Last week Mandrill announced that they were discontinuing their free services and all customers would be required to have a corresponding paid Mailchimp account. Going forward, all Mandrill users will be required to have a paid monthly MailChimp account and verify ownership of all sending domains. Important changes to Mandrill On March 16th all new Mandrill users will be required to create a...
January 2016: The Month in Email
Happy 2016! We started off the year with a few different “predictions” posts. As always, I don’t expect to be right about everything, but it’s a useful exercise for us to look forward and think about where things are headed. I joined nine other email experts for a Sparkpost webinar on 2016 predictions, which was a lot of fun (see my wrap up post here), and then I wrote a long post about security...
The truth matters.
Call within the next 10 minutes… Consumers with last names starting with O – Z can call tomorrow… Only 5 seats left at this price! All of these are common marketing techniques designed to prompt consumers to buy. It’s not a new idea, create a sense of urgency and people are more likely to buy. I think some marketers are so used to making outrageous claims to support...
Random thoughts on reporting abuse
On IRC today, someone mentioned an Ars Technica article discussing how a research team tried to contact Xfinity about a security flaw in their home security system. We attempted to contact anyone responsible for the security of Xfinity home security devices at the following addresses: security@xfinity.com; secure@xfinity.com; support@xfinity.com; info@xfinity.com; abuse@xfinity.com, but we did...
Peeple, Security and why hiding reviews doesn't matter
There’s been a lot of discussion about the Peeple app, which lets random individuals provide reviews of other people. The founders of the company seem to believe that no one is ever mean on the Internet and that all reviews are accurate. They’ve tried to assure us that no negative reviews will be published for unregistered users. They’re almost charming in their naivety, and it...
Mary Litynski Award winner Jayne Hitchcock
This morning the Messaging, Mobile and Malware Anti-Abuse Working Group announced the winner of the Mary Litynski Award. Congratulations to Jayne Hitchcock of WHO@ for her work over the last 2 decades fighting online abuse and cyberstalking. I’ve never actually met Jayne, but I do remember following her story in the late 90s. She started off trying to protect people from being scammed by...
Anon whois information
I’ve talked before about reasons not to hide commercial domains behind whois proxies. Al found another one: if you use a proxies you cannot list your domains with abuse.net. Al has a good write up of whois, and why this is important. So go there and read it.
Do you have an abuse@ address?
I’ve mentioned multiple times before that I really don’t like using personal contacts until and unless the published or official channels fail. I don’t hold this opinion just about resolving delivery issues, but also use official channels when reporting spam to one of my addresses or spam traps. My usual complaints contain a plain text copy of the mail, including full headers...
Policing customers
In yesterday’s post about Cloudflare and Spamhaus Fazal comments that Cloudflare may have been asked by law enforcement to leave the website up. This does happen and it’s not totally out of the question that’s what is going on with this particular website. But I used the malware C&C as an example of the poor behaviour condoned by Cloudflare, it’s certainly not the...
Services, abuse and bears
A couple weeks ago I wrote a post about handling abuse complaints. As a bit of a throwaway I mentioned that new companies don’t always think about how their service can be abused before releasing it on the unsuspecting internet. Today’s blog post by Margot Romary at the Return Path In the Know blog reminds me that it’s not always new companies that don’t think about abuse...