Goodmail Systems Frequently Asked Questions

Our mission is to restore trust in email. Because of widespread abuse — spam and phishing — consumers can no longer trust that a message is authentic or that a sender is legitimate. Large senders, for their part, have lost trust that their email will be delivered or that it will be rendered as designed. Similarly, ISPs and mailbox providers cannot trust that their various technologies will continue to adequately filter out bad email. As such, trust in email has significantly eroded. Goodmail is restoring trust in email.

By creating and administering a special class of trusted email, Goodmail offers a solution that addresses the breakdown in trust — and in usability — that has affected consumers, senders, and mailbox providers. By specially marking authentic email messages from verified senders, the Goodmail system identifies known good email messages. This class of email, called CertifiedEmail, is the natural complement to existing technologies that filter out bad email.

CertifiedEmail is a special class of email that is available to consumers in the email systems they already use, as well as to commercial entities and non-profits via the sending technologies and services they already have in place. Individual outgoing email messages from verified senders are specially imprinted with secure "tokens" that identify a CertifiedEmail. Participating ISPs and mailbox providers automatically look for these verified email messages, route them past spam filters, and fully render them in consumers' inboxes with Goodmail’s exclusive . CertifiedEmail Blue Trust Seal. This icon signifies that a message is safe and secure. For more information about how the CertifiedEmail service works, refer to the How CertifiedEmail Works page.

To send CertifiedEmail, a commercial or non-profit sender must qualify by meeting three conditions:

1. Senders must adhere to best practices, such as providing a transparent mechanism for consumers to opt in or out of email subscription lists.
2. Senders’ complaint rates must be among the lowest in the industry, as verified by the records of consumer reports obtained from partner ISPs and mailbox providers.
3. Senders must use CertifiedEmail only in communications where a prior customer relationship exists or where customers have opted in to communications. No unsolicited email can be sent via CertifiedEmail.

A complete list of qualifications for senders can be found at our Qualifications Page

When a consumer receives a CertifiedEmail message, he or she can be assured that:.

• The message is authentic: it is from the sender it purports to be.
• The sender is legitimate and has been verified by Goodmail as the true owner of the brand presented in the message.
• The consumer has an existing relationship with this sender, whether because of opting in to the sender's email (such as a newsletter the consumer has requested) or being an existing customer (for example, having made a purchase that would trigger payment confirmation).

What this means to the consumer is that a CertifiedEmail message is safe to open and all links and images are guaranteed safe to click on. Consumers can trust messages sent as CertifiedEmails. Click here to visit the CertifiedEmail.net consumer site

CertifiedEmail is paid for by commercial volume senders who have become accredited by Goodmail, and who seek the many benefits of CertifiedEmail. Accreditation is the process by which Goodmail examines a potential CertifiedEmail sender's legitimacy, practices, and complaint rates. Senders must be accredited before they can send CertifiedEmail. Once they have been accredited, senders pay a fraction of a penny to Goodmail for each CertifiedEmail they send. Individual recipients never pay for CertifiedEmail.

CertifiedEmail is designed for volume senders — commercial and non-profit entities sending at least 50,000 opt-in email messages per month. Individual consumer senders have no need to send CertifiedEmail, since, typically, only known brands are "spoofed" in phishing attacks designed to defraud consumers. Furthermore, the problems that volume senders encounter — undelivered messages, blocked images and links — are typically not encountered by individual senders.

As a result of spam and phishing attacks, ISPs and mailbox providers have implemented various technologies that seek to eliminate bad email. Content and volume filters (a.k.a. "spam filters") can accidentally filter out up to 20% of a legitimate sender's opt-in email. This is why consumers sometimes discover that a desired message is missing or has been filed in the "junk" folder. Another anti-fraud mechanism that many ISPs and mailbox providers have put in place is default image and link blocking, where a message is presented to a consumer with the images removed and site links disabled. Since these links and images can be the very means used by phishers and other bad actors to steal personal information or defraud consumers, blocking links and images is an important security measure in email of unknown legitimacy.

By choosing to send their email via CertifiedEmail, qualified senders obtain trusted-class privileges from ISPs and mailbox providers. Senders' prior accreditation — and their emails' tokenized status — assure these ISPs and mailbox providers that the CertifiedEmail being delivered is safe and legitimate. Some of the main privileges and benefits to senders using CertifiedEmail include

• Automatic delivery of 100% of their email past spam, content, and volume filters

• Images and links visible and active by default

• Presentation of email with the exclusive CertifiedEmail Blue Trust Seal, signaling message safety to customers and readers.

• No restrictions on Senders’ copy (text within the message) and do not have to avoid certain words to ensure that a message isn't trapped by a content filter.

• * Senders receive per-message delivery reports. These reports are reliable, based on token redemption at the ISP or mailbox provider, as opposed to unreliable tracking beacons designed into the body of the email.
  
  

For many financial institutions, healthcare companies, utilities, and non-profit organizations, the breakdown of consumers’ trust in email has meant that the companies have been unable to use email to deliver critical documents. Consumers don’t trust messages contaiing account statements, bills, or fundraising solicitations. CertifiedEmail provides a mechanism for these senders to convert paper documents, which cost a dollar or more per document to print and deliver, to electronic communications costing a fraction of a penny each. In addition, the return on investment (ROI) is extremely compelling. For companies doing business online — retail, travel, e-commerce — the guaranteed ability to have their links and images rendered has itself resulted in 25% — 35% improvement in email marketing metrics, such as click-through rates and revenue per email. Consumer product makers and other brand marketers also achieve real benefit from ensuring that their brands are presented correctly through email. These types of customers, and many others, are experiencing ROIs of 300% and up. To see how some of our customers have succeeded with CertifiedEmail, read our Case Studies.

Consumers who maintain email addresses with participating ISPs and mailbox providers will automatically see CertifiedEmail in their inboxes from any senders who send via CertifiedEmail. See the list of Participating ISPs and Mailbox Providers. Consumers do not have to do anything to receive CertifiedEmail. They can also request that particular companies they do business with send email via CertifiedEmail by contacting Goodmail; we will let the company know. . Click here to visit our consumer site, CertifiedEmail.net

CertifiedEmail is the only class of trusted email supported by multiple ISPs and mailbox providers. These partners have implemented proprietary technology within their networks that assures CertifiedEmail's integrity. When a message with a cryptographically secure CertifiedEmail token is received by a partner's email servers, the software validates the token before treating the email as a CertifiedEmail.

Once validated, the CertifiedEmail is presented with the exclusive CertifiedEmail Blue Trust Seal. This icon is displayed in the browser interface, not in the email message. Consumers will first see the icon in their inbox message list view, in line with icons that represent regular email. When consumers open a CertifiedEmail message, the Blue Trust Seal appears in the interface surrounding the email message itself. These two areas — the inbox list view, and the window display surrounding the message — are non-spoofable regions of the email client interface. While different ISP and mailbox partners may use slightly different treatments of the CertifiedEmail icon, the icon will always be the Blue Trust Seal, and the word "Certified" will always appear surrounding the message once it has been opened. Click here to visit our consumer site, CertifiedEmail.net

Once a sender is accredited and begins sending via CertifiedEmail, their email practices — including consumer compliant rates — are automatically monitored by Goodmail's systems. Senders must adhere to the same email standards, including following email best practices and maintaining the industry's lowest complaint rates. Of course, since CertifiedEmail is only for opt-in email, CertifiedEmail can never be sent to a consumer who has not previously specifically opted in for email from that sender or purchased something from that sender. The standards CertifiedEmail senders must adhere to are described in Goodmail's Acceptable Use Policy, which contractually binds all CertifiedEmail senders.

No. In enabling the sending of CertifiedEmail, Goodmail does not receive message content or recipient addresses. When an outgoing CertifiedEmail message is sent, the Goodmail Imprinter software (located in the sender's infrastructure) generates a Secure Hash Algorithm (SHA-1) hash of the message, and requests a CertifiedEmail token from the Goodmail Generator. Goodmail only obtains a CertifiedEmail recipient's email address if the recipient submits a complaint or unsubscribe request in response to a CertifiedEmail message. This information is used to track recipient feedback and inform the sender as to which recipient is submitting the unsubscribe request.. Click here to visit our privacy policy page

After the Goodmail Imprinter forwards a unique SHA-1 hash of the email message to the Goodmail Generator, and obtains a unique cryptographically secure token for that message, the Imprinter inserts this token in an x-header within the email message. CertifiedEmail tokens are created and validated on a message-by-message basis. The Goodmail software used by a participating mailbox provider that recognizes Goodmail's CertifiedEmail does not check or analyze the email message being sent to determine its content, its sender, or its addressee. The software checks only for the presence of a valid Goodmail token on a specific message.

Authentication protocols provide an important component technology, but do not provide the comprehensive solution of a class of trusted email like CertifiedEmail. Authentication protocols provide a means for ensuring that a message associated with a specific domain name is actually from that domain, but offer no assurance as to the identity of the sender behind that domain, or the legitimacy of that sender. It is possible to obtain authenticated spam or authenticated phishing attacks — for example, an email could be sent "authentically" from the "Citibank.com" domain, but this sender is still distinct from the actual Citibank, and therefore the email is fraudulent. Goodmail supports the use of DomainKeys Identified Mail (DKIM) by all senders as a baseline measure. However, CertifiedEmail goes much further, actually providing a solution for assuring consumers not only of domain authenticity, but also of message authenticity and sender legitimacy. The CertifiedEmail system includes sender accreditation, secure tracking of individual messages, monitoring of sending volume, and ongoing compliance monitoring of a sender's behavior — these features are not available in mere authentication protocols, and they are features which in sum enable trusted-class email.