I wonder how much botnets reuse IP addresses. Do they infect a system and spam, get blocked, discard the IP and move onto the next (new) one? This means that they have a nearly unlimited supply of IP addresses. Or do they infect a system and spam, get blocked, and then let it go dormant only to awaken it some time later? I decided to take a look. more
There has been a lot of recent discussions and questions about reputation, content and delivery of email. I started to answer some of them, and then realized there weren't any basic reference documents I could refer to when explaining the interaction. So I decided to write some. This post is about IP address reputation with some background on why IPs are so important and why ISPs focus so heavily on the sending IP. more
While Canada was dragging the chain when it came to introducing anti-spam legislation, it is now making up for lost time. Ottawa's new law -- expected to be operational early this year -- has severe fines for violations and is viewed by some as too tough. Known as CASL, the new law aims to crack down on spammers and mailing list companies but in doing so, tightly regulates the way businesses can market to prospective customers via email and online. more
IBM published a video where it predicts what the world will look like in 2016 (see bottom of this post for the link). It includes the following five predictions. I want to start with the last one -- that junk mail (i.e., spam) will disappear. You'll need to watch the video to get the nuances of the prediction, but IBM says that in five years, Junk Mail will become a thing of the past. more
I was reading in the Canadian Lawyer Mag that businesses in Canada are now coming to grips with the Canadian Antispam law that was passed last year. Canada's antispam law is much tougher than most jurisdictions. Aside from the penalties of the law, which are steep, what differentiates it the most from the US law is that Canada's law is an opt-in law; marketers who send commercial email must be able to demonstrate that they received consent in writing in order to market to people. As expected, people who are most affected by the law - marketers - are upset about the lack of wriggle room and how it could affect their business. more
In my last post I blogged about greylisting, a well-known anti-spam technique for rejecting spam sent by botnets. When a mail server receives a an attempt to deliver mail from an IP address that's never sent mail before, it rejects the message with a "soft fail" error which tells the sender to try again later. Real mail senders always retry, badly written spamware often doesn't. I found that even though everyone knows about greylisting, about 2/3 of IPs don't successfully retry. more
Since November of last year we have been discussing the problem of illicit and illegal online pharmacy support by ICANN-accredited Registrars. In several articles and direct contact with the Registrars we have tirelessly tried to convey the seriousness of this problem, many listened, some did not... With the background information already known, the case presented here is much more specific and concerns EvaPharmacy, which was until recently, the world's largest online criminal pharmacy network. more
Mainsleaze is nerdy slang for spam sent by large, well-known, otherwise reputable organizations. Although the volume of mainsleaze is dwarfed by the volume of spam for fake drugs, account phishes, and Nigerian 419 fraud, it causes work for mail managers far out of proportion to its volume... The problem with mainsleaze is that it is generally mixed in with mail that the recipients asked for, and there's no way to tell the difference mechanically. more
Spamfiltering blocks email. This is something we all know and understand. For most people, that is everyone who doesn't manage an email server or work in the delivery field or create spamfilters, filtering is a totally unseen process. The only time the average person notices filters is when they break. The breakage could be blocking mail they shouldn't, or not blocking mail they should. more
There's a pernicious meme floating around that DomainKeys Identified Mail (DKIM) doesn't work with discussion lists, particularly those hosted on common open source software packages like MailMan. It's particularly odd to see this claim after I set it up successfully on a stock Debian server in less than half an hour, just a few weeks ago. Here's how it can, should, and does work. more
The chart in this post shows the amount of inbound mail that we see, both spam and non-spam, over the past three and a half years. You can see in the above that the amount of good mail that we see has continued to increase over time. This is because of an increased customer base, not because the total amount of good mail worldwide has gone up... However, the amount of spam has plummeted from 23,000 in mid 2010 to 5000 now, a drop of over 75%. The contrast couldn't be starker -- spammers are not spamming as much anymore. It almost looks like the battle against spam is almost over. What's still left to do? more
The best part is ... this isn't one of those 'now that I've got your attention' tricks, like one of those old "free beer" posters; there really is a ton of stuff happening above the 49th parallel this summer. To begin with, as a precursor to Canada's Anti-spam Law coming into effect later this year, the Office of the Privacy Commissioner, the Canadian Radio-television Telecommunications Commission, and Industry Canada have all issued regulations, the latter two in draft form with an RFC. more
As we, here in the United States celebrate our independence this Fourth of July, we are reminded that the liberties and freedoms that come with that independence have yet to be won online. As citizens of this country we are blessed with safety and security from threats both foreign and domestic, but those guarantees have not yet extended to our citizenship in the global Internet community. This is true not just for American citizens, but for all Internet users throughout the world. more
URL shorteners, like bit.ly, moby.to and tinyurl.com, do three things... Making URLs shorter was their original role, and it's why they're so common in media where the raw URL is visible to the recipient -- instant messaging, twitter and other microblogs, and in plain text email where the "real" URL won't fit on a single line. From the moment they were invented they've been used to trick people to click on links to pages they'd rather not visit... more
Last week, I read Ed Falk's blog post where he commented on a possible solution to the spam problem. He himself was commenting on a study done by researchers out of the University of California where they discovered that credit card transactions for stuff bought in spamvertisements are handled by three companies: one in Azerbaijan, one in Denmark and one in the West Indies. Presumably, if security experts and law enforcement went after these companies, spammers would have their financial supply cut off. No money = no incentive to spam. more
A World-Renowned Source for Internet Developments. Serving Since 2002.