Goodmail Systems Frequently Asked Questions

Goodmail's mission is to restore trust in email. Because of widespread abuse - spam and phishing - consumers can no longer trust a message is authentic or that a sender is legitimate. Large senders, for their part, cannot trust that their email will be delivered, or rendered as designed. Similarly, ISPs and mailbox providers cannot trust that their various technologies will continue to adequately filter out bad email. As such, trust in email has significantly eroded.

By creating and administering a special class of trusted email, Goodmail offers a solution that addresses the breakdown in trust - and in usability - that has affected consumers, senders, and mailbox providers. By specially marking authentic email messages from verified senders, Goodmail offers a system which identifies the known good email messages. This class of email, called CertifiedEmail, is the natural complement to existing technologies which filter out bad email.

CertifiedEmail is a special class of email that is available to consumers in the email systems they already use, as well as to commercial and non-profits via the sending technologies and services they already have in place. Individual outgoing email messages from verified senders are specially imprinted with secure "tokens" that identify a CertifiedEmail. Participating ISPs and mailbox providers automatically look for these verified email messages, route them past spam filters, and fully render them in consumers' inboxes with a special blue-ribbon envelope icon . This icon signifies that a message is safe to open and act upon. For more information about how the CertifiedEmail service works, refer to the How CertifiedEmail Works page.

To send CertifiedEmail, a commercial or non-profit sender must qualify by meeting three conditions:

• First, senders must adhere to best practices, such as providing a transparent mechanism for consumers to opt-in or -out of email subscription lists.
• Second, their complaint rates must be among the lowest in the industry, as verified by the records of consumer reports obtained from partner ISPs and mailbox providers.
• Third, they must use CertifiedEmail only in communications where a prior customer relationship exists or where customers have opted in to communications. No unsolicited email can be sent via CertifiedEmail. A complete list of qualifications for senders can be found at our Qualifications Page
  
  

When a consumer receives a CertifiedEmail message, he or she can be assured of three things.

• The message is authentic: it is from the sender it purports to be.
• The sender of the message is legitimate, and has been verified by Goodmail as the true owner of the brand being presented.
• The consumer has an existing relationship with this sender, whether because of opting-in to the sender's email (such as a newsletter the consumer has requested) or being an existing customer (for example, having made a purchase that would trigger payment confirmation).

Together, what these three things mean to the consumer is that a CertifiedEmail message is safe to read and may also be responded to safely. Consumers can trust this system. Click here to visit the CertifiedEmail.net consumer site

CertifiedEmail is paid for by commercial volume senders who have become accredited by Goodmail, and who seek the many benefits of CertifiedEmail. Accreditation is the process by which Goodmail examines a potential CertifiedEmail sender's legitimacy, practices, and complaint rates. Senders must be accredited before they can send CertifiedEmail. Once they have been accredited, tsenders and pay a fraction of a penny to Goodmail for each CertifiedEmail. Individual recipients never pay for CertifiedEmail.

CertifiedEmail is designed for volume senders - commercial and non-profit entities sending at least 50,000 opt-in email messages per month. Individual consumer senders have no need to send CertifiedEmail, since typically it is only known brands that are "spoofed" in phishing attacks designed to defraud consumers. Furthermore, the problems that volume senders encounter - undelivered messages, blocked images and links - are typically not encountered by individual senders.

As a result of spam and phishing attacks, ISPs and mailbox providers have implemented various technologies that seek to eliminate bad email. Content and volume filters (a.k.a. "spam filters") can accidentally filter out up to 20% of a legitimate sender's opt-in email. This is why consumers sometimes find a desired message to be accidentally missing or filed in the "junk" folder. Another anti-fraud mechanism that many ISPs and mailbox providers have put in place is default image and link blocking, where a message is presented to a consumer with the images removed and site links disabled. Since these links and images can be the very means used by phishers and other bad actors to steal personal information or defraud consumers, blocking links and images is an important security measure in email of unknown legitimacy.

By choosing to send their email via CertifiedEmail, qualified senders obtain trusted class privileges. These are special privileges that ISPs and mailbox providers bestow upon trusted class email. Senders' prior accreditation, and their emails' tokenized status, assure these ISPs and mailbox providers that the CertifiedEmail being delivered is safe and legitimate. Some of the main privileges and benefits to senders in using CertifiedEmail:

• Automatic delivery of 100% of their email past spam, content and volume filters;
• Images and links are visible and active by default
• Resentation of email with the special blue ribbon envelope icon , signaling message safety to their customers and readers.
• Senders have no restrictions on copy (text within the message) and do not have to avoid certain words to ensure that a message isn't trapped by a content filter.
• Senders receive per-message delivery reports. These reports are reliable, based on token redemption at the ISP or mailbox provider, as opposed to unreliable tracking beacons designed into the body of the email.
  
  

For many financial institutions, healthcare companies, utilities, and non-profit organizations, the breakdown in trust in email has meant that they have been unable to use email to deliver critical documents such as account statements, bills, and fundraising solicitation, because consumers can't trust those messages. CertifiedEmail provides a mechanism for these senders to convert paper documents, which cost a dollar or more per document to print and deliver, to electronic communications costing a fraction of a penny each. In addition, the return on investment (ROI) is extremely compelling. For companies doing business online - retail, travel, e-commerce - the guaranteed ability to have their links and images rendered has itself resulted in 25% - 35% improvement in email marketing metrics, such as click through rates and revenue per email. Consumer product makers and other brand marketers also achieve real benefit from ensuring that their brands are presented correctly through email. All of these types of customers, and many others, are experiencing ROIs of 300% and up. To see how some of our customers have succeeded with CertifiedEmail, please see our Case Studies page.

Yes. Goodmail offers qualifying non-profits an 80% discount off the standard CertifiedEmail price of one quarter penny per CertifiedEmail token for commercial senders, or one twentieth of a penny per CertifiedEmail token. Qualifying non-profits must be Goodmail accredited senders who can verify 501(c)(3) status.

Consumers who maintain email addresses with participating ISPs and mailbox providers will automatically see CertifiedEmail in their inboxes from any senders who send via CertifiedEmail. They do not have to do anything to receive CertifiedEmail. See the list of participating ISPs and mailbox providers.Consumers can also request that particular companies they do business with send email via CertifiedEmail by contacting Goodmail and Goodmail will let the company know. Click here to visit the CertifiedEmail.net consumer site

CertifiedEmail is the only class of trusted email supported by multiple ISPs and mailbox providers. These partners have implemented proprietary technology within their networks that assures CertifiedEmail's integrity. When a message with a cryptographically secure CertifiedEmail token is received by a partner's email servers, software first validates the token before treating the email as a CertifiedEmail. Once validated, the CertifiedEmail is presented with a special blue ribbon envelope icon . This icon is displayed in the browser interface, not in the email message. Consumers will first see the icon in their inbox message list view, in line with icons which represent regular email. The second place consumers will see the icon is when the open the message, in the interface surrounding the email message itself. These two areas - the inbox list view, and the window display surrounding the message - are non-spoofable regions of the email client interface. While different ISP and mailbox partners may use slightly different treatments of the CertifiedEmail icon, the icon will always be a blue ribbon envelope icon, and the word "Certified" will always appear surrounding the message once it has been opened. Click here to visit the CertifiedEmail.net consumer site

Once a sender is accredited and begins sending via CertifiedEmail, their email practices, including consumer compliant rates, are automatically monitored by Goodmail's systems. Senders must maintain the same email standards, including maintaining best email practices and the industry's lowest complaint rates. Of course, since CertifiedEmail is only for opt-in email, CertifiedEmail can never be sent to a consumer who has not previously specifically opted in for email from that sender or purchased something from that sender. The standards CertifiedEmail senders must adhere to are described in Goodmail's Acceptable Use Policy, which contractually binds all CertifiedEmail senders.

No. In enabling the sending of CertifiedEmail, Goodmail does not receive message content or recipient addresses. When an outgoing CertifiedEmail message is sent, the Goodmail Imprinter software (located in the sender's infrastructure) generates a Secure Hash Algorithm (SHA-1) hash of the message, and requests a CertifiedEmail token from the Goodmail Generator. Goodmail only obtains a CertifiedEmail recipient's email address if the recipient submits a complaint or unsubscribe request in response to a CertifiedEmail message. This information is used to track recipient feedback and inform the sender as to which recipient is submitting the unsubscribe request. Click here to visit our privacy policy page

After the Goodmail Imprinter forwards a unique SHA-1 hash of the email message to the Goodmail Generator, and obtains a unique cryptographically secure token for that message, the Imprinter inserts this token in an x-header within the email message. CertifiedEmail tokens are created and validated on a message-by-message basis. The Goodmail software used by a participating mailbox provider that recognizes Goodmail's CertifiedEmail does not check or analyze the email message being sent to determine its content, its sender or its addressee. The software checks only for the presence of a valid Goodmail token on a specific message.

Authentication protocols provide an important component technology, but do not provide the comprehensive solution of a class of trusted email like CertifiedEmail. Authentication protocols provide a means for ensuring that a message associated with a specific domain name is actually from that domain, but offer no assurance as to the identity of the sender behind that domain, or the legitimacy of that sender. It is possible to obtain authenticated spam or authenticated phishing attacks - for example, an email could be sent "authentically" from the "Cittibank.com" domain, but this sender is still distinct from the actual Citibank, and therefore the email is fraudulent. Goodmail supports the use of DomainKeys Identified Mail (DKIM) by all senders as a baseline measure. However, CertifiedEmail goes much further, actually providing a solution for assuring consumers not only of domain authenticity, but also of message authenticity and sender legitimacy. The CertifiedEmail system includes sender accreditation, secure tracking of individual messages, monitoring of sending volume, and ongoing compliance monitoring of a sender's behavior - these features are not available in mere authentication protocols, and they are features which in sum enable trusted-class email.