Email

Email / News Briefs

Spam Distribution Infrastructure: New Study Finds 94% of Scams Hosted on Individual Web Servers

Computer scientists, Geoff Voelker and Stefan Savage, from UC San Diego have found striking differences between the infrastructure used to distribute spam and the infrastructure used to host the online scams advertised in these unwanted email messages. This discovery is believed to help aid in the fight to reduce spam volume and shut down illegal online businesses and malware sites. While hundreds or thousands of compromised computers may be used to relay spam to users, most scams are hosted by individual Web servers. more

AOL Spammer Pleads Guilty, Facing Up To 11 Years in Prison

A Brooklyn man has pleaded guilty today for sending spam emails to over 1.2 million AOL subscribers in a scheme that foiled the Internet company's spam-filtering system. Reuters reports: "Adam Vitale, 26, pleaded guilty in federal court in Manhattan to breaking anti-spam laws. He was caught making a deal with a government informant that sent spam e-mails advertising a computer security program in return for 50 percent of the product's profits, prosecutors said." more

IETF Has Approved DKIM, DomainKeys Identified Mail

There has been unofficial announcement today that Internet Engineering Task Force (IETF) has approved DomainKeys Identified Mail (DKIM) as a proposed Internet standard, RFC 4871. ...A diverse number of organization have been reported to have played a role on moving the DKIM proposal forward including: Cisco, IBM, Earthlink, Microsoft, Spamhaus, Google, PayPal as well as FTC and the National Institute of Standards and Technology (NIST). more

Phishing Attacks Surpass Viruses and Trojans

Phishing attacks have outnumbered emails infected with viruses and Trojan horse programs for the first time, according to security experts.

...The difference in the ratio of phishing to virus attacks is partly due to virus attacks becoming more targeted and no longer occurring as one large outbreak. This includes the recent Storm Worm and Warezov attacks, according to MessageLabs. more

Email Security an Ongoing Battle, Focus on Manageable Risk Instead

The IT industry will never eradicate security threats to email systems and organizations should take a holistic approach to securing their communication systems to the level where they believe risk is at a manageable state, according to panelists at this week's Inbox email conference in San Jose...

At a packed panel session on email accreditation and reputation, the panelist told audience members that reputation services have taken off rapidly. These services profile the sender's behavior to determine the likelihood that a message is legitimate or spam. The sender's reputation is determined based on multiple criteria then assigned to categories, or lists. more

AOL to Let Email Address Customization Based On User Domain Names

AOL is testing a program to let its members customize their AOL Mail address by using a domain name of their choice instead of the default aol.com... The move is another attempt by AOL to increase the allure of the services it provides paying customers, who have been cancelling their AOL subscriptions at an alarming rate in the past several years.

Google has been conducting a similar test on its Gmail service. more

Storing VoIP Conversation along with Email as Next Regulation

IT chiefs have been warned to prepare for the possibility of new corporate governance rules that would require them to keep records of voice-over-IP (VoIP) conversations alongside email, instant messaging and other forms of communication.

Speaking at the Symantec user event in San Francisco last week, Jeremy Burton, a senior vice-president at the security specialist, said, "Financial institutions in the US already need to keep voicemail because it is stored on disk. As soon as the regulators figure out that VoIP is a digital stream, they will probably try to force that to be kept as well." more

VoIP Used in New Phishing Scam

Small businesses and consumers aren't the only ones enjoying the cost savings of switching to VoIP. According to messaging-security company Cloudmark, phishers have begun using the technology to steal personal and financial information over the phone.

Earlier this month, Cloudmark trapped an email phishing attack in its security filters that appeared to come from a small bank in a big city and directed recipients to verify their account information by dialing the included number. (The Cloudmark user who received the email and alerted the company knew it was a phishing scam, because he's not a customer at this bank.)  more

Microsoft to Push Adoption of Sender ID at Email Summit

Microsoft Wednesday plans to promote adoption of the Sender ID email specification and introduce a new program for helping ISPs protect the integrity of email messages at the Email Authentication Summit in Chicago.

Citing research figures from MarkMonitor, Craig Spiezle, director of technology care and safety for Microsoft, said that Sender ID use among Fortune 500 companies has increased from 7% in July 2005 to 21%. About 32% of all e-mail sent is Sender ID compliant, added Spiezle, who plans to speak about the adoption of Sender ID at the summit.  more

MIT Spam Conference on Phishing as the Worst Spam Problem

At the fourth annual MIT Spam Conference held in Boston Tuesday, speakers said that while the volume of spam ebbs and flows, the nature of unwanted email is steadily becoming more dangerous...

Fresh from an IETF meeting last week, Sendmail's Chief Science Officer Eric Allman spoke about the progress being made with DomainKeys Identified Mail (DKIM), a sender-authentication proposal from Yahoo and Cisco that's wending its way through the standards body, and how it can be used to fight phishing. more

New Code of Practice to Combat Spam

Australia has cracked down on junk mail with an industry code for tackling spam.

Under the new code, internet service providers (ISPs) will bear some of the responsibility for helping fight spam. Service providers must offer spam-filtering options to their subscribers and advise them on how to best deal with and report the nuisance mail. ISPs will also be compelled to impose "reasonable" limits on subscribers' sending email. more

China's MII Publishes New Email Regulations

China's Ministry of Information Industry (MII) has published a set of regulations that govern email services and include several provisions intended to cut down on the amount of spam that Chinese Internet users find in their in-box.

The new rules go into effect on March 30. As expected, the regulations require e-mail advertisements to include "AD" or the equivalent in Chinese characters (guang gao) in the subject header. They also require email service providers to register the IP addresses of their mail servers with the authorities. more

Postage is Due for Companies Sending Email

Companies will soon have to buy the electronic equivalent of a postage stamp if they want to be certain that their e-mail will be delivered to many of their customers. America Online and Yahoo, two of the world's largest providers of e-mail accounts, are about to start using a controversial system that gives preferential treatment to messages from companies that pay from 1/4 of a cent to a penny each to have them delivered. The senders must contact only people who have agreed to receive their messages, or risk being blocked entirely. more