Email

Email / Most Viewed

Gmail and IMAP and BlackBerry (Oh, my!)

When I was employed, I ran my own mail server and my own BlackBerry Enterprise Server, and I had things tuned pretty much exactly as I wanted them. My incoming mail got some custom processing that looked the sender's address up in my address book and assigned the message a category... I was a very happy email user. Now that I'm on my own, I've decided not to run my own server and all that software, and I've switched to Gmail and the T-Mobile BlackBerry server... Surprisingly, though, I'm mostly still happy... more»

There Is No "Spam Problem"

This month I thought I could feel smug, deploying Postfix, with greylisting (Postgrey), and the Spamhaus block list (SBL-XBL) has reduced the volume of unsolicited bulk commercial email one of our servers was delivering to our clients by 98.99%. Alas greylisting is a flawed remedy, it merely requires the spambots to act more like email servers and it will fail, and eventually they will... more»

Analyzing The Inbox of a Spammer's Domain

Consider this scenario: you need a domain name for your site so you go to your favorite domain registrar's website and upon a quick search find that your third choice is actually available! You quickly pull your credit card and register the name. Everything is good and you can't wait to have your new domain start pointing to your site and represent your official email address. But not so fast -- some of the recent events are revealing that, these days, when you are registering a domain name there is one more critical thing you need to do: check under the hood! more»

Iran Blocks HTTPS, 30 Million Reported Losing Email Access

Iran is reported to have started blocking access to websites that use HTTPS and as a result making popular and secure online services as well as online banking sites inaccessible. An Iranian news agency reports that over 30 million people in the country have lost access to foreign email services such as Gmail, Yahoo mail and Hotmail. Anything based outside the country that uses a secure connection via HTTPS is blocked, according to news reports and a thread on Hacker News. Secure sites based within Iran are reportedly still accessible. The shutdown is said to be timed to coincide with the anniversary of the 1979 Islamic Revolution in Iran, and is believed to be temporary. more»

AOL Fires Across the Bow of Spam-Friendly ISPs

The North American Network Operators Group (NANOG) conference, a gathering of Internet Service Provider (ISP) engineers and vendors convenes three times a year for mostly technical conversation along with social networking. The recent NANOG conference in Reston Virginia saw some unusually direct talk about Spam and the ISPs that tolerate it from America Online's Postmaster, Charles Stiles. more»

ClamAV and the Case of the Missing Mail

Some email discussion lists were all atwitter yesterday, as Sourcefire's open-source anti-virus engine ClamAV version 0.94.x reached its end-of-life. Rather than simply phase this geriatric version out the development team put to halt instances of V0.94 in production yesterday, April 15, 2010. In other words, the ClamAV developers caused version .94 to stop working entirely, and, depending upon the implementation, that meant email to systems using ClamAV also stopped flowing. more»

An Open Letter to Yahoo!'s Postmaster

In June 2004, Yahoo! and a number of other companies got together to announce the Anti-Spam Technical Alliance or ASTA. While it appears to have been largely silent since then, ASTA did at least publish an initial set of best practices the widespread adoption of which could possibly have had some impact on spam... The majority of these are clearly aimed at ISPs and end users, but some are either generally or specifically relevant to email providers such as Yahoo!, Google or Microsoft... The problem: Since February this year, we have been receiving a significant quantity of spam emails from Yahoo!'s servers. In addition to their transport via the Yahoo! network, all originate from email addresses in yahoo.com, yahoo.co.uk and one or two other Yahoo! domains. Every such message bears a Yahoo! DomainKeys signature... more»

Canada's Anti-spam Bill C-28 is the Law of the Land

It's been a long time coming, but Canada has an anti-spam law, and one, which sets a new world standard, and a tough, but fair, opt-in protocol for everyone in North America who sends commercial email and other electronic messages. Yesterday, The Canadian Senate voted to accept Bill C-28, and today, December 15, at 13:00 eastern, it will be given Royal Asset of the Governor General of Canada, His Excellency the Right Honourable David Johnston. more»

Study Finds Spammers Use P2P Harvesting to Spam Millions

A recent study conducted by Blue Security reports how Internet users can unknowingly expose their contacts' emails addresses to Spammers while sharing files, music, games and DVDs over Peer-to-Peer (P2P) networks. The study has uncovered hundreds of incidents where files containing email addresses were made accessible in P2P networks. more»

Kidnapping, Theft and Rape Are Not "Cyber" Crimes

Kidnap. Rape. There are no lesser words that can be used to describe what happened to the daughter of an anti-spam investigator in Russia. His daughter was recently released, according to Joseph Menn's recent article on Boing Boin, after having been kidnapped from her home five years ago, fed drugs, and made to service men, as a warning to ward off further investigations. The criminals behind these vicious acts were also responsible for large spamming organization associated with Russian Mob activity. more»

Sender-ID Back from the Dead

With the closure of IETF's MARID group a month ago, many of us have left Microsoft's Sender-ID standard for the dead. After being rejected by the Apache Foundation and the Debian Project over licensing issues, and causing the closure of MARID for some of the same issues (in addition to already long running technical ones), some thought that Microsoft may have just buried it and gone on to better things like IETF's new MAILSIG group (in formation). But just like the ghost of Hamlet's father it just refuses to die and now it looks like it is coming back to life in a new reincarnation... more»

The New Hong Kong Anti-Spam Law, and a Small Fly in the Ointment

Well, it has been quite a while since first the Hong Kong OFTA (in 2004) and then CITB (in 2006) issued requests for public comment about a proposed UEM (Unsolicited Electronic Messaging) bill to be introduced in Hong Kong, for the purpose of regulating unsolicited email, telephone and fax solicitations. We're a large (worldwide) provider of email and spam filtering - but we're based in Hong Kong, and any regulation there naturally gets tracked by us rather more actively than laws elsewhere. We sent in our responses to both these agencies... The bill is becoming law now - and most of it looks good... There's one major fly in the ointment though... more»

Goodmail Shutting Down

Yesterday Goodmail sent out mail to all their customers announcing they are ceasing operations and taking all their token generators offline as of 5pm pacific on February 8th. While this is a bit of a surprise on one level, I'm not that shocked. Ken Magill mentioned in August that Goodmail was on the sales block and rumors have been circulating for weeks about significant changes coming to Goodmail. ... Despite the free service, people at some of those ESPs told me they were having difficulty getting customers to adopt Goodmail. more»

Using Domain Filtering To Effect IP Address Filtering

In Taking Back The DNS I described new technology in ISC BIND as of Version 9.8.0 that allows a recursive server operator to import DNS filtering rules in what ISC hopes will become the standard interchange format for DNS policy information. Later I had to decry the possible use of this technology for mandated content blocking such as might soon be the law of the land in my country. I'm a guest at MAAWG this week in San Francisco and one of the most useful hallway discussions I've been in so far was about the Spamhaus DROP list. more»

2004: The Year That Promised Email Authentication

As the year comes to a close, it is important to reflect on what has been one of the major actions in the anti-spam arena this year: the quest for email authentication. With email often called the "killer app" of the Internet, it is important to reflect on any major changes proposed, or implemented that can affect that basic tool that many of us have become to rely on in our daily lives. And, while many of the debates involved myriads of specialized mailing lists, standards organizations, conferences and even some government agencies, it is important for the free and open source software (FOSS) community as well as the Internet community at large, to analyze and learn lessons from the events surrounding email authentication in 2004. more»