Authorsteve

June 8, 2017

Final migration of Verizon email addresses to AOL

By steve
3 Min read
4 comments
08June

AOL were kind enough to share some details about the shutdown of the Verizon mail system and the migration of @verizon.net email address to the AOL mail service: What is the cut-over date for the verizon.net MX record? The cut-over date for the mx record for verizon.net to to be handled by AOL is June 20, 2017. This will occur after midnight sometime on Tuesday morning June 20 EDT.   How...

May 26, 2017

Are they using DKIM?

By steve
3 Min read
3 comments
26May

It’s easy to tell if a domain is using SPF – look up the TXT record for the domain and see if any of them begin with “v=spf1”. If one does, they’re using SPF. If none do, they’re not. (If more than one does? They’re publishing invalid SPF.) AOL are publishing SPF. Geocities aren’t. For DKIM it’s harder, as a DKIM key isn’t published at a...

May 23, 2017

Protocol-relative URLs in email

By steve
2 Min read
1 comment
23May

When you link to an external resource – an image, a javascript file, some css style – from a web page you do so with a URL, usually something like “; or “;. The world is beginning to go all https, all the time, but until recently good practice was to make a web page available via both http and https. The problem is that if you try and load a resource from an http URL from...

May 22, 2017

ARC: Authenticated Received Chain

By steve
7 Min read
1 comment
22May

On Friday I talked a little about DMARC being a negative assertion rather than an authentication method, and also about how and when it could be deployed without causing problems. Today, how DMARC went wrong and a partial fix for it that is coming down the standards pipeline. What breaks? DMARC (with p=reject) risks causing problems any time mail with the protected domain in the From: field is...

May 19, 2017

The philosophy of DMARC

By steve
6 Min read
Add comment
19May

We know that legitimate email sent with valid SPF and a DKIM signature often breaks in transit. SPF will fail any time mail is forwarded – via a mailing list, a forwarding service used by the recipient, or just ad-hoc forwarding. DKIM will fail any time the message is modified in transit. That can be obviously visible changes, such as a mailing list tagging a subject header or adding a...

May 17, 2017

You're kidding me

By steve
3 Min read
3 comments
17May

All the authentication and DMARC in the world can’t save you from stupid. I just got a survey request from my bank. Or, at least, it claimed to be from my bank. From: Barclays International Banking Survey <internationalbanking@barclayssurveys.com> The mail passed SPF (though the SPF record suggests this is being mailed from all over the place) and was validly DKIM signed for...

May 2, 2017

… and bad acquisition practices

By steve
2 Min read
3 comments
02May

I talked last week about how incentivizing people to sign up for your mailing list could be effective when it’s done well. This week I’m staying at a Large International Hotel Chain and I’ve got a great example of what happens when it’s done poorly. The “free” wifi requires you to join the hotel’s loyalty programme. I’ve done that in the past, so I...

April 26, 2017

Every Download a Confirmation

By steve
3 Min read
Add comment
26April

We often talk about confirmed opt-in (aka “closed-loop opt-in” or “double opt-in”) as the gold standard for address acquisition for permission-based mail. It’s not the only way to gather permission, and in some ways it’s a rather blunt tool that can discourage people from completing a sign-up process if it’s done badly – the confirmation email...

April 25, 2017

Tools!

By steve
1 Min read
2 comments
25April

I just added a DMARC validation tool over on tools.wordtothewise.com. You can give it a domain – such as ebay.com – and it will fetch the DMARC record, then explain and validate it. Or you can paste the DMARC record you’re planning to publish into it,  to validate it before you go live. If you’ve not seen our tools page before, take a look. As well as DMARC we have a DKIM...

April 19, 2017

The twilight of /8s

By steve
3 Min read
Add comment
19April

A “/8” is a block of 16,777,214 usable IP addresses. That’s a big fraction of the entire IPv4 address space – about 1/224, in fact. Each one is all the addresses that begin with a given number: 10.0.0.0/8 is all the IP addresses that begin with “10.”, “184.0.0.0/8” (or “184/8” for short) is all the IP addresses that begin with “184...

Recent Posts

Archives

Follow Us