Late last week Spamhaus published a blog post detailing their investigation into Verizon routing millions of IP addresses hijacked by spammers. The Spamhaus blog post goes into some detail about what hijacked routing is. For cybercriminals to make use of their stolen blocks however, a crucial step is to find an Internet Service Provider(ISP) or network with the ability to route these IP addresses...
Facebook scams move to LinkedIn
There’s a fairly common Facebook scam where someone clones an account, then sends out friend requests to friends of that person. This actually happened to a friend over the holiday break. The only problem was that most of the folks who got friend requests were actually security people. Security people who thought it was very, very funny to play along with said scammer. The scam account...
Random thoughts on reporting abuse
On IRC today, someone mentioned an Ars Technica article discussing how a research team tried to contact Xfinity about a security flaw in their home security system. We attempted to contact anyone responsible for the security of Xfinity home security devices at the following addresses: security@xfinity.com; secure@xfinity.com; support@xfinity.com; info@xfinity.com; abuse@xfinity.com, but we did...
December 2015: The month in email
Happy 2016! We enjoyed a bit of a break over the holidays and hope you did too. Here’s our December wrap up – look for a year-end post later this week, as well as our predictions for the year ahead. I got a bit of a head start on those predictions in my post at the beginning of December on email security and other important issues that I think will dominate the email landscape in 2016...
Happy Holidays
Blogging will be light (or non-existent) for the next week or so. I leave you with Valeria and her first Christmas tree from many years ago.
The kittens are older now, we can have a tree complete with lights AND ornaments.
See y’all in the new year!
New FBL information
A couple new bits of information for folks interested in participating in feedback loops. If you’re an ESP, you’ll want to sign up for the two new FBLs that were released this month. XS4ALL and Telenor are now offering complaint feeds to senders. If you’re a mail recipient and want the ability to report spam, try the new browser/MUA plugins for reporting spam released by the...
DoorDash gets it
Increase in unsubscribes
UPDATE 12/17/2015 2:30PM Pacific: I heard from Josh, the CEO of Unroll.me. He says: Senders are seeing a spike in unsubscribe requests because Unroll.Me has been improving the process it uses to unsubscribe our users from emails they have chosen to unsubscribe from. This isn’t a bug and everything is working as it should. This spike they are seeing is temporary and should level out once our...
Holiday season
We’re 10 days out from Christmas, 9 days out from the end of binge-shopping-season (and 11 days out from return season). Unlike previous years, I haven’t heard of any significant delivery challenges. Most of what I’m hearing is the normal day-to-day stuff. There’s a little more of it, but nothing like in years past where ISPs melted down or giant companies got SBLed. This...
Are you ready for DMARC?
The next step in email authentication is DMARC. I wrote a Brief DMARC primer a few years ago to help clear up some of the questions about DMARC and alignment. But I didn’t talk much about where DMARC was going. Part of the reason was I didn’t know where things were going and too much was unclear to even speculate. We’re almost 2 years down the line from the security issues that...