CategoryIndustry

September 19, 2016

Ongoing subscription form abuse

By laura
4 Min read
3 comments
19September

Last week Spamhaus posted information on the ongoing subscription attacks. They provided a more information about them that was not make public previously, including some information about the volume of mail some targets received. Today SendGrid also blogged about this, going into a little more detail about why senders should care about this. They also provided a number of suggestions for how to...

September 16, 2016

Spamhaus and subscription bombing

By laura
2 Min read
Add comment
16September

Spamhaus released a blog post today discussing the recent subscription bombing: Subscription bombing COI captcha and the next generation of mail bombs. As I mentioned in my initial posts, this abusive behavior goes beyond spamming. This is using email to harass individuals. Spamhaus even mentions a potential service that can be used to do these kinds of mailbombing. Things folks need to know is...

September 15, 2016

Mail Client Improvements

By laura
4 Min read
Add comment
15September

There’s been extensive and ongoing development of email through the years, but much of it has been behind the scenes. We were focused on the technology and safety and robustness of the channel. We’re not done yet, but things are much better than they were. The good part of that is there is some space to make improvements to the inbox as well. Over the last few months there have been a...

September 13, 2016

Microsoft deprecating SmartScreen filters

By laura
3 Min read
2 comments
13September

At the beginning of the month Microsoft announced that they were deprecating the SmartScreen filters used by the desktop Microsoft mail clients. These are the filters used in Exchange and various version of Outlook mail. This is yet further consolidation of spam filtering between the Microsoft free webmail domains, Office365 hosted domains and self hosted Exchange servers.  The online services...

September 9, 2016

Ask Laura: Should I let my ESP give me a shared IP?

By laura
4 Min read
5 comments
09September

Dear Laura, Our company has been shopping around for ESPs and most of them want to put us on a shared IP address. I have always heard that senders should get dedicated IPs. Will this hurt our deliverability? Regards, Sharing is Hard Dear Sharing, For a long time, IP reputation was the major factor in identifying good mail from bad mail. Good IPs helped mail get into the inbox. Poor IPs were...

September 7, 2016

August 2016: The Month in Email

By laura
3 Min read
1 comment
07September

August was a busy month for both Word to the Wise and the larger world of email infrastructure. A significant subscription attack targeted .gov addresses, ESPs and over a hundred other industry targets. I wrote about it as it began, and Spamhaus chief executive Steve Linford weighed in in our comments thread. As it continued, we worked with M3AAWG and other industry leaders to share data and...

September 1, 2016

NY Times on unsubscribing by email

By laura
1 Min read
Add comment
01September

More than a decade ago I was included in one of these. It wasn’t work related per se, but the address list included a lot of experienced, BTDT, names-on-RFCs technology folks.
Yeah, even they got stuck in the mess of replying all, unsubscribing, lecturing people about not replying to all. It was a mess, but funny given the names involved. #neverdothis #noreplytoall

August 31, 2016

Abuse, triage and data sharing

By laura
3 Min read
6 comments
31August

The recent subscription bombs have started me thinking about how online organizations handle abuse, or don’t as the case may be. Deciding what to address is all about severity. More severe incidents are handled first. Triage is critical, there’s never really enough time or resources to investigate abuse. What makes an event severe? The answer is more complicated that one might think...

August 30, 2016

How many blocklists do we need?

By laura
3 Min read
Add comment
30August

There’s been a discussion on the mailop list about the number of different blocklists out there. There are discussions about whether we need so many lists, and how difficult the different lists make it to run a small mail system (80K or so users). This discussion wandered around a little bit, but started me thinking about how we got to a place where there are hundreds of different...

August 29, 2016

Traffic Light Protocol

By steve
2 Min read
Add comment
29August

If you’re sharing sensitive computer security information it’s important to know how sensitive a document is, and who you can share it with. US-CERT and many other security organizations use Traffic Light Protocol as shorthand for how sensitive the information in a document is. It’s simple and easy to remember with just four colour categories: Red, Amber, Green and White. If...

Recent Posts

Archives

Follow Us