Recent Posts

DKIM is Done

This was posted to the IETF DKIM Working Group mailing list this morning:

It’s been about a year since people started publicly talking about spear phishing attacks against ESPs and major emailers. There was a lot of energy put into talking about how to protect against future attacks. I have to wonder, though, how much of that talk translated into action?
What processes do you have in place to protect your company against attacks?
If you’re at an ESP, do you have the ability to scan your outgoing stream for keywords or domains?
If you’re a brand, have you implemented restrictions on which employees have access to your databases?
What have you done since the last set of attacks? Are you vulnerable if new attacks start?
More information on ESP attacks:
Be on the lookout
Time for a real security response
Email attacks

Everyone's a lawyer

There used to be one thing you would inevitably see when having a heated discussion on the internet. At some point, someone would compare one of the participants with Hitler or the Nazi’s. That’s been a known “fact” on the internets since long before I joined.
That rule was, of course, started in the days of Usenet, where it was difficult (if not impossible) to actually ban a troublemaker. These days we’re in the era of web forums and blog comment sections. It’s much easier to ban a commenter for being disruptive.
What is amusing to me, is how often I will see someone declare that the blog (or forum) owner is somehow legally liable for everything every commenter says because they have now taken the step of moderating comments.
Reality is slightly more complex. There is case law that holds moderators liable, and there is case law that doesn’t. This reality doesn’t stop internet lawyers from declaring, however, that the website owners are going to end up liable for all comments just because they moderated some or all of the comments.

Censorship, email and politics

Spamfiltering blocks email. This is something we all know and understand. For most people, that is everyone who doesn’t manage an email server or work in the delivery field or create spamfilters, filtering is a totally unseen process. The only time the average person notices filters is when they break. The breakage could be blocking mail they shouldn’t, or not blocking mail they should.
Yesterday, a bunch of people noticed that Yahoo was blocking mail containing references to a protest against Wall Street. This understandably upset people who were trying to use email as a communication medium. Many people decided it was Yahoo (a tool of the elites!) attempting to censor their speech and stop them from organizing a protest.
Yeah. Not so much.
Yahoo looked into it and reported that the mail had gotten caught in their spam filters. Yahoo adjusted their filters to let the mail through and all was (mostly) good.
I don’t think this is actually a sign of filters being broken. The blocked mail all contained a URL pointing to a occupywallst.com. I know there was a lot of speculation about what was being blocked, but sources tell me it was the actual domain. Not the phrase, not the text, the domain.
The domain was in a lot of mostly identical mail coming out of individual email accounts. This is a current hallmark of hijacked accounts. Spammers compromise thousands of email accounts, and send a few emails out of each of them. Each email is mostly identical and points to the same URL. Just like the protest mail.
There was also a lot of bulk mail being sent with that URL in it. I’ve been talking to friends who have access to traps, and they were seeing a lot of mail mentioning occupywallst.com in their traps. This isn’t surprising, political groups have some horrible hygiene. They are sloppy with acquisition, they trade names and addresses like kids trade cold germs, they never expire anything out. It’s just not how politics is played. And it’s not one party or another, it’s all of them. I’ve consulted with major names across the political spectrum, and none actually implement best practices.
As I have often said the secret to delivery is to not have your mail look like spam. In this case, the mail looked like spam. In fact, it looked like spam that was coming from hijacked accounts as well as spam sent by large bulk mailers. I suspect there was also a high complaint rate as people sent it to friends and family who really didn’t want to hear about the protests.
To Yahoo!’s credit, though, someone on staff was on top of things. They looked into the issue and the filter was lifted within a couple hours of the first blog post. A human intervened, overruled the algorithm and let the mail out.
I bet this is one of the few times anyone has seen that Yahoo does outbound filtering. Given it’s a politically charged situation, I can see why they assume that Yahoo is filtering because of politics and censorship. They weren’t though.
More on politics, filtering and censorship.

They’re not blocking you because they hate you
It really can be your email
More on Truthout
Another perspective on the politico article

10 years

Today is our 10 year anniversary in business. It’s been quite a ride.
Thank you to all our customers, friends, supporters and followers.

MAAWG and email appending

In today’s Magill Report Ken says:

The only surprise in the Messaging Anti-Abuse Working Group’s statement last week condemning email appending was that it didn’t publish one sooner.
However, MAAWG’s implication that email appending can’t be accomplished without spamming is nonsense.
Read More

Mailing old addresses: 5 questions to ask first

James asked the question on twitter:

If you haven’t mailed an address in 5-10 yrs, would you include it in a re-engagement mail?
Read More

Denial

I come up against a lot of denial when talking with people about spam and email. It makes sense, nobody likes spam. Nobody wants to send spam. And I do understand the initial denial when they hear “you’re mail looks like spam” or “you spammed me.”
It often takes overwhelming evidence to convince some senders that their mail is spam. I’ve talked before about some of my clients who insist that I just “forgot” I signed up for their mail. But these aren’t the only excuses I hear.
A sender that denies all feedback about their mailing program isn’t a very good sender, though. The best thing any sender can do when faced with information is to think about why a recipient might not want their mail.
I often describe my role as a translator between marketers and IT folks. I can translate technology to marketing and back again. One of my other major roles, though, is translating uncomfortable or unwelcome recipient feedback. Many marketing programs have been significantly improved because the program maintainers took a minute to look at the feedback and use it.

MAAWG statement on email appending

MAAWG has published their position statement on email appending. It’s pretty explicit in it’s condemnation of the practice.

Spammer prosecuted in New Zealand

Today (well, actually tomorrow, but only because New Zealand is on the other side of the date line) the NZ Department of Internal Affairs added a 3rd statement of claim against Brendan Battles and IMG Marketing. This third claim brings the total possible fines to $2.1 million.
Brendan is a long term spammer, who used to be in the US and moved to New Zealand in 2006. His presence in Auckland was noticed by Computerworld when a number of editors and staffers were spammed. When contacted by the paper, Brendan denied being involved in the spam and denied being the same Brendan Battles.
New Zealand anti-spam law went into effect in September 2007. The Unsolicited Electronic Messages Act 2007 prohibits any unsolicited commercial email messages with a New Zealand connection, defined as messages sent to, from or within New Zealand. It also prohibits address harvesting.
The Internal Affairs department also appears to be investigating companies that purchased services from Brendan Battles.