BLOG

Author: steve

Compromising a Mail Client

Your entire work life is in your work mail client. All the people you communicate with – co-workers, friends, family, vendors, customers, colleagues. Every email you send. Every email you receive. Any files you attach or receive. If someone can compromise your mail client, they can see all that. They can save copies of all […]

3 Comments

Everything leaks eventually

We have a role address we use to receive support requests from users of our Abacus ticketing system - they’re typically abuse or security desk administrators at ISPs or ESPs, inside corporate firewalls and protected by multiple layers of security and malware protection. We’ve been using it since around 1997, so we’ve had a good, spam-free run, […]

5 Comments

SORBS – back soon

If you’ve tried to get an address delisted from SORBS this week you’ll have found that their site is degraded, and there’s no way to request delisting. They’ve been dealing with some very nasty database / hardware problems and while they’re fixing those the externally visible SORBS services are running in a read-only mode (where […]

4 Comments

On Discovery and Email

If you’re involved in any sort of civil legal action in the US Courts – whether that be claims of patent violation, defamation, sexual harassment or anything else – there’s a point in the pre-trial process where the opposing lawyers can request information from you, and also from any third-parties they believe may have useful […]

No Comments

Ad-hoc analysis

I often pull emails into a database to analyze them, but sometimes I want something simpler. Emails are typically stored in one of two ways: mbox format, where an entire mailbox is stored in a single file, and maildir format, where a mailbox is a directory with one file in it for each email. My […]

No Comments

New top level domains

ICANN have signed agreements for four new top level domains, all internationalized domains from the 2o12 applications for new TLDs. They are شبكة (“network” or maybe “web” in arabic), 游戏 (“game” in chinese), онлайн and сайт (“online” and “website” in russian). It’ll take a while for the registries to ramp up their infrastructure, but you might start seeing […]

No Comments

Know what you’re promising, and keep your promises

Although we can’t always provide a personal response to your complaint, we do investigate all reports. Please don’t interpret a lack of response as a lack of action taken. If we find that a customer is violating our policies, we will take make sure they stop the violating activity. That’s the response I had when […]

No Comments

What is a dot-zero listing?

Some email blacklists focus solely on allowing their users to block mail from problematic sources. Others aim to reduce the amount of bad mail sent and prefer senders clean up their practices, rather than just blocking them wholesale. The Spamhaus SBL is one of the second type, using listings both to block mail permanently from […]

9 Comments

DKIM and DomainKeys, Spam and Ham

I’ve been preaching “DKIM is great! DomainKeys is obsolete, get rid of it!” for several years now. I thought I’d take a look at my mailbox and see who was using authentication. I’ve divided this into “Ham” and “Spam”. Spam is, well, all the spam I’ve received over the past couple of years. Ham is […]

2 Comments

DNS, SERVFAIL, firewalls and Microsoft

When you look up a host name, a mailserver or anything else there are three types of reply you can get. The way they’re described varies from tool to tool, but they’re most commonly referred to using the messages dig returns – NXDOMAIN, NOERROR and SERVFAIL. NXDOMAIN is the simplest – it means that there’s no […]

3 Comments
  • ReturnPath on DMARC+Yahoo

    Over at ReturnPath Christine has an excellent non-technical summary of the DMARC+Yahoo situation, along with some solid recommendations for what actions you might take to avoid the operational problems it can cause.No Comments


  • AOL problems

    Lots of people are reporting ongoing (RTR:GE) messages from AOL today.  This indicates the AOL mail servers are having problems and can't accept mail. This has nothing to do with spam, filtering or malicious email. This is simply their servers aren't functioning as well as they should be and so AOL can't accept all the mail thrown at them. These types of blocks resolve themselves. 1 Comment


  • Fixing discussion lists to work with new Yahoo policy

    Al has some really good advice on how to fix discussion lists to work with the new Yahoo policy. One thing I would add is the suggestion to actually check dmarc records before assuming policy. This will not only mean you're not having to rewrite things that don't need to be rewritten, but it will also mean you won't be caught flat footed if (when?) other free mail providers start publishing p=reject.No Comments


Archives