Tagdmarc

October 1, 2014

September 2014: The Month in Email

By laura
2 Min read
Add comment
01October

September was another busy month for us, but Steve stepped up and wrote a number of really interesting posts on email history, cryptography, and current technical issues in the email landscape. We started the month with a look at the various RFCs that served as the technical specifications for developing message transfer protocols in the 1970s. It’s really fascinating to look at the evolution of...

September 30, 2014

Spamcop mail changes

By laura
1 Min read
Add comment
30September

Spamcop is shutting down it’s email service. While anyone could report spam using Spamcop, the system also provided users email addresses behind the Spamcop filters. This shut down should have no major impact on senders. Email addresses in use will still be accepting email, but that mail will simply be forwarded to another address, instead of users being able to access it through POP or...

September 29, 2014

DMARC and report size limits

By steve
2 Min read
1 comment
29September

I just saw an interesting observation on the dmarc-discuss mailing list. Apparently some of the larger providers who are implementing DMARC for inbound email may not be handling some of the grubbier corners of the spec perfectly. That’s not surprising at all – early adopters tend to deploy code that implements early versions of the draft specification – but I can see this...

September 18, 2014

Who's publishing DMARC?

By steve
2 Min read
4 comments
18September

DMARC is a way for a domain owner to say “If you see this domain in a From: header and it’s not been sent straight from us, please don’t deliver the mail”. If a domain is only used for bulk and transactional mail, it can mitigate a subset of phishing attacks without causing too many problems for legitimate email. In other cases, it can cause significant problems. Some of...

July 2, 2014

June 2014: The month in email

By laura
2 Min read
Add comment
02July

Each month, we like to focus on a core email feature or function and present an overview for people looking to learn more. This month, we addressed authentication with SPF. We also talked about feedback mechanisms, and the importance for senders to participate in FBL processes. In our ongoing discussions about spam filters, we took a look at the state of our own inboxes and lamented the challenge...

June 3, 2014

Spammers react to Y! DMARC policy

By laura
2 Min read
1 comment
03June

It’s probably only a surprise to people who think DMARC is the silver bullet to fixing email problems, but the spammers who were so abusing yahoo.com have moved on… to ymail.com. In the rush to deploy their DMARC policy, apparently Yahoo forgot they have hundreds of other domains. Domains that are currently not publishing a DMARC policy. Spammers are now using those domains as the...

May 2, 2014

April: The month in email

By laura
3 Min read
Add comment
02May

April was a big month of changes in the email world, and here at Word to the Wise as we launched our new site, blog and logo. DMARC The big story this month has been DMARC, which started with a policy change Yahoo made on April 4 updating their DMARC policy from “report” to “reject”. We began our coverage with a brief DMARC primer to explain the basics around these policy statements and why...

April 29, 2014

DMARC and organizations

By laura
3 Min read
5 comments
29April

Comcast recently published a statement on DMARC over on their postmaster page. The short version is that Comcast is publishing a DMARC record, but has no current intentions to publish a p=reject policy for Comcast user email. Comcast will be publishing a p=reject for some of their domains that they use exclusively to communicate with customers, like billing notices and security notices. Comcast...

April 28, 2014

AOL admits to security breach

By laura
2 Min read
Add comment
28April

According to Reuters AOL has admitted there was a breach of their network security that compromised 2% of their accounts. Users are being told to reset their passwords, and security questions. AOL started investigating the attack after users started reporting an uptick in spam from aol.com addresses. This spam was using @aol.com addresses to send mail to addresses in that user’s address...

April 25, 2014

Is gmail next?

By steve
1 Min read
2 comments
25April

I’m hearing hints that there are some malware or phishing links being sent out to gmail address books, “from” those gmail addresses. If that is what’s happening then it’s much the same thing as has been happening at Yahoo for a while, and AOL more recently, and that triggered their deployment of DMARC p=reject records. It’s going to be interesting to see what...

Recent Posts

Archives

Follow Us