How do conferences and summits shape email standards?
Still have a question, spotted an error, or have a better explanation or a source we should cite?
You send an email, it gets filtered, and somewhere behind that filter is a rule that someone agreed on. But who agreed, and how? The answer usually starts at a conference table.
Email standards don't just appear. They go through a real pipeline, and conferences are where a lot of the early work happens. The key players are the IETF (the technical body that publishes RFCs, which are the formal specs for things like SPF, DKIM, and DMARC), and M3AAWG (the Messaging, Malware and Mobile Anti-Abuse Working Group, which is where the big mailbox providers, ESPs, and security people meet in private to work through real-world abuse problems).
Here's roughly how a standard actually moves from idea to your ESP settings panel.
Someone notices a problem. Maybe a new phishing technique is slipping past authentication, or a filtering heuristic is causing false positives for legitimate senders. That problem gets raised, often informally, at an industry event or in a working group meeting. M3AAWG general meetings (held three times a year) are a main venue for this. Engineers and deliverability leads from Google, Yahoo, Microsoft, and major ESPs are all in the same room.
From there, the people who need to agree get to actually talk. A lot of standards work stalls in remote coordination because the people involved have different mental models of the problem. Face-to-face time at a summit cuts through that. Concerns get surfaced. Edge cases get argued. Someone drafts a proposal.
If the idea is a formal technical standard (like a change to how DMARC reporting works), it eventually moves to an IETF working group. There, it gets written up as an Internet-Draft, reviewed publicly, revised based on comments, and if it passes review, published as an RFC. That process can take years.
If the idea is more of an operational best practice (like how to handle complaint feedback loops, or what a good unsubscribe flow looks like), it might instead become a published document from M3AAWG, the Email Experience Council, or a similar group. These don't carry the same formal weight as an RFC, but the big mailbox providers often treat them as the bar for sender behavior.
Once a standard or best practice exists on paper, ESPs implement it at their own pace. That gap between "RFC published" and "your ESP actually supports this" can be months or years. When Gmail and Yahoo Mail announced their 2024 sender requirements, they didn't invent DMARC or one-click unsubscribe. Those specs had existed for years. The conference work that mattered was the repeated pressure from practitioners at industry meetings that pushed the mailbox providers to finally enforce what was already written.
So conferences shape standards in two ways. They're where the technical proposals get stress-tested before anyone writes a draft. And they're where the industry pressure builds to actually implement what's already been agreed. Neither part happens cleanly in a mailing list thread.
Want to follow this process yourself? You can subscribe to the IETF's email-related working group lists for free, and M3AAWG publishes many of its best practice documents publicly. If you want to get more involved, there are real paths in for practitioners who don't work at a mailbox provider.
Contributors
Who worked on this answer
Every name links to their profile. Every company links to their site. Real people, real accountability.