The email solicitation that made me vow to never work with this company again. When sending unsolicited email, you never know how the recipient is going to respond. Writing a public blog post calling you out can happen. The 2016 Sparkies. Sparkpost is looking for nominations for their email marketing awards. Win a trip to Insight 2016! 5 CAN SPAM myths. Send Grid’s General Counsel speaks...
I don’t always do predictions posts, even though they’re popular. Most years I skip them because I don’t see major changes in the email space. And, I’m not the type to just write a prediction post just to post a prediction. This year, though, I do see changes for everyone in the email space. Most of them center on finally having to deal with the technical debt that’s been accumulating over the...
Happy 2016! We enjoyed a bit of a break over the holidays and hope you did too. Here’s our December wrap up – look for a year-end post later this week, as well as our predictions for the year ahead. I got a bit of a head start on those predictions in my post at the beginning of December on email security and other important issues that I think will dominate the email landscape in 2016...
The next step in email authentication is DMARC. I wrote a Brief DMARC primer a few years ago to help clear up some of the questions about DMARC and alignment. But I didn’t talk much about where DMARC was going. Part of the reason was I didn’t know where things were going and too much was unclear to even speculate. We’re almost 2 years down the line from the security issues that...
When the Domain Name System was designed thirty years ago the concept behind it was pretty simple. It’s mostly just a distributed database that lets you map hostname / query-type pairs to values. If you want to know the IP address of cnn.com, you look up {cnn.com, A} and get back a couple of IP addresses. If you want to know where to send mail for aol.com users, you look up {aol.com, MX}...
Looking at the headers within the mail received with my Office365 domain I see dmarc=bestguesspass. BestGuessPass? That’s a new. A few days after seeing dmarc=bestguesspass, Terry Zink at Microsoft posted an explanation. Exchange Online Protection, the filtering system for Office365, is analyzing the authentication of incoming emails and if the domain is not publishing a DMARC record, EOP...
Email Authentication lets you demonstrate that you sent a particular email. Email Repudiation is a claim that you didn’t send a particular email. SPF is only for email authentication1 DKIM is only for email authentication DMARC is only for email repudiation 1 SPF was originally intended to provide repudiation, but it didn’t work reliably enough to be useful. Nobody uses...
Virus bulletin has an interesting post about DMARC and how some criminals are protecting their emails with DMARC.
Salesforce has published a SPF record for sending emails from Salesforce for years and with the Spring ’15 release, they will provide the option to sign with DKIM. The SPF record is straight forward, include:_spf.salesforce.com which includes _spf.google.com, _spfblock.salesforce.com, several IP address blocks, mx, and ends with a SoftFail ~all. Salesforce Knowledge Article Number:...
There are 3 types of authentication currently in use for email. DKIM SPF DMARC The different strategies do different things with email. DKIM cryptographically signs emails, preventing changes in transit, and designates a “responsible domain” through the d= value in the signature. SPF compare the sending IP and the envelope from (also known as the bounce string, return path or 5321...
RSS - Posts