How much Goodmail is

By Larry Seltzer  |  Posted 2007-02-01 Print this article Print

going on?"> I also checked in with the American Red Cross, which was famously used by both sides as an example in last years Goodmail Flame Wars. Goodmail set up preferential treatment for nonprofits (it turned out to be cheap as opposed to free) and told me recently, as part of the earlier statement about over 300 sending brands using CertifiedEmail, that "[w]e also have a number of nonprofits, such as American Red Cross, Americans for the Arts, Lukemia and Lymphoma Society, and National Center for Missing and Exploited Children, and approximately 80 governmental agencies, ranging from municipal organizations up to federal agencies." When I spoke to the American Red Cross they said that they had been working on setting up Goodmail (not a simple process) and were almost ready to start, but hadnt in fact done so.

My final test was my sister, a heavy AOL user, who tells me that she hasnt seen anything that sounds like "CertifiedEmail." It could just be that she doesnt use the right brands, or perhaps she just hasnt noticed the CertifiedEmail stuff. But shes smart and observant and I would think shed remember it, especially in as much as its designed to be noticed. More likely, there isnt a whole lot of CertifiedEmail out there yet.

Goodmail does claim that by the end of this quarter (March 31, I assume) at least 90 percent of AOLs 22 million users should have seen a CertifiedEmail. Im skeptical, especially since the only bank I see in its list of brands is KeyBank—banks were supposed to be the perfect CertifiedEmail customers. I suspect the problems are similar to the Red Cross: Setting up Goodmail on a large e-mail list is not a trivial task—nor should it be—and the real volume is probably not far away.

So it may be too early to judge Goodmail completely, but I still argue that the absence of any evidence of the catastrophe predicted by the DearAOL crowd shows that it was just bad science fiction to begin with.

The clearest response I got was from Danny OBrien, activism coordinator at the EFF, who agrees its too early to draw conclusions. He points out, as I had realized on my own, that AOLs business model underwent a revenue transplant over the last year. He argues that as subscription revenues decline, AOL will be more and more tempted to get what it can out of other sources like Goodmail, especially if Goodmail is successful. Its still speculative, but its a better argument than they had last year.

OBrien worries generally about the point "where Goodmail [or other for-pay certification systems that share with the ISP] starts picking up smaller, commodity ISPs and it becomes collectively harder for senders [to] object to the idea of switching to a pay service."

According to RSAs annual Consumer Online Fraud Survey, consumers are more afraid than ever before that e-commerce and online banking is putting their data at risk. Click here to read more.

OBrien shouldnt worry so much. A major part of the Goodmail value proposition is that CertifiedEmail messages appear markedly different from uncertified messages in the client. AOL and Yahoo can do this, as can others with a proprietary mail client, such as GMail. But the typical ISP account that uses SMTP and POP3 and where the user is probably using one of a dozen versions of Outlook or Outlook Express, or perhaps a Mac or Eudora or any of numerous other potential e-mail clients, has no easy mechanism for delivering the software changes to make this possible. Those users are no better-served by Goodmail than by more conventional accreditation services like Habeas. This difference also helps to explain why it makes sense for Goodmail to share revenue with its clients.

Im still bullish on accreditation and Goodmail, although changes to e-mail do seem to take frustratingly long times. There are plenty of open- and standards-based efforts in this area and related ones, such as the Domain Assurance Council, which is attempting to standardize access to reputation services.

And in the very long term I think that e-mail is the wrong venue for opt-in communications anyway. The sooner all that moves to RSS, which is a pull system from which users can unsubscribe when they wish, the better.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog. More from Larry Seltzer

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel