BLOG

Author: steve

Comodo, TLS certificates and business ethics

We run a lot of our own infrastructure at Word to the Wise. Our email and web presence runs on our own hardware, in our own cabinet in our own network space. Partly that’s because we’re all from very technical backgrounds, and can run them in a way that’s better suited to our needs than […]

2 Comments

Domain transparency

An email I received this morning got me thinking about how your domain name is one of the main ways you identify yourself if you’re sending email. We talk about domain reputation quite a lot – DKIM and SPF let a sender volunteer a domain name as a unique identifier for recipients to use to […]

3 Comments

Gmail / Apps authentication issues

I’ve seen several reports of unexpected rejections for unauthenticated email to Google over IPv6 today. Unauthenticated mail over IPv6 is a bad idea, but Google usually spam folders it rather than rejecting it. The Gmail status dashboard is reporting an issue “Some messages sent to consumer Gmail accounts are being rejected due to authentication enforcement” so something […]

No Comments

More on ARC

ARC – Authenticated Received Chain – is a way for email forwarders to mitigate the problems caused by users sending mail from domains with DMARC p=reject. It allows a forwarder to record the DKIM authentication as they receive a mail, then “tunnel” that authentication on to the final recipient. If the final recipient trusts the […]

No Comments

SHOUTY CAPS!!!

Over at Meh Glenn Fleishman has put together a fascinating two-parter on the history of using ALL CAPS for emphasis. And SHOUTING. CAPITAL CRIMES, PART 1 : SHOUT, SHOUT, LET IT ALL OUT CAPITAL CRIMES, Part 2: Usenet has no CHILL  

No Comments

Google drops obsolete crypto

Google is disabling support for email sent using version 3 of SSL or using the RC4 cypher. They’re both very old – SSLv3 was obsoleted by TLS1.0 in 1999, and RC4 is nearly thirty years old and while it’s aged better than some cyphers there are multiple attacks against it and it’s been replaced with more recent […]

No Comments

Hotmail having a bad day

Hotmail seems to be having a bad day, responding to a lot of delivery attempts with “554 Transaction failed” responses. It’s not you, it’s them. They’re aware of the issue.

No Comments

Don’t mess with my email

One thing we tell clients is that people consider their mailbox a very personal space. They’re offended when people invade that personal space without permission, sometimes to an extent that doesn’t seem proportional to the scale of the offense. And we advise senders who have been invited into the inbox to treat it with respect. […]

No Comments

DMARC p=reject

Mail.ru is switching to p=reject. This means that you should special-case mail.ru wherever … Actually, no. Time to change that script. If you operate an ESP or develop mailing list software you should be checking whether the email address that is being used in the From: address of email you’re sending is in a domain […]

1 Comment

Foundation: A toolkit for designing responsive emails

Zurb announced today version 2 of “Foundation for Email”, a full stack for designing content for responsive email. It looks rather nice, with features a modern web developer might look for when working on email content. It has many of the things you’d expect a web design stack to have. It support SASS for styling, […]

1 Comment
  • OTA joins the ISOC

    The Online Trust Alliance (OTA) announced today they were joining forces with the Internet Society (ISOC). Starting in May, they will operate as an initiative under the ISOC umbrella. “The Internet Society and OTA share the belief that trust is the key issue in defining the future value of the Internet,” said Internet Society President and CEO, Kathryn Brown. “Now is the right time for these two organizations to come together to help build user trust in the Internet. At a time when cyber-attacks and identity theft are on the rise, this partnership will help improve security and data privacy for users,” added Brown.No Comments


  • Friday blogging... or lack of it

    It seems the last few Friday's I've been lax on posting. Some of that is just by Friday I'm frantically trying to complete all my client deliverables before the weekend. The rest of it is by Friday I'm just tired. Today had the added complication of watching the Trumpcare debate and following how (and how soon) it would affect my company if it passed. That's been a bit distracting, along with the other stuff I posted about yesterday. I wish everyone a great weekend.1 Comment


  • Indictments in Yahoo data breach

    Today the US government unsealed an indictment against 2 Russian agents and 2 hackers for breaking into Yahoo's servers and stealing personal information. The information gathered during the hack was used to target government officials, security employees and private individuals. Email is so central to our online identity. Compromise an email account and you can get access to social media, and other accounts. Email is the key to the kingdom.No Comments


Archives