BLOG

Category: Technical

Following the SMTP rules

An old blog post from 2013, that’s still relevant today. “Blocked for Bot-like Behavior” An ESP asked about this error message from Hotmail and what to do about it. “Bot-like” behaviour usually means the sending server is doing something that bots also do. It’s not always that they’re spamming, often it’s a technical issue. But […]

2 Comments

Clickthrough forensics

When you click on a link in your mail, where does it go? Are you sure? HTTP Redirects In most bulk mail sent the links in the mail aren’t the same as the page the recipients browser ends up at when they click on it. Instead, the link in the mail goes to a “click […]

2 Comments

Lets Encrypt Everything

Using SSL TLS to protect data in transit and authenticate servers you contacted originally required specialized software, complex configuration and expensive and complicated to require certificates. The need for specialized software is long since gone. Pretty much every web server and mail server will support SSL out of the box. Basic server configuration is now pretty simple […]

3 Comments

SPF debugging

Someone mentioned on a mailing list that mail “from” intuit.com was being filed in the gmail spam folder, with the warning “Our systems couldn’t verify that this message was really sent by intuit.com“. That warning means that Gmail thinks it may be phishing mail. Given they’re a well-known financial services organization, I’m sure there is a lot […]

1 Comment

Trawling through the junk folder

As a break from writing unit tests this morning I took a few minutes to go through my Mail.app junk folder, looking for false positives for mail delivered over the past six weeks. We don’t do any connection level rejection here, so any mail sent to me gets delivered somewhere. Anything that looks like malware gets […]

1 Comment

DMARC News – Gmail p=reject and ARC

DMARC.org announced this morning that Gmail will be moving to publishing a p=reject DMARC record in June of next year, much the same as Yahoo and AOL have. Unlike Yahoo and AOL, Gmail are giving those who will be affected plenty of time to prepare for any issues, and have waited until there are some potential ways […]

No Comments

IPv6 and authentication

I just saw a post over on the mailop mailing list where someone had been bitten by some of the IPv6 email issues I discussed a couple of months ago. They have dual-stack smarthosts – meaning that their smarthosts have both IPv4 and IPv6 addresses, and will choose one or the other to send mail over. […]

No Comments

TXTing

On Friday I talked a bit about the history behind TXT records, their uses and abuses. But what’s in a TXT record? How is it used? When and where should you use them? Here’s what you get if you query for the TXT records for exacttarget.com from a unix or OS X command line with dig […]

5 Comments

A brief history of TXT Records

When the Domain Name System was designed thirty years ago the concept behind it was pretty simple. It’s mostly just a distributed database that lets you map hostname / query-type pairs to values. If you want to know the IP address of cnn.com, you look up {cnn.com, A} and get back a couple of IP addresses. […]

No Comments

IPv6 Email is a little different

On Monday I talked about how big IPv6 address space is, and how many IPv6 addresses will be available to end users. We’re mostly an email blog, though, so what’s the relevance to sending email? If the recipient you’re sending to has an IPv6 mailserver you can send mail to them over IPv6, if you […]

7 Comments
  • Lost in the mists of time

    Over on the Farsight Security blog Joe St. Sauver talks about some of the early days of online abuse, on usenet. Laura and I were on the periphery of early usenet abuse, mostly as users, but Usenet (and IRC) around then were the places we both started with email abuse.No Comments


  • Ongoing Yahoo delays

    I've been hearing from folks over the last few days that they're seeing an uptick in deferrals from Yahoo! The deferrals are not uniform. ESPs report they're seeing some, but not all, customers affected. Other ESPs aren't seeing any changes. It's not just you. But it would be very worthwhile to dig into engagement and other stats. It's possible this is a new normal at Yahoo! and they're tightening filters to catch mail that doesn't fit their standards but was previously difficult to filter.No Comments


  • AOL starts using Sender Score Certification

    Good news for Sender Score Certified IPs. Return Path recently announced that AOL has joined the list of ISPs offering preferential treatment to certified IPs.  1 Comment


Archives