By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData Collective
  • Analytics
    AnalyticsShow More
    construction analytics
    5 Benefits of Analytics to Manage Commercial Construction
    5 Min Read
    benefits of data analytics for financial industry
    Fascinating Changes Data Analytics Brings to Finance
    7 Min Read
    analyzing big data for its quality and value
    Use this Strategic Approach to Maximize Your Data’s Value
    6 Min Read
    data-driven seo for product pages
    6 Tips for Using Data Analytics for Product Page SEO
    11 Min Read
    big data analytics in business
    5 Ways to Utilize Data Analytics to Grow Your Business
    6 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: ESPC Sets Deadline to Require MD5 Hash Encryption
Share
Notification Show More
Latest News
cloud-centric companies using network relocation
Cloud-Centric Companies Discover Benefits & Pitfalls of Network Relocation
Cloud Computing
construction analytics
5 Benefits of Analytics to Manage Commercial Construction
Analytics
database compliance guide
Four Strategies For Effective Database Compliance
Data Management
Digital Security From Weaponized AI
Fortifying Enterprise Digital Security Against Hackers Weaponizing AI
Security
DevOps on cloud
Optimizing Cost with DevOps on the Cloud
Development
Aa
SmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Uncategorized > ESPC Sets Deadline to Require MD5 Hash Encryption
Uncategorized

ESPC Sets Deadline to Require MD5 Hash Encryption

CariBirkner
Last updated: 2009/04/22 at 4:17 PM
CariBirkner
3 Min Read
SHARE
- Advertisement -

As of September 1, 2009, MD5 hash suppression file encryption will be required for all ESPC members. Stolen suppression files and lingering cases of suppression list abuse have long plagued marketers, who are required by CAN-SPAM to share suppression lists with affiliates and these sometimes end up in the hands of third parties. In the past, these lists have been shared in plain text formats, which has allowed for future mailing and abuse.

MD5 is a one-way encryption tool that has long been used for password encryption to secure login info and protect against corrupted files. It is particularly useful for suppression list management because encrypted files cannot be transmitted back into original email addressess. However, because each address will have a dedicated line of hash, publishers and affiliates can still use the files for compliance when scrubbing send files against suppression lists.

- Advertisement -

Although MD5 is a needed improvement in the standard for protecting suppression files, it has become somewhat outdated and is vulnerable to decryption and hacking.  According to the ESPC Be…

More Read

data analytics for better email marketing

Email Marketers Use Data Analytics for Optimal Customer Segmentation

8 Reasons Data-Driven Companies Are Utilizing Email Marketing
10 Essential Data-Driven B2B Email Marketing Strategies
Is it OK to Send Emails to a Database That Isn’t Yours?
AI Assists with Reputation Management through Email Validation

As of September 1, 2009, MD5 hash suppression file encryption will be required for all ESPC members. Stolen suppression files and lingering cases of suppression list abuse have long plagued marketers, who are required by CAN-SPAM to share suppression lists with affiliates and these sometimes end up in the hands of third parties. In the past, these lists have been shared in plain text formats, which has allowed for future mailing and abuse.

MD5 is a one-way encryption tool that has long been used for password encryption to secure login info and protect against corrupted files. It is particularly useful for suppression list management because encrypted files cannot be transmitted back into original email addressess. However, because each address will have a dedicated line of hash, publishers and affiliates can still use the files for compliance when scrubbing send files against suppression lists.

Although MD5 is a needed improvement in the standard for protecting suppression files, it has become somewhat outdated and is vulnerable to decryption and hacking.  According to the ESPC Best Practice Guideline for ESPs,  newer hashing methods such as SHA-256 provide much greater levels of security and require far more time and resources to hack. A brute force attack is another way to gain information about hashed email addresses. This is where a person gathers a list of email addresses, hashes them, and compares them to the hash of an email list. The hacker would not gain new email addresses, but would be able to find out more info about the email addresses that match their list.

- Advertisement -

Additional precautions should be taken along with hashing, especially during data transfer in order to secure your lists. For example, storing a list on an FTP site that allows anonymous login could be insufficient security for data transfer (ESPC 2008).

Link to original post

TAGGED: email marketing
CariBirkner April 22, 2009
Share this Article
Facebook Twitter Pinterest LinkedIn
Share
- Advertisement -

Follow us on Facebook

Latest News

cloud-centric companies using network relocation
Cloud-Centric Companies Discover Benefits & Pitfalls of Network Relocation
Cloud Computing
construction analytics
5 Benefits of Analytics to Manage Commercial Construction
Analytics
database compliance guide
Four Strategies For Effective Database Compliance
Data Management
Digital Security From Weaponized AI
Fortifying Enterprise Digital Security Against Hackers Weaponizing AI
Security

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

You Might also Like

data analytics for better email marketing
Analytics

Email Marketers Use Data Analytics for Optimal Customer Segmentation

12 Min Read
data analytics in email marketing
Big Data

8 Reasons Data-Driven Companies Are Utilizing Email Marketing

16 Min Read
data analytics in email marketing
Big Data

10 Essential Data-Driven B2B Email Marketing Strategies

8 Min Read
gdpr data privacy rules with email marketing
GDPR

Is it OK to Send Emails to a Database That Isn’t Yours?

6 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

AI chatbots
AI Chatbots Can Help Retailers Convert Live Broadcast Viewers into Sales!
Chatbots
ai in ecommerce
Artificial Intelligence for eCommerce: A Closer Look
Artificial Intelligence

Quick Link

  • About
  • Contact
  • Privacy
Follow US

© 2008-23 SmartData Collective. All Rights Reserved.

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?