Recent Posts

Questioning standards

M3AAWG publishes documents summarizing and discussing current practices for stopping and preventing abuse. Some of these documents are focused on ISPs while others are focused on marketers. While M3AAWG is not directly nor officially a standards body, most of the documents have been written by members and reflect the best current practices for that document.
Members have been asked to leave the organization and some companies are denied membership because they are not in line with the organizational values. Some of these companies are ESPs or marketers, but some of these companies have been ISPs as well.
The standards written by M3AAWG are challenging for a lot of marketers to follow. These standards are written with the input of senders, but they all comply with the M3AAWG mission of stopping messaging abuse. Many ISPs believe that unsolicited email is abuse, thus M3AAWG standards say that all mail needs to be sent to recipients who request that mail. Purchasing lists, selling lists, and appending email addresses are all unacceptable activities for M3AAWG members.
I never really had much concern about the effectiveness of the M3AAWG process. Most of the big industry players are there and many of the ISPs have an aggressive anti-abuse attitude.
But last week I saw a blog post on a fairly major industry blog that listed a bunch of (made up, tasteless and sexist) things “overheard” at the recent M3AAWG conference (it’s been removed and I wouldn’t link to it anyway). The blog post made it look like no real work gets done at M3AAWG and that the attendees don’t work at the conference. I won’t claim that it’s a staid and quiet conference, but most attendees work very hard during the day.
The next day, the author tweeted:

Read More

Spamhaus answers questions

Lost in all of the DOS attack news this week is that the first installment of Spamhaus answering questions from marketers in Ken Magill’s newsletter.
It’s well worth a read for anyone who is interested in hearing directly from Spamhaus.
One quote stood out for me, and it really sums up how I try to work with clients and their email programs.

Read More

CBL website and email back on line

The CBL website is back on line.
It’s possible that your local DNS resolver has old values for it cached. If so, and if you can’t flush your local DNS cache, and you really can’t wait until DNS has been updated then you may be able to put a temporary entry in your hosts file to point to cbl.abuseat.org.
You can get the IP address you need to add by querying the nameserver at ns-2038.awsdns-62.co.uk for cbl.abuseat.org. No, I’m not going to tell you the IP address – if you can’t do a basic DNS query, you shouldn’t be modifying your hosts file and you can just wait a day.

Read More

dDOS spreads to the CBL

Spamhaus has mostly mitigated the dDOS against the Spamhaus website and mailserver, but now the CBL is under attack. They have been working to get that under protection as well, but it’s taking some time.
Right now there are no public channels for delisting from the CBL. The Spamhaus Blog will be updated as things change, and I’ll try and keep things updated here as well.
UPDATE: Cloudflare talks about the scope of the attack

Read More

Mail that looks good on desktop and mobile

Over the weekend I noticed a new CSS framework aimed at email rather than web development, “Antwort“.
This isn’t the first or only framework for email content, but this one looks simple and robust, and it allows for content that doesn’t just adapt for different sized displays but looks good on all of them. The idea behind it is to divide your content into columns, magazine style, then display the columns side-by-side on desktop clients and top to bottom on mobile clients. That opens up much more interesting designs than the more common single fluid column approach.

It looks nice, it supports pretty much every interesting email client, but it also comes with some directions based on real world experience.

Read More

Spamhaus under major dDOS

Late last night I, and a number of other folks, received mail from Spamhaus informing us of a major denial of service attack against their servers. The attack is so bad that the website and main mailserver is currently offline.
DNS services, including rsync and the mirrors, are up and running.
Spamhaus is working to bring the mailserver and website back up, and are hoping to have it up later today.
If there are any critical or particularly urgent SBL issues today, contact your ESP delivery team. The folks who were contacted do have an email address for urgent issues. This is not an address for routine queries, however, and most listees are going to have to wait until normal services are restored to have their listing addressed.
If there is something particularly urgent and your ESP or delivery team does not have a contact address, you can contact me an I can see what I can do.
UPDATE: Most of the IPs people have sent me are actually XBL/CBL listings. But right now the CBL webserver is responding slowly due to the DOS.
If you want to look up a listing without using the Spamhaus website you can use the “host” or “dig” command line tools. To do this reverse the digits in the IP address and append zen.spamhaus.org on the end.
So for the IP 10.11.12.13 you would query 13.12.11.10.zen.spamhaus.org

Read More

No room for cowards

Brian Krebs was the keynote speaker at a MAAWG meeting a few years ago. He is a tech journalist that knows and understands the dark underworld of online crime. Yesterday, his website was taken down by a dDOS attack and the Fairfax County SWAT team was called to his house by someone.
Brian does work that is risky. His contributions to what we know about online crime are extremely valuable.
His post talking about what happened yesterday is well worth reading.
ETA: The ArsTechnica article on the event.

Read More

Bad Neighborhoods on the Internet

Of the 42,000 Internet Service Providers (ISPs) surveyed, just 20 were found to be responsible for nearly half of all the internet addresses that send spam.

Read More

Network World on Spamhaus

Spamhaus warns marketers to keep email databases tidy

Read More

Hear me talk about improving delivery

Tom Sather (ReturnPath) and I will be speaking on Thursday at a webinar hosted by the Association of Business and Media Companies.
How to Boost Email Marketing Response Rates

Read More
Categories
Tags