BLOG

Tag: DKIM

Are they using DKIM?

It’s easy to tell if a domain is using SPF – look up the TXT record for the domain and see if any of them begin with “v=spf1”. If one does, they’re using SPF. If none do, they’re not. (If more than one does? They’re publishing invalid SPF.) AOL are publishing SPF. Geocities aren’t. For DKIM […]

3 Comments

The philosophy of DMARC

We know that legitimate email sent with valid SPF and a DKIM signature often breaks in transit. SPF will fail any time mail is forwarded – via a mailing list, a forwarding service used by the recipient, or just ad-hoc forwarding. DKIM will fail any time the message is modified in transit. That can be obviously […]

No Comments

Tools!

I just added a DMARC validation tool over on tools.wordtothewise.com. You can give it a domain – such as ebay.com – and it will fetch the DMARC record, then explain and validate it. Or you can paste the DMARC record you’re planning to publish into it,  to validate it before you go live. If you’ve not […]

2 Comments

December 2016: The Month in Email

Happy New Year! We’re looking forward to some interesting new projects this year, both for our clients and for Word to the Wise. Stay tuned! December was a slow month for blogging, with everything going on. But we’re back on the horse now and ready to blog for 2017. List and subscription management continue to […]

No Comments

DKIM Canonicalization – or – why Microsoft breaks your mail

One of these things is just like the other Canonicalization is about comparing things to see if they’re the same. Sometimes you want to do a “fuzzy” comparison, to see if two things are interchangeable for your purposes, even if they’re not exactly identical. As a concrete example, these two email addresses: (Steve) steve@wordtothewise.com “Also Steve” […]

4 Comments

Gmail showing authentication results to endusers

A bit of older news, but worth a blog post. Early in August, Gmail announced changes to the inbox on both the web interface and the android client. They will be pushing authentication results into the interface, so end users can see which emails are authenticated. These are not deliverability changes, the presence or absence […]

No Comments

Don’t just follow the HOWTO

There are so many moving parts to ensure good email deliverability. Email marketers need to know marketing, they need to know email and they need to know design. The technical bits of email can be a challenge to learn, and many folks who write tutorials and How-Tos write them for a different audience than marketers. One […]

2 Comments

A DKIM primer resurrected

I was looking for some references today back in old blog posts. This means I discover some old links are dead, blog posts are gone or moved, and information is lost. In this case it’s a post by J.D. Falk on deliverability.com. The link is dead (it looks like the whole website is dead), but […]

No Comments

Ask Laura: Can you help me understand no auth / no entry?

Dear Laura, I’m a little confused by the term “no auth / no entry”. Gmail and other major receivers seem to be moving towards requiring authentication before they’ll even consider delivery. Does this just mean SPF and DKIM, or does this mean the much more stringent DMARC, as well? Thanks, No Shirt, No Shoes, No […]

3 Comments

Ask Laura: Do I have to publish DMARC?

  Dear Laura, I heard recently that both Gmail and Yahoo will require DMARC authentication in early 2016 or images will be automatically blocked. Is that correct? And if so, do you know when they will be requiring DMARC? A DMARC-Overwhelmed Admin Dear Overwhelmed, There are three things going on here, all of which are […]

2 Comments
  • OTA joins the ISOC

    The Online Trust Alliance (OTA) announced today they were joining forces with the Internet Society (ISOC). Starting in May, they will operate as an initiative under the ISOC umbrella. “The Internet Society and OTA share the belief that trust is the key issue in defining the future value of the Internet,” said Internet Society President and CEO, Kathryn Brown. “Now is the right time for these two organizations to come together to help build user trust in the Internet. At a time when cyber-attacks and identity theft are on the rise, this partnership will help improve security and data privacy for users,” added Brown.No Comments


  • Friday blogging... or lack of it

    It seems the last few Friday's I've been lax on posting. Some of that is just by Friday I'm frantically trying to complete all my client deliverables before the weekend. The rest of it is by Friday I'm just tired. Today had the added complication of watching the Trumpcare debate and following how (and how soon) it would affect my company if it passed. That's been a bit distracting, along with the other stuff I posted about yesterday. I wish everyone a great weekend.1 Comment


  • Indictments in Yahoo data breach

    Today the US government unsealed an indictment against 2 Russian agents and 2 hackers for breaking into Yahoo's servers and stealing personal information. The information gathered during the hack was used to target government officials, security employees and private individuals. Email is so central to our online identity. Compromise an email account and you can get access to social media, and other accounts. Email is the key to the kingdom.No Comments


Archives