Email

Email / Most Viewed

Analyzing The Inbox of a Spammer's Domain

Consider this scenario: you need a domain name for your site so you go to your favorite domain registrar's website and upon a quick search find that your third choice is actually available! You quickly pull your credit card and register the name. Everything is good and you can't wait to have your new domain start pointing to your site and represent your official email address. But not so fast -- some of the recent events are revealing that, these days, when you are registering a domain name there is one more critical thing you need to do: check under the hood! more

Spam Volume Redux

Several anti-spam companies talk about spam volumes in terms of a percentage of all inbound mail. Outsourced anti-spam services such as BlackSpider and Postini are currently quoting spam volumes in the 70%-85% range, having steadily grown over the last two+ years. That's nice, but it's actually hard to grasp what that means in absolute terms. more

The New Hong Kong Anti-Spam Law, and a Small Fly in the Ointment

Well, it has been quite a while since first the Hong Kong OFTA (in 2004) and then CITB (in 2006) issued requests for public comment about a proposed UEM (Unsolicited Electronic Messaging) bill to be introduced in Hong Kong, for the purpose of regulating unsolicited email, telephone and fax solicitations. We're a large (worldwide) provider of email and spam filtering - but we're based in Hong Kong, and any regulation there naturally gets tracked by us rather more actively than laws elsewhere. We sent in our responses to both these agencies... The bill is becoming law now - and most of it looks good... There's one major fly in the ointment though... more

The Future of Email

While people may debate the death of email, there is no question that many email servers are already overloaded with spam. Current spam solutions are beginning to address the problem, but so far they all suffer from the arms race issue - as fast as we come up with new ways to fight spam, spammers are finding new ways to deliver it to us. While the functionality of email will certainly continue, the current system must change. When the change comes, it will deliver the future of email to Microsoft. more

History of SMTP

The following excerpt is from the Free Software Magazine, March 2005 Issue, written by Kirk Strauser. To read the entire article, you may download the magazine here [PDF]. Also thanks to Yakov Shafranovich for making us aware of this publication. "Spam has existed since at least 1978, when an eager DEC sales representative sent an announcement of a product demonstration to a couple hundred recipients. The resulting outcry was sufficient to dissuade most users from repeating the experiment. This changed in the late 1990s: millions of individuals discovered the internet and signed up for inexpensive personal accounts and advertisers found a large and willing audience in this new medium." more

80% of Spam Originating from Home PCs

The majority of spam -- as much as 80 per cent of all unsolicited marketing messages sent -- now emanates from residential ISP networks and home user PCs. This is due to the proliferation of spam trojans, bits of surreptitious malware code embedded in residential subscriber PCs by worms and spyware programs. Worm attacks are growing in frequency because they provide a fast means of infecting a vast number of computers with spam trojans in a very short period of time. It's no surprise that many service providers report an upsurge in spam traffic immediately following a worm attack. more

AOL and Goodmail: Two Steps Back for Email, Part II

There's been a lot of noise this week since the news broke about AOL and Goodmail, so I thought I'd take the opportunity to change the direction of the dialog a little bit. First, there are two main issues here, and I think it's healthy to separate them and address them separately. One issue is the merits of an email stamp system like the one Goodmail is proposing, relative to other methods of improving and ensuring email deliverability. The second issue -- and the one that got me started earlier this week - is the question of AOL making usage of Goodmail stamps a mandatory event, replacing its enhanced whitelist. more

ClamAV and the Case of the Missing Mail

Some email discussion lists were all atwitter yesterday, as Sourcefire's open-source anti-virus engine ClamAV version 0.94.x reached its end-of-life. Rather than simply phase this geriatric version out the development team put to halt instances of V0.94 in production yesterday, April 15, 2010. In other words, the ClamAV developers caused version .94 to stop working entirely, and, depending upon the implementation, that meant email to systems using ClamAV also stopped flowing. more

More than 99% of Email is Spam?

One of my pet peeves is the headline "n %" of email is spam, it is inherently misleading, and conveys no useful data. I guess it makes for great newspaper headlines then! On our servers looking at one email address for 4 hours, we saw 208 attempted connections for SMTP traffic referring to this email address. ...One can't measure spam in relation to the amount of genuine email, because the amount of genuine email is not connected to the amount of spam... more

There Is No "Spam Problem"

This month I thought I could feel smug, deploying Postfix, with greylisting (Postgrey), and the Spamhaus block list (SBL-XBL) has reduced the volume of unsolicited bulk commercial email one of our servers was delivering to our clients by 98.99%. Alas greylisting is a flawed remedy, it merely requires the spambots to act more like email servers and it will fail, and eventually they will... more

Iran Blocks HTTPS, 30 Million Reported Losing Email Access

Iran is reported to have started blocking access to websites that use HTTPS and as a result making popular and secure online services as well as online banking sites inaccessible. An Iranian news agency reports that over 30 million people in the country have lost access to foreign email services such as Gmail, Yahoo mail and Hotmail. Anything based outside the country that uses a secure connection via HTTPS is blocked, according to news reports and a thread on Hacker News. Secure sites based within Iran are reportedly still accessible. The shutdown is said to be timed to coincide with the anniversary of the 1979 Islamic Revolution in Iran, and is believed to be temporary. more

Using Domain Filtering To Effect IP Address Filtering

In Taking Back The DNS I described new technology in ISC BIND as of Version 9.8.0 that allows a recursive server operator to import DNS filtering rules in what ISC hopes will become the standard interchange format for DNS policy information. Later I had to decry the possible use of this technology for mandated content blocking such as might soon be the law of the land in my country. I'm a guest at MAAWG this week in San Francisco and one of the most useful hallway discussions I've been in so far was about the Spamhaus DROP list. more

Goodmail Shutting Down

Yesterday Goodmail sent out mail to all their customers announcing they are ceasing operations and taking all their token generators offline as of 5pm pacific on February 8th. While this is a bit of a surprise on one level, I'm not that shocked. Ken Magill mentioned in August that Goodmail was on the sales block and rumors have been circulating for weeks about significant changes coming to Goodmail. ... Despite the free service, people at some of those ESPs told me they were having difficulty getting customers to adopt Goodmail. more

Gmail and IMAP and BlackBerry (Oh, my!)

When I was employed, I ran my own mail server and my own BlackBerry Enterprise Server, and I had things tuned pretty much exactly as I wanted them. My incoming mail got some custom processing that looked the sender's address up in my address book and assigned the message a category... I was a very happy email user. Now that I'm on my own, I've decided not to run my own server and all that software, and I've switched to Gmail and the T-Mobile BlackBerry server... Surprisingly, though, I'm mostly still happy... more

Implications of Canada's CASL - Toughest Anti-Spam Law the World Has Ever Seen

While Canada was dragging the chain when it came to introducing anti-spam legislation, it is now making up for lost time. Ottawa's new law -- expected to be operational early this year -- has severe fines for violations and is viewed by some as too tough. Known as CASL, the new law aims to crack down on spammers and mailing list companies but in doing so, tightly regulates the way businesses can market to prospective customers via email and online. more