the AOTA held its annual Authentication and Online Trust Summit in Boston, MA. Events like this are important because they provide a venue where like-minded people can be reminded of the scope of the problem we are facing. We’re also informed of the success (or failure depending upon your view) of our attempts to meet these challenges. Finally, we’re able to recharge each other’s batteries for the on-going battle.
Now, it’s not all bad news. Although the bad-guys never seem to sleep there are those in the online safety community who are equally tired. One need look no further than the AOTA’s recitation of the millions of email domains (and counting) protected today by authentication techniques such as Sender-ID and, increasingly, DKIM.
At the AOTA summit in Boston, I was honored to accept the first Online Safety Leadership Award on behalf of the employees of Alt-N Technologies for work in the early adoption and deployment of email authentication technology. On behalf of all small businesses everywhere, I reminded the audience that it isn’t just the Fortune 500 who care about the illicit use of their domains and wish to protect their users from email-borne abuse. Those concerns do not depend on the size of a business.
Receiving this award was very meaningful for us. It’s difficult to put into words the feeling that a small entity like Alt-N has when so honored by corporations the size of the known universe. It’s very humbling and honoring and should remind us that even contributions from small companies can make a difference.
Another great thing about events such as the AOTA summit is that it affords smaller, more focused groups an opportunity to find some time alone in which to transact their concerns. Such was the case for DAC (the Domain Assurance Council) which held a dinner to both socialize and discuss progress made over the past months. This group is focused on addressing a specific portion of the “what can we do with authenticated email” question and revolves around attempts to standardize access to email certification and reputation services. I’m fortunate and honored to be in a place where I’m allowed to help with the technical development of these concepts while at the same time guide Alt-N into serving as an encouragement for others by demonstrating that these concepts can be put into practice. We are about to prove with MDaemon 9.60 and our email certification project that the ideas of DAC do work.
So, in conclusion, events like the AOTA summit increase my optimism concerning our ability to deal with the threats to user confidence and trust in email. As long as we are dealing with the issues we will make progress.