Email addiction survey

The great folks over at Zettasphere and Emailmonday have released their Email Addiction Survey. Nothing surprising in the data that I can see, although I suspect one particular data point is going to surprise folks.

Yup, more than 70% of people don’t really care about a do not reply address in a message. Honestly, I’m not surprised. Most users don’t really care. In all honesty it probably doesn’t affect delivery that much any longer, either. I still think it’s generally a bad idea but as long as you’re providing a communications channel for recipients to connect with your company it’s probably not going to be a giant problem.

 

Related Posts

Memories of Spam in May

This morning on Facebook a friend posted a picture saying that 15 years ago was the very first anti-spam conference (Spamcon*). All we have are some blurry scans of pictures and coffee mugs.
13322193_10209611310107693_488418243076278791_n.
That 550 sign belonged to the bar where the night out was held. It got bought by K & P and lived in their garden until it rotted away a few years ago. So many folks who are still active in the space, and so many folks who’ve moved on. Names I’d forgotten, faces I haven’t.
Many of those folks are still working in email. Some on the sending side, some on the tools and vendor side, some on the ISP side, some on the consulting side.  That conference was one of the very first times people publicly gathered to talk about spam. There were other occasions, but most were invite only with hand picked representatives of specific companies.
At that first Spamcon I was freshly laid off from MAPS (now Trend Micro). I was considering what next. The thing is, I really liked the work I was doing. MAPS had me leading a team to provide abuse desk as an outsourced service. We had a very large network provider as a customer and we were handling all the mail that came into abuse@ there. It was a challenge, I was creating processes and documenting policy, trying to do more with less and managing my first team ever.
Much of what I do now, here, grew out of that position. It was clear even then there was a need for someone who could help navigate the challenges of email.
In the same thread another person posted pictures from a social night in DC during the FTC Spam Forum. More folks, some I have lost touch with and some who are still friends and colleagues.
We were so young. All of us.
This is yet another form of community that email created. Some of it was built over email, but a lot of it happened on USENET and IRC and local meetups. There were so many ways we built community using plain text and dialup. The technology has changed, and that community from a dozen years ago has changed but it’s still all the same deep down inside.
SpamconMugs
 
(* If, at any point, you see me type Spamconk instead of Spamcon please blame autocorrect. It’s being difficult and even tries to correct it when I go back and edit sentences.)

Read More

Happy New Year!

Well, we mostly survived 2016. A year ago I was making predictions about how 2016 would be the year of email security. I was thinking of things like TLS and authentication and access to the inbox. It wasn’t out of the question, Gmail said they’d be turning on p=reject sometime mid-year. They also were suggesting that they would be putting more value on messages that aligned, even in the absence of a DMARC signature. The first still hasn’t happened, and the second doesn’t appear to be in place, either.
DataSecurity_Illustration
That doesn’t mean email security wasn’t a hot topic in 2016. In fact, the use of a private email server was a major topic during the US elections. We also had spear-phishing play a major role in the compromise of campaign systems. I didn’t talk much about that here when it happened, but news reports make it clear that Chairman Podesta and others were targeted for compromise. The NY Times has a more in depth article with broader context around the attacks and how emails were used to infiltrate a major political party.
The irony is with all the time spent talking about how insecure the private server was, that server wasn’t compromised. Instead, the compromise was at Gmail.
We all need to pay attention to our email and how we use it. It also means when we’re sending bulk and marketing email we need to consider the private and personal information we’re putting in messages. Do you send PII? Is there a way you don’t have to? What can we do to protect our brand and our users?
It’s not just bulk email we need to think about, either. Personal email can contain PII, or personal information. A common saying among some of my security friends is “never put in email anything you wouldn’t want to see on the front page of the Washington Post or NY Times.” That’s an easy thing to say, but the convenience of email makes it easy to share information that we may not want on the front page of either paper. Many of us aren’t actually targets of malicious activity so we don’t have to worry about being targeted the way elected and other officials are. But that doesn’t mean we are not at risk. It just means we’re at less risk than others.
Email is a frequent vector for malicious actors to access computers. Most, if not all of the major breeches in the last few years have started with a phishing attack of some sort. The attacks are planned out and sophisticated. This is not going to get better. The phishers are smart and plan the attacks.  We also need to be more personally aware of security given the current political climate. We need to take steps to protect ourselves more than we have in the past.
Security is more important than ever and we all need to protect ourselves.

Read More

Why care about email?

I got my first email address in the very late 80s. I was an intern at a government agency. I learned a lot there: how to sequence DNA, how to handle radioactive material, how to handle human pathogens, and how to send email. I got my first non-work non-school address in the mid-90s. One of the first things I did was join some mailing lists.
One of them was a list for folks who had pet rabbits. I met a lot of people there, both online and in person. As with many people we meet through a shared interest as our interest wanes the relationships change. Some relationships were maintained, but some of us lost touch with one another. Moves, job changes, email address changes, they all affect our ability to maintain relationships online. I kept in touch with some, one was the maid of honor at my wedding and a few years ago I was the maid of honor at hers. I lost track of others.
 

Read More