Being in infosec for so long takes its toll. I've come to the conclusion that if you give a data point to a company, they will eventually sell it, leak it, lose it or get hacked and relieved of it. There really don't seem to be any exceptions, and it gets depressing.— briankrebs (@briankrebs) September 26, 2018
A particular blocklist, once again, listed a major ESP this week. Their justification is “this is our policy.” Which is true, it is their policy to list under these circumstances. That doesn’t make it a good policy, or even an effective policy. It’s simply a policy. Crafting policies Crafting good policy starts with the question “what is the desired outcome in this...
Yesterday the CRM system Zoho suffered an unexpected outage when their registrar, TierraNet suspended their domain. According to TechCrunch, Zoho’s CEO says there was no notification to the company and that the company had only 3 complaints about phishing. Based on the article, even as a Zoho customer, I am fully on the registrar’s side here. Every company, absolutely every company...
We’ve landed in Dublin and are back at work. Blogging will pick up as I get back into the swing of things. I’ll be speaking on a panel at the Selligent user conference in Amsterdam tomorrow and in London on Thursday. If you’re a Selligent customer, introduce yourself and say hi! Speaking of being on panels, I heard recently that some folks were adding conference speakers to...
We’ve been blogging here about email for 11 years now. My first post was published August 29, 2007. In that time, we’ve published more than 2300 posts, and written probably millions of words. For years we have blogged multiple times a week. This summer we’ve not kept up our normal posting schedule. We’ve been a little busy with non-email stuff. We’ve spent this...
The answer is almost certainly yes, but there are definitely cases where it the answer is no. If you’re using your own domains for the return path and/or the d= value then you can set up postmaster tools for those domains. If you’re using a domain managed by the ESP, or a subdomain where the ESP manages the DNS, you may need your ESP to publish the correct key in DNS to authenticate...
Matthew Green reminded me of an old bit of spam lore. It’s a canned response to someone’s New and Awesome and entirely unoriginal Final Ultimate Solution to the Spam Problem. It originated on the news.admin.net-abuse.email newsgroup, I think, maybe twenty years ago? While one or two details have changed it’s still applicable to most of the current generation of under-researched...
If I see BarkBox I think Spam. That’s because, despite their marketing team effort, facebook and banner ad budget, the main place I see them advertised is via spam in my mailbox. It’s not even good spam. There’s quite a lot of it. Most of it looks much the same, other than the spammer randomizing colours. This one looks better than the black on cyan version, or any of the other...
A few weeks ago we took a drive down I5 to attend a service at Bakersfield National Cemetery. Amid the acres and acres of almond farms there were patches of black from recent grassfires. Typical but boring California landscape. Wildfires are a hugely destructive but continual threat in California. Growing up on the east coast, I never really understood wildfires. How can acres and acres and...
An on the ball reader sent me a note today showing a bounce message indicating microsoft was rejecting mail due to a Spamhaus Blocklist Listing. 5.7.1 Client host [10.10.10.10] blocked using Spamhaus. To request removal from this list see (S3130). [VE1EUR03FT043.eop-EUR03.prod.protection.outlook.com] The IP in question is listed on the CSS, which means at a minimum Microsoft is using the SBL. I...
RSS - Posts