AOL announced earlier this month that bulk senders who want to stay on its whitelist would have to start using a program called SPF (for Sender Policy Framework) to authenticate the email they send.
(If you're not the email tech guru at your company, you should know that SPF is, at its most basic, a line of code that gets published in your Domain Name Server information. ISPs can look up that code to verify that you really are who you say you are and not a spoofer, phisher or forger who doesn't have authority to use that email address.)
Industry publications began reporting that as an edict from AOL that bulk senders should start publishing their SPF records now or else get booted off the whitelist.
We asked AOL for the straight story. Here's what Carl Hutzler, AOL's anti-spam director told us:
"We are asking people already on our whitelist (and newcomers) to set-up SPF records to simply help the 'management' of the IP based whitelist. It has nothing to do with qualifying a person to be on our whitelist or negatively affecting their mail if they do not have SPF.
"SPF simply is a way to publish outbound mail server IP addresses, which is exactly what AOL needs to whitelist someone. Instead of a whitelisted organization having to update AOL every time an IP address changes (server gets shut down, returned on lease, etc.), if the organization uses SPF, they can maintain their own list of legit servers and AOL can query their SPF DNS record to get any updates (perhaps once a day or so).
"We do not have a timeframe for AOL to implement SPF on our inbound systems yet. End of summer is what we are targeting. But this has almost nothing to do with the whitelisting feature. We aim to begin using SPF in our whitelist update processes in the next month or so."
You can get more information at AOL's Postmaster