CategoryIndustry

September 13, 2016

Microsoft deprecating SmartScreen filters

By laura
3 Min read
2 comments
13September

At the beginning of the month Microsoft announced that they were deprecating the SmartScreen filters used by the desktop Microsoft mail clients. These are the filters used in Exchange and various version of Outlook mail. This is yet further consolidation of spam filtering between the Microsoft free webmail domains, Office365 hosted domains and self hosted Exchange servers.  The online services...

September 9, 2016

Ask Laura: Should I let my ESP give me a shared IP?

By laura
4 Min read
5 comments
09September

Dear Laura, Our company has been shopping around for ESPs and most of them want to put us on a shared IP address. I have always heard that senders should get dedicated IPs. Will this hurt our deliverability? Regards, Sharing is Hard Dear Sharing, For a long time, IP reputation was the major factor in identifying good mail from bad mail. Good IPs helped mail get into the inbox. Poor IPs were...

September 7, 2016

August 2016: The Month in Email

By laura
3 Min read
1 comment
07September

August was a busy month for both Word to the Wise and the larger world of email infrastructure. A significant subscription attack targeted .gov addresses, ESPs and over a hundred other industry targets. I wrote about it as it began, and Spamhaus chief executive Steve Linford weighed in in our comments thread. As it continued, we worked with M3AAWG and other industry leaders to share data and...

September 1, 2016

NY Times on unsubscribing by email

By laura
1 Min read
Add comment
01September

More than a decade ago I was included in one of these. It wasn’t work related per se, but the address list included a lot of experienced, BTDT, names-on-RFCs technology folks.
Yeah, even they got stuck in the mess of replying all, unsubscribing, lecturing people about not replying to all. It was a mess, but funny given the names involved. #neverdothis #noreplytoall

August 31, 2016

Abuse, triage and data sharing

By laura
3 Min read
6 comments
31August

The recent subscription bombs have started me thinking about how online organizations handle abuse, or don’t as the case may be. Deciding what to address is all about severity. More severe incidents are handled first. Triage is critical, there’s never really enough time or resources to investigate abuse. What makes an event severe? The answer is more complicated that one might think...

August 30, 2016

How many blocklists do we need?

By laura
3 Min read
Add comment
30August

There’s been a discussion on the mailop list about the number of different blocklists out there. There are discussions about whether we need so many lists, and how difficult the different lists make it to run a small mail system (80K or so users). This discussion wandered around a little bit, but started me thinking about how we got to a place where there are hundreds of different...

August 29, 2016

Traffic Light Protocol

By steve
2 Min read
Add comment
29August

If you’re sharing sensitive computer security information it’s important to know how sensitive a document is, and who you can share it with. US-CERT and many other security organizations use Traffic Light Protocol as shorthand for how sensitive the information in a document is. It’s simple and easy to remember with just four colour categories: Red, Amber, Green and White. If...

August 24, 2016

Google takes on intrusive interstitials

By laura
2 Min read
4 comments
24August

Starting next January, Google will be modifying its mobile search results to lower the ranking of sites that use interstitials that interfere with the users experience. In a blog post announcing the change they explain: Pages that show intrusive interstitials provide a poorer experience to users than other pages where content is immediately accessible. This can be problematic on mobile devices...

August 20, 2016

Gmail showing authentication results to endusers

By laura
1 Min read
Add comment
20August

A bit of older news, but worth a blog post. Early in August, Gmail announced changes to the inbox on both the web interface and the android client. They will be pushing authentication results into the interface, so end users can see which emails are authenticated. These are not deliverability changes, the presence or absence of authentication will not affect inbox delivery. And the gmail Gmail...

August 18, 2016

Ongoing subscription attack

By laura
2 Min read
6 comments
18August

Brian Krebs posted a couple days ago about his experience with the subscription bomb over the weekend. He talks about just how bad it was over the weekend. At approximately 9:00 a.m. ET on Saturday, KrebsOnSecurity’s inbox began filling up with new newsletter subscriptions. The emails came in at a rate of about one new message every 2-3 seconds. By the time I’d finished deleting and unsubscribing...

Recent Posts

Archives

Follow Us