Email

Email / Featured Blogs

Call for Nominations: M3AAWG J. D. Falk Award Seeks Stewards of a Better Online World

Anyone seeking to honor a groundbreaking contribution toward a better online world should submit a nomination for the 2014 M3AAWG J. D. Falk Award. Presented to people whose work on specific projects made the Internet a safer, more collaborative, more inclusive place, the J. D. Falk Award has recognized leaders and pioneers who saw elements of the online experience that needed improvement and took action to fix them.  more»

Gmail Now Supports Internationalized Domain Names

If your first language isn't English and you don't use the Latin character set you can and will run into barriers. While Internationalized Domain Names (IDNs) i.e. domain names where either the left of the dot, the right of the dot or the entire string is in characters other than Latin ones, do exist and have existed for a number of years not all services work well with them. more»

Dealing With DMARC

DMARC is an anti-phishing scheme that was repurposed in April to try to deal with the fallout from security breaches at AOL and Yahoo. A side effect of AOL and Yahoo's actions is that a variety of bad things happen to mail that has 'From:' addresses at aol.com or yahoo.com, but wasn't sent from AOL or Yahoo's own mail systems. If the mail is phish or spam, that's good, but when it's mailing lists or a newspaper's mail-an-article, it's no so good. more»

Universal Acceptance of All TLDs Now!

Universal acceptance of top level domains hasn't really meant much to most Internet users up until now. As long as .COM was basically the default TLD, there wasn't much of an issue. No longer. With 263 delegated strings (according to ICANN's May 12, 2014 statistics) adding to the existing 22 gTLDs that were already live on the net after the 2004 round of Internet namespace expansion, the problem of universal acceptance gets very real. more»

AOL Has a Security Hole, and It's Our Problem

Two weeks ago I wrote about Yahoo's unfortunate mail security actions. Now it's AOL's turn, and the story, as best as I can piece it together, is not pretty. Yahoo used an emerging system called DMARC, which was intended to fight phishing of often forged domains like paypal.com. A domain owner can publish a DMARC "reject" policy which, oversimplifying a little, tells the world that if mail with their name on the 'From:' line didn't come from their servers, it's not from them so you should reject it. more»

Yahoo Addresses a Security Problem by Breaking Every Mailing List in the World

DMARC is what one might call an emerging e-mail security scheme. It's emerging pretty fast, since many of the largest mail systems in the world have already implemented it, including Gmail, Hotmail/MSN/Outlook, Comcast, and Yahoo. DMARC lets a domain owner make assertions about mail that has their domain in the address on the 'From:' line. It lets the owner assert that mail will have a DKIM signature with the same domain, or an envelope return (bounce) address in the same domain that will pass SPF validation. more»

Fine Grained Mail Filtering With IPv6

One of the hottest topics in the email biz these days (insofar as any topic is hot) is how we will deal with mail on IPv6 networks. On existing IPv4 networks, one of the most effective anti-spam techniques is DNSBLs, blackists (or blocklists) that list IP addresses that send only or mostly spam, or whose owners have stated that they shouldn't be sending mail at all. DNSBLs are among the cheapest of anti-spam techniques since they can be applied to incoming mail connections without having to receive or filter spam. more»

The Naive Arrogance of FUSSPs

Everyone who's been in the e-mail biz long enough knows the term FUSSP, Final Ultimate Solution to the Spam Problem, as described in a checklist from Vern Schryver and a form response that's been floating around the net for a decade. FUSSPs fall into two general categories, bad ideas that won't go away, and reasonable ideas that are oversold. more»

2014 M3AAWG Mary Litynski Award Nominations Now Being Accepted

In 2010 the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) and the Internet industry as a whole lost a great friend and supporter, Mary Litynski. Her dedication, excellence, perseverance and tireless work behind the scenes of M3AAWG helped make the organization the success that it is today. Through this award, M3AAWG seeks to bring attention to the remarkable work that is done far from the public eye over a significant period of time... more»

The Death of IP Based Reputation

Back in the dark ages of email delivery the only thing that really mattered to get your email into the inbox was having a good IP reputation. If your IP sent good mail most of the time, then that mail got into the inbox and all was well with the world. All that mattered was that good IP reputation. Even better for the people who wanted to game the system and get their spam into the inbox, there were many ways to get around IP reputation. more»