BLOG

Author: steve

This message has no content.

This is what my mail client tells me about the latest mail Twitter sent me: Criticism of Twitter’s copywriters? Not exactly, no. Mail.app is looking for some textual content near the top of the mail to display to me as preview text. It can’t find any in this mail, so it’s telling me the message has […]

No Comments

Hands off address books

Germany’s highest court has ruled that Facebook’s practice of harvesting email addresses from their users contact lists in order to send invitations to them constitutes “advertising harassment” and violates German law on data protection and unfair trade practices. This in response to a suit filed by the Federation of German Consumer Organisations (VZBV) What the judgment […]

No Comments

Doing it right

It’s that time of the year – marketers send more email than usual, recipients unsubscribe from their lists. Clicking on the unsubscription link in the email I just received took me to an unsubscription landing page. The box for my email address was prepopulated based on the cookie in the unsubscription link, the default setting is […]

No Comments

Clickthrough forensics

When you click on a link in your mail, where does it go? Are you sure? HTTP Redirects In most bulk mail sent the links in the mail aren’t the same as the page the recipients browser ends up at when they click on it. Instead, the link in the mail goes to a “click […]

2 Comments

Lets Encrypt Everything

Using SSL TLS to protect data in transit and authenticate servers you contacted originally required specialized software, complex configuration and expensive and complicated to require certificates. The need for specialized software is long since gone. Pretty much every web server and mail server will support SSL out of the box. Basic server configuration is now pretty simple […]

4 Comments

ESP attacks, again. Be wary.

There seems to be an uptick in phishing attacks that have an impact on ESPs recently. Your CEO The most critical one is targeted spear-phishing attacks that claim to be internal documents sent by senior staff within the company, e.g. from the company CEO. It’s likely that the attached documents will compromise and backdoor your […]

No Comments

SPF debugging

Someone mentioned on a mailing list that mail “from” intuit.com was being filed in the gmail spam folder, with the warning “Our systems couldn’t verify that this message was really sent by intuit.com“. That warning means that Gmail thinks it may be phishing mail. Given they’re a well-known financial services organization, I’m sure there is a lot […]

1 Comment

Deliverability at Yahoo

We have multiple measures of deliverability. Ones that we don’t even let in the door, and then we have ones that customers indicated that they don’t want to be delivered.  – Jeff Bonforte, Senior VP Communications, Yahoo Mail Read a little more about Yahoo and spam over at Tech Insider, or listen to the podcast at […]

No Comments

Trawling through the junk folder

As a break from writing unit tests this morning I took a few minutes to go through my Mail.app junk folder, looking for false positives for mail delivered over the past six weeks. We don’t do any connection level rejection here, so any mail sent to me gets delivered somewhere. Anything that looks like malware gets […]

1 Comment

DMARC News – Gmail p=reject and ARC

DMARC.org announced this morning that Gmail will be moving to publishing a p=reject DMARC record in June of next year, much the same as Yahoo and AOL have. Unlike Yahoo and AOL, Gmail are giving those who will be affected plenty of time to prepare for any issues, and have waited until there are some potential ways […]

No Comments
  • HE.net DNS problems

    Hurricane Electric had a significant outage of their authoritative DNS servers this morning, causing them to return valid responses with no results for all(?) queries. This will have caused delivery problems for any mail going to domains using HE.net DNS - which will include some of their colocation customers, as well as users of their free services - but also will have caused reverse DNS to fail for most servers hosted by Hurricane Electric worldwide, so if any of your mail is being sent from HE hosted machines you may have seen problems. (We're HE customers so we noticed. Still happy with them as a vendor.)No Comments


  • 65.0.0.0/8 DNS issues

    If you're sending email from any address beginning with a 65 - in 65.0.0.0/8 - it's possible you'll see some delivery problems. Something appears to be broken with dnssec signatures for the reverse DNS zone, leading queries for reverse DNS to fail for anyone using a dnssec aware DNS resolver (which is almost everyone).1 Comment


  • Our green bar certificate is going away

    Later today we'll be switching from an Extended Validation ("green bar") SSL certificate to a Domain Validation certificate. This isn't exactly a planned change but I'm waiting for responses from Comodo before I go into it too much. I'll share some more details next week.3 Comments


Archives