TagAuthentication

Delivery is not dependent on authentication

All too often folks come to me with delivery problems and lead off with all of the things they’ve done to send mail right. They assure me they’re using SPF and DKIM and DMARC and they can’t understand why things are bad. There is this pervasive belief that if you do all the technical things right then you will reach the inbox. Getting the technical bits right is an important...

Phishing and authentication

This morning I got a rather suspicious message from a colleague on LinkedIn. I asked around and it seems other folks got the same message and were equally confused. I didn’t click the link because that seemed risky. A few hours later one of the folks I had talked to mentioned that the person’s entire profile was gone. Likewise, the above message disappeared from my messages tab...

SenderID is dead

A question came up on the email geeks slack channel (Join Here) about SenderID. They recently had a customer ask for SenderID authentication. We’ve written about it a few times: (Hotmail moves to SPF Authentication and Until it stops moving) but we’ve not actually stated the reasons why in a post. SenderID was basically SPF version 2. It tried to use the same mechanism as SPF to...

Deliverability Help: Information checklist

When asking a for assistance with email delivery, there are some pieces of information that are required before anyone can help. Be prepared with the information so you can get timely assistance. This advice is true whether you’re looking for help from peers or working with paid deliverability consultants. What is the problem? Be very specific about the problem you see. The fix for mail...

Cousin domains

When I checked in on Facebook this morning there was a discussion from a couple people frustrated by cousin domains. I share their frustration. Kitten running through field with text “every time a marketing department registers a cousin domain, god kills a kitten” Cousin domains are a major problem for ISPs trying to protect their users from phishing and other fraud. Because so many companies use...

What SPF records should you publish?

When it comes to SPF records there seems to be a lot of confusion. I mean, a decade after I posted it Authenticating SPF is still the most frequently visited post on the site. And, of course, there are hundreds of other pages out there that discuss SPF and what to publish. Still, there are common questions. Most recently I’ve been addressing questions about what SPF records need to be...

Fun with spam filters

I recently had a challenging travel experience in the Netherlands, trying to get from Schipol airport to a conference I was speaking at. As part of my attempt to get out of the airport, I installed UBER on my phone. There were some challenges with getting UBER to authorise my phone number, so I tried linking it to my Gmail account. I checked Gmail today and noticed there was a message from UBER...

Schroedinger’s email

The riskiest email to send is that very first email. It’s a blank slate. Even if you’re sending confirmation messages, you don’t really know anything about how this email is going to affect your reputation. It’s Schroedinger’s email. The address is both good and bad, until you send to it. If it’s good, great things will happen. You’ll be happy. The...

Brand indicators in email

A number of companies in the email industry have been working on a way to better identify authenticated emails to users. One proposal is Brand Indicators for Message Identification (BIMI). A couple weeks ago, Agari announced a pilot program with some brands and a number of major consumer mail providers. These logos should be available in the Yahoo interface now and will be rolling out at other...

Recent Posts

Archives

Follow Us