Sometimes we have a client who has done something wrong when setting up authentication. Their DKIM signing fails due to something being wrong with the public key they’ve published. The published key looks fine, by eye. It’s got all the fields it should have, but diagnostic tools give inscrutable error messages. If you’re lucky, “This doesn’t seem to be a valid RSA...
No, Gmail did not just break all open tracking
I was avoiding commenting on the email open tracking bad take that seems to be going viral round the more gullible corners of LinkedIn.
I avoided it for long enough that other folks wrote articles saying pretty much what I’d say. Yay!
You should read what Al has to say over at SpamResource.
DNS Failures
We use DNS a lot in email, particularly for authentication, so diagnosing why DNS isn’t returning what we expect it to is a pretty common challenge. And DNS responses aren’t exactly the clearest thing to understand. There are two types of DNS server we need to know about. When we publish DNS records for our own domain we add them to a nameserver that is authoritative for our domain...
Bears and Spam Filters
Why is designing spam filters like designing bear-proof trash cans?
Prefetches and Proxies
Jody asks “Are ‘prefetch opens’ and ‘proxy opens’ the same thing?” Non-human opens An “open” is just someone (or something) fetching a remote image. A non-human-interaction (NHI) open is where some sort of automation fetches the image without human interaction – i.e. it’s fetched when the automation feels like it, not triggered by a user...
Sendy and one-click unsubscribe
If you’re using sendy and you’ve found that RFC 8058 one click unsubscribe fails – or, worse, seems to work but doesn’t actually unsubscribe the user – you should take a look at James’ workaround.
Sending domains and hostnames
Lots of times I see someone asking a question and they talk about their sending domain. And it’s sometimes not 100% clear which domain they mean by that – and when we’re talking about alignment and reputation it can make a difference. So here’s a list of (some of?) the different places a mailserver uses a domain. Hostnames Machine Hostname: What the operating system...
If you’re using Entrust for your BIMI VMC …
BIMI is the protocol you can use to publish an icon to display in the inbox of some large consumer webmail providers. To have it displayed at Gmail you need more than just clean DMARC and a published BIMI record, you also need to have a Verified Mark Certificate, a VMC. A VMC is a certificate, very similar in many ways to the TLS certificates used to secure webpages. It’s issued by a...
Who’s your Email Czar?
The gentleman with the excellent hat is Иван IV Васильевич, The Great Sovereign, Tsar and Grand Prince of all Russia, Vladimir, Moscow, Novgorod, Tsar of Kazan, Tsar of Astrakhan, Sovereign of Pskov, Grand Prince of Smolensk, Tver, Yugorsk, Perm, Vyatka, Bolgar and others, Sovereign and Grand Prince of Novgorod of the Lower Land, Chernigov, Ryazan, Polotsk, Rostov, Yaroslavl, Beloozero, Livonia...
Deliveries and Opens and Clicks
I always want to say “Emails, and Opens, and Clicks… Oh My!” when I’m talking about them. We really want to understand how a mailbox provider perceives the streams of email we send them. Some of the things the provider looks at are technical and objective – is the email coming from who it claims to be coming from? Is there an attachment that contains a virus? We have...