It’s not too difficult to build your own link redirector, perhaps a few hours work for a basic implementationme, yesterday Yesterday I suggested that link tracking wasn’t too complex, but didn’t really have anything to back the claim up. And nobody trusts developer time estimates. So I cranked DEF CON Radio and wrote a dedicated click-tracking webserver, mostly as a demo of how to use...
Almost every bulk mail sent includes some sort of instrumentation to track which users click on which links and when. That’s usually done by the ESP rewriting links in the content so they point at the ESP’s tracking server, and include information about the customer, campaign and recipient. The recipient clicks on the link in the email, their web browser fetches the link from the...
Over on twitter Alwin de Bruin corrected me on an aspect of DMARC soft rollout I’d entirely forgotten about. It’s useful, so I thought I’d write a quick post about it. If you have a large mail stream and you want to avoid the Scary Red Flag Day when you turn on DMARC p=reject enforcement and wait for people to complain you can use the DMARC policy “pct=” tag to roll...
You take a turn, I take a turn At the SMTP level email is very much a simple line-by-line text based protocol. The client sends a command on a single line, the server responds with one or more lines (the last one marked by having a space in the fourth column), and then the client sends another command. The main exception to that is when the client sends the payload of the email. Once the server...
Captchas – those twisty distorted words you have to decipher and type in to access a website – have been around since the 1990s. Their original purpose was to tell the difference between a human user and an automated system, by requiring the user to answer a challenge – one that was supposedly hard for computers to solve, but easy for humans. A few years later they acquired the...
A few days ago Laura noticed a bug in one of our in-house tools – it was sometimes marking an email as SPF Neutral when it should have been a valid SPF pass. I got around to debugging it today and traced it back to a bug in the Go standard library. A DNS TXT record seems pretty simple. You lookup a hostname, you get some strings back. Those strings can be used for all sorts of things, but...
There are quite a lot of broken DNS servers out there. I’m sure that’s no surprise to you, but some of them might be yours. And you might not notice that until your domains stop working early next year. DNS is quite an old protocol, and when it was originally specified there wasn’t really a good way to extend the protocol to add new features. That was fixed about 19 years ago...
Even if you have excellent policies and an effective, empowered enforcement team you can still have technical problems that can cause you to drop abuse mail, and so lose the opportunity to get a bad actor off your network before they damage your reputation further. It’s not quite as simple as “We’re seeing email in our abuse ticketing system, so everything must be fine.”...
On Friday I mentioned spam coming from a BarkBox affiliate programme. The original email is here. It’s not terribly exciting, it’s rather typical spam of the sort sent by professional spammers. It’s validly DKIM and SPF authenticated, and DMARC-aligned. It includes invisible white-on-white padding text so that it doesn’t look like image-only spam to naive filters (using...
We mention RFCs quite a lot, both explicitly (RFC 6376 is the specification for DKIM) and implicitly (the 822.From aka bounce address aka return path). And we have local copies of a bunch of them to make them easy to refer to (SMTP, MIME, Carrier Pigeons …). They use quite a lot of jargon and implicit information and metadata that’s not really explained terribly clearly anywhere...
RSS - Posts