Here are the top 6 most commented on blog topics our Industry News & Analysis blog. In April, Laura wrote about the ins and outs about Domain-based Message Authentication, Reporting & Conformance also known as DMARC. If you are not familiar with DMARC or want to know the differences between strict and relaxed alignment, read the blog post here. Earlier this year WttW’s website was...
I’m not a huge baseball fan, probably a side effect of growing up in a city with no MLB team. But I do enjoy the social aspects of rooting for local teams when they’re winning big games. Last night I was following the World Series score online and switched over to watch the last inning. I posted something about the game on FB just about 30 seconds before the Giant’s outfield...
Some mornings I check mail from my phone. This showed up this morning. My first thought was “oh, no, Pizza Hut is spamming, wonder who sold them my address.” Then I remembered that iOS is horrible and won’t show you anything other than the Friendly From and maybe it was some weird phishing scheme. When I got to my real mail client I checked headers, and sure enough, it...
Alice and Bob can send messages privately via a nosy postman, but how does Bob know that a message he receives is really from Alice, rather than from the postman pretending to be Alice? If they’re using symmetric-key encryption, and Bob is sure that he was talking to Alice when they exchanged keys, then he already knows that the mail is from Alice – as only he and Alice have the keys...
It’s been a busy and exciting month for us here. Laura finished a multi-year project with M3AAWG, the Messaging, Malware and Mobile Anti-Abuse Working Group (look for the results to be published later this year) and continued working with clients on interesting delivery challenges and program opportunities. Steve focused on development on the next version release of Abacus, our flagship abuse...
Several people have asked me about how to rotate DKIM keys in the past few days (as if you’re modifying anything to mitigate replay attacks, you need to invalidate the signatures of all the mail you sent before you made those changes). [icon name=”key” class=”2x spin”] You really, really should be rotating your DKIM keys on a regular basis (monthly, weekly...
If you look at the DKIM-Signature header in any piece of email signed with DKIM you’ll see that one of the fields it contains, the h= field, lists some email header names, for example: h=From:Subject:Date:To:MIME-Version:Content-Type Those are the headers that were signed when the mail was sent, and they’re the only headers that will be checked by the DKIM validator. There are some...
Replay attacks on DKIM signed messages When you receive an email validly signed with DKIM by example.com that might not mean that example.com sent the email to you, or that they even sent this email at all. What it does tell you is that at some point in the past, example.com signed an email with exactly the same headers and body and sent it to someone. That’s often close enough to the same...
DMARC stands for Domain-based Message Authentication, Reporting and Conformance. What DMARC does is allow domain owners to publish policy statements in DNS telling receiver domains what to do with messages that do not authenticate. In addition, DMARC introduces the concept of “domain alignment.” What this means is that the authentication has to be from the same domain (or a sub...
Last week Gmail started contacting ESPs that signed up for their new FBL with more information on how to set up mailings to receive FBL emails. One of the struggles some ESPs are having is the requirement for DKIM signing. Many of the bigger ESPs have clients that sign with their own domains. Gmail is telling these ESPs to insert a second DKIM signature to join the FBL. There are a couple reasons...
RSS - Posts