BLOG

Author: steve

This message has no content.

This is what my mail client tells me about the latest mail Twitter sent me: Criticism of Twitter’s copywriters? Not exactly, no. Mail.app is looking for some textual content near the top of the mail to display to me as preview text. It can’t find any in this mail, so it’s telling me the message has […]

No Comments

Hands off address books

Germany’s highest court has ruled that Facebook’s practice of harvesting email addresses from their users contact lists in order to send invitations to them constitutes “advertising harassment” and violates German law on data protection and unfair trade practices. This in response to a suit filed by the Federation of German Consumer Organisations (VZBV) What the judgment […]

No Comments

Doing it right

It’s that time of the year – marketers send more email than usual, recipients unsubscribe from their lists. Clicking on the unsubscription link in the email I just received took me to an unsubscription landing page. The box for my email address was prepopulated based on the cookie in the unsubscription link, the default setting is […]

No Comments

Clickthrough forensics

When you click on a link in your mail, where does it go? Are you sure? HTTP Redirects In most bulk mail sent the links in the mail aren’t the same as the page the recipients browser ends up at when they click on it. Instead, the link in the mail goes to a “click […]

2 Comments

Lets Encrypt Everything

Using SSL TLS to protect data in transit and authenticate servers you contacted originally required specialized software, complex configuration and expensive and complicated to require certificates. The need for specialized software is long since gone. Pretty much every web server and mail server will support SSL out of the box. Basic server configuration is now pretty simple […]

3 Comments

ESP attacks, again. Be wary.

There seems to be an uptick in phishing attacks that have an impact on ESPs recently. Your CEO The most critical one is targeted spear-phishing attacks that claim to be internal documents sent by senior staff within the company, e.g. from the company CEO. It’s likely that the attached documents will compromise and backdoor your […]

No Comments

SPF debugging

Someone mentioned on a mailing list that mail “from” intuit.com was being filed in the gmail spam folder, with the warning “Our systems couldn’t verify that this message was really sent by intuit.com“. That warning means that Gmail thinks it may be phishing mail. Given they’re a well-known financial services organization, I’m sure there is a lot […]

1 Comment

Deliverability at Yahoo

We have multiple measures of deliverability. Ones that we don’t even let in the door, and then we have ones that customers indicated that they don’t want to be delivered.  – Jeff Bonforte, Senior VP Communications, Yahoo Mail Read a little more about Yahoo and spam over at Tech Insider, or listen to the podcast at […]

No Comments

Trawling through the junk folder

As a break from writing unit tests this morning I took a few minutes to go through my Mail.app junk folder, looking for false positives for mail delivered over the past six weeks. We don’t do any connection level rejection here, so any mail sent to me gets delivered somewhere. Anything that looks like malware gets […]

1 Comment

DMARC News – Gmail p=reject and ARC

DMARC.org announced this morning that Gmail will be moving to publishing a p=reject DMARC record in June of next year, much the same as Yahoo and AOL have. Unlike Yahoo and AOL, Gmail are giving those who will be affected plenty of time to prepare for any issues, and have waited until there are some potential ways […]

No Comments
  • Lost in the mists of time

    Over on the Farsight Security blog Joe St. Sauver talks about some of the early days of online abuse, on usenet. Laura and I were on the periphery of early usenet abuse, mostly as users, but Usenet (and IRC) around then were the places we both started with email abuse.No Comments


  • Ongoing Yahoo delays

    I've been hearing from folks over the last few days that they're seeing an uptick in deferrals from Yahoo! The deferrals are not uniform. ESPs report they're seeing some, but not all, customers affected. Other ESPs aren't seeing any changes. It's not just you. But it would be very worthwhile to dig into engagement and other stats. It's possible this is a new normal at Yahoo! and they're tightening filters to catch mail that doesn't fit their standards but was previously difficult to filter.No Comments


  • AOL starts using Sender Score Certification

    Good news for Sender Score Certified IPs. Return Path recently announced that AOL has joined the list of ISPs offering preferential treatment to certified IPs.  1 Comment


Archives