1 / 31

Email Permission Keys

Email Permission Keys. Adrian E. McElligott. What email have you lost today?. -------------------------------------------- What email has your Spam filter lost today?. Are spam filter false positives a problem?. … “Sure email communication is unreliable – get over it.”

edward-cleveland
Download Presentation

Email Permission Keys

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Email Permission Keys Adrian E. McElligott

  2. What email have you lost today? --------------------------------------------What email has your Spam filter lost today?

  3. Are spam filter false positives a problem? … “Sure email communication is unreliable – get over it.” But what if we could avoid the… • frustration • time wasted • user support costs • lost of disenfranchised users • the cost of the lost messages themselves? what if, as Spam filter providers, we could avoid the… • professional embarrassment • humiliation • Damage to our brand and reputation, of having our filters mistake’s highlighted to our users?

  4. First Contact Replies Solicited Bulk Email Types of Lost Messages • Least Likely to be discovered and manually recovered. • Often brings new business • Injury to user is great. • Easiest lost message to avoid • Fear of this type of lost message is the most common reason for a user to frequent their Spam folder. • Often incorrectly reported as Spam • Damages user conference in their spam filter • Annoying, disenfranchising

  5. The real cost of lost messages • Lost messages erode the value of a Spam Filter. • Exposing a user to spam in their junk folder is still exposing the user to Spam. • If the user is routinely checking their junk folder then the filter is of diminished value. New Term: Lost Message Rate

  6. Introducing Email Permission Keys • Email Permission Keys (EPK) - are a unique key that is embedded in an email address in such a way that it is likely to be retained during normal use, and is therefore available to be extracted at a later date when that email address is used to send a message back to the original user. • works with the existing Internet infrastructure • requires no modification to existing third party processes

  7. What do Email Permission Keys look like? • unique code or key that is embedded in to an email address • embedded in such a way that it is likely to be retained during normal use of that address • works with the existing Internet infrastructure • requires no modification to existing third party processes joHN.SmiTH@eXamPLE.Com joHN.SmiTH+12345@eXamPLE.Com john.smith+12345@example.com "John Smith (joHN.SmiTH@eXamPLE.Com)" joHN.SmiTH@eXamPLE.Com "John Smith -12345" <john.smith@example.com>

  8. CaseKeys Hybrid combinations DisplayName Addressing Plus Addressing Key(Binary Code) Types of Permission Keys

  9. Types of Permission Keys- Tagged Addressing • Tagged Addressing, (Plus or Minus Addressing) is appending a key to the local part of an email address via standard tagged addressing. • most appropriate for ‘typed-in addresses’ – business cards, off-line advertising etc. • A typical Plus Addressing key may look something like this: john.smith+12345@example.com where 12345 is the key.

  10. Types of Permission Keys- CaseKeys • CaseKeys are a type of email permission key that use the CAsE of the LeTTerS that make up an email address to embed a unique key into every instance of that email address. • A typical CaseKey might look like this: joHN.SmiTH@eXamPLE.Com

  11. Types of Permission Keys- Display Name Addressing (DNA) • A “Display Name Addressing” Key, is a type of email permission key that appends or encodes a unique key within the Display Name portion of the email address. • A typical display name key may look something like this: "John Smith -12345" <john.smith@example.com>where 12345 is the key.

  12. Types of Permission Keys- DNA/CaseKey Hybrid • A DNA/CaseKey Hybrid key is a DNA key with a CaseKeyed representation of the protected user’s email address included in both the Display Name part of the email address and the “addr-spec address” - it is used in outgoing messages when tagged addressing is not supported. • It may look like this – "John Smith (joHN.SmiTH@eXamPLE.Com)" joHN.SmiTH@eXamPLE.Com • typically automatically inserted in to all instances of the protected user’s email address in all out-going messages.

  13. Types of Permission Keys- Tagged Addressing/CaseKey Hybrid • is a combination of the Plus Addressing and CaseKey methods. • It is essentially a Tagged Addressing Key that has been CaseKey encoded. It may look like this – joHN.SmiTH -12345@eXamPLE.Com • typically manually issued to a user via a user interface for use on web forms

  14. Permission Key Issuing Facilities • New Permission Keys are randomly generated and issued from a key issuing facility • There are three different types of key issuing facilities, each capable of issuing different forms of keys, and each positioned to reduce one or more types of false positives

  15. Who When Identify IssuingEvent How How Email Permission Keys Work The email addressof the recipient,or where the keywas published The type of issuing facilitythat originally issued the key The time that the key was issued

  16. How Email Permission Keys Help • Match an incoming email with an email issuing event • Identify messages mistaken for spam • Improves User Confidence in their Spam Filter

  17. How Email Permission Keys help user feedbackdependant filters • Provides automated “is not spam” feed back to the filter. • Reduces User Trust Oscillation.

  18. How Email Permission Keys Help DNSBL Filters In systems that use DNSBL • Permission Keys allow the use of a more aggressive list criterion thereby maximizing the proportion of messages that can be blocked at the SMTP Gateway. • Permission Keys in either the SMTP envelop or the message headers can be used to identify legitimate messages before the entire message has been read from the wire.

  19. Why they will use it Email Permission Keys provide significant benefits to the end user, which include: • Dramatically reducing a users exposure to spam. • Reclaiming time that is currently lost by the user reviewing their Spam folder and looking for lost messages. • Restoring confidence, alleviating fear, frustration and spam related stress. • Optionally the user can be alerted each time that a lost message is found – reassuring the user that the system is working and maintaining the perceived value of the system form a user’s perspective.

  20. Client Side Outbound Message Key Insertion Function Spam Folder Monitoring Module Server Side Key Issuing Facility AJAX Web Service UI for manual issuing Key Custodian API GetKey IsValidKey InvalidateKey Access authentication  Key Generation Key Storage & Retrieval  Reporting Email Permission KeysSystem Components

  21. Dynamic Web<mailto>tags CorporateSpam Filters ISPNetworkFilters DesktopSpam Filters End UserInterface & Support The Global KeyCustodian Introducing the Global Key Custodian

  22. Business Model • Perhaps the most significant benefit of an Email Permission Keys enabled system, is that it provides additional identifiable value to the end user – which can be used to generate an addition revenue stream to the service provider.

  23. Business ModelMonetization • Revenue Sharing, (Subscription / Advertising sponsored) • Increase Subscriptions • Increased user loyalty • Premium service There are a number of different models available to monetize the additional value that Email Permission Keys provide.

  24. Dynamic Web<mailto>tags CorporateSpam Filters ISPNetworkFilters DesktopSpam Filters End UserInterface & Support The Global KeyCustodian Business ModelUrgency For example, if a desktop filter provider implements email permission keys in their filter, and then at a later date the ISP implements email permission keys in their Network filter, then while each instance would respect and use each others keys, the providers revenue share would go to the desktop provider – as they were the first to issue a key for that user. Under our revenue sharing model, once an email address has been associated to a service provide then it can’t be changed.

  25. What is lost email costing you? • Problems that result from lost messages • Unreliable communication • Misunderstandings • Damage to reputation / brand • Lost opportunities • Lost time • Exposure to spam What would it be worth to your users to solve these problems?

  26. What email have you lost today?

  27. Thank You! www.geobytes.com

  28. The advantage of CaseKeys over just white listing outbound recipients • You can expire Email Permission Keys, and while you can blacklist an email address you can’t issue the compromised user a new email address. • Email Permission Keys embed the key in the senders address, which propagates when the message is forwarded to a third user. • Many users have multiple addresses feeding to the same inbox, so a reply may come from a different email address. • Email Permission Key can validate the legitimacy of “First Contact” and “News Letter” messages.

  29. How does this reduce spam? • Whenever a user has to check their Spam folder, then they are still being exposed to all of their Spam - only the folder name is different. • CaseKeys may well be the difference between a system that users trust and one that they don't - the difference between exposure to all of the Spam, or no Spam.

  30. Q. Does publishing a keyed email address result in Spam being falsely white listed? • Keys that are published on web pages are set to auto expire. • In the event that a Key does fall in to the wrong hands and did result in a False Negative, then the user clicking “Is Spam” would invalidate the Key.

  31. New TermLost Message Rate (LMR) • Is the percentage of legitimate messages that are mistaken for Spam. Traditionally the industry has used the statistical term “false positive” which does not truly reflect the proportion of legitimate messages that the filter is loosing.

More Related