I’ve shared a version of this image repeatedly. I think it was only my Facebook friends that got the stick figure screaming in frustration, though. The reality is bounce handling is one of the most frustrating pieces of email delivery. Not only that, many people in the email space treat it as a simple process. It’s really not as simple as we’d like it to be. The above image was...
The phishing attack against Sendgrid is still going on. Most of the mail and the websites are being hosted on Linode. I’ve still not gotten to see what one of the sites looks like, as Linode is getting the sites down before I click on the links. Everyone here is doing the Right Things(tm) in order to address the problem. Sendgrid has a p=reject message in their DMARC record, Linode seems to...
For a long time one of the “best practices” for links in html content has been to avoid having anything that looks like a URL or hostname in the visible content of the link, as ISP phishing filters are very, very suspicious of links that seem to mislead recipients about where the link goes to. They’re a very common pattern in phishing emails. /* This is bad: */ <a href="">>...
The nice folks at Kickbox asked me what I thought the biggest myths about spamtraps were. I said: I think the biggest misconception is that spamtraps are the reason for delivery failures, whether blocking or spamfoldering. When the article came out, I was highly amused to see that John from Campaign Monitor said the same thing in his first sentence, too. A common misconception is that spamtraps...
One of the interesting things about moving to the EU is experiencing the internet where GDPR is a thing. We get asked permission for everything. Including if we want shopping cart updates. On the email space, though, we’ve been visiting various home shows as we look at options and furniture for our new house. Part of it has involved giving email addresses to various groups in exchange for...
There is currently a phishing attack against a major ESP. The mail came through what I presume was a compromised account hosted at one of the providers. It’s just as possible this was a domain set up for the sole purpose of phishing, though. The underlying attack is pretty good. They took the ESP compliance notification email and changed a couple of the links to point to their phishing page...
Saw a new disclaimer on mail sent to an address harvested off our website today: disclaimer: This is an advertisement and a promotional mail-in adherence to the guidelines of CAN-SPAM act 2003. We have clearly mentioned the source id of this mail, also clearly mentioned the subject line, and they are in no way misleading in any form. We have found your email address through our own efforts on the...
A couple folks have asked me recently about MX records that they don’t understand. These records consist of a single . or they contain localhost or they are 127.0.0.1. In all cases, the domain owners use these records to signal that the domains don’t accept email. What do these records look like? Why do domains do this? In all cases it’s because the domain owners want to signal...
RSS - Posts