1. A process generates an email, probably from a marketing campaign or a transaction response.

2. The SbS2.0™ Writer signs the message headers and body as per the Domain Keys Identified Mail standard. Any DKIM writer will work for sending Branded Email, though with reduced reporting functionality. The SbS2.0™ Writer is available as a stand-alone unit or as a software add-in for your existing MTA.

3. The recipient ISP’s edge MTA receives and processes the email according to its rules - including a spam filter bypass rule based on the presence of a Brandmail Header.

4. The SbS2.0™ Reader is integrated with the last MTA before the actual email mailboxes. This MTA is configured to only accept email from its internal interface. This means that there is no route around the SbS2.0™ Reader. Since we check the authenticity of the email, forged email will not make it into the subscriber’s inbox.

5. The Reader validates the DKIM signature and, if valid, generates a second cryptographic hash for use in requesting a logo from the SbS2.0™ Control Center. Generation and tracking of this hash protects the system from a variety of attacks, including click fraud.

6. The Reader requests a logo from the SbS2.0™ Control Center, and inserts a reference that is used by the recipient’s email client to retrieve the logo.

7. The ISP MTA delivers the email to the recipient’s mailbox.

8. The recipient opens up the email client. The Control Center tracks each time the logo is rendered and viewed in the recipient’s inbox and each time the email is opened.

9. The Control Center provides a centralized management console where the Sender manages all aspects of the Branded Email process (logo storage, mapping logos to sending email addresses, viewing statistics). It also provides partner ISPs with their billing information, and allows Brandmail Solutions to bill the participating email Senders.

The Sbs2.0^TM Writer

The Brandmail SbS2.0™ Writer is the outbound Mail Transfer Agent (MTA) that is responsible for signing each outbound message with a cryptographic signature. The Writer uses the Domain Keys Identified Mail (DKIM) standard for adding the cryptographic signature.

The Writer is fully DKIM compliant, and will work either as a synergistic part of an SbS2.0™ system (with the Brandmail Reader and Control Center) or will work to sign emails destined for any DKIM compliant system. The Writer is available as an integrated component with various MTA providers, or is available as a stand-alone unit.

It is also possible to use any standards compliant DKIM writer as implemented in your MTA.

The Sbs2.0^TM Reader

The SbS2.0™ Reader verifies the signature on any Brandmail Solutions customer-sent DKIM or Domain Keys signed email. In addition to checking the signature, the Reader also inserts a brand logo into authentic email.

Because the Reader is in-line with all email passing into the ISP, it is in a position to quarantine any email that fails authentication before the bogus email reaches the spam filters.

In communicating with the Brandmail Control Center to insert the brand logo, the Reader provides unique details of the email to the Control Center. These details, while they do not contain any private information, allow the system to prevent duplicate emails from getting through to recipients. This is an important improvement over stock DKIM implementations that are susceptible to message replay attacks.

The recipient’s email client then receives a fully branded email, complete with logo to display in the subscriber’s inbox.

 

The Sbs2.0^TM Control Center

The Brandmail Control Center is designed to work in conjunction with the Brandmail SbS2.0™ Writer and Reader. By providing a secure, centralized authority for email tracking and key distribution, the Control Center also layers additional protection on top of the basic DKIM protocol.

The SbS2.0™ Control Center is a web service where email sending organizations:

• Define which email addresses will be branded
• Choose which logo will be used with each sending address
• Define which email sending addresses will be branded for a particular domain
• Track key metrics for delivery and number of times viewed
• Log their email sending results
• Log email received results
• Get logos for each sending address
• Track email view/open rates