BLOG

Tag: security

Thoughts on filters

One of the questions we received during the EEC16 closing keynote panel was why isn’t there a single blocklist that everyone uses and why don’t ISPs share data more. It would be so much easier for senders if every ISP handled mail the same as every other. But the world isn’t that simple, and it’s not […]

No Comments

Email nightmare for some FSU students

I mentioned yesterday that sometimes people and software screw up in ways that cause problems. Today I saw an article demonstrating just how bad these issues can be. Florida State University Housing Department sent detailed and confidential violation reports to tens of thousands of students. On Monday, March 14 at around 2 p.m., FSU first […]

No Comments

Security, backdoors and control.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control. Apple letter to […]

1 Comment

January 2016: The Month in Email

Happy 2016! We started off the year with a few different “predictions” posts. As always, I don’t expect to be right about everything, but it’s a useful exercise for us to look forward and think about where things are headed. I joined nine other email experts for a Sparkpost webinar on 2016 predictions, which was […]

No Comments

Security vendors and trust.

A big part of my predictions for 2016, that I’ll publish shortly, is that security is going to be a huge issue. I think we’re really going to see receivers expecting senders to have their houses in order when it comes to sending mail. Of course, some filter companies need to get their houses in […]

No Comments

Random thoughts on reporting abuse

On IRC today, someone mentioned an Ars Technica article discussing how a research team tried to contact Xfinity about a security flaw in their home security system. We attempted to contact anyone responsible for the security of Xfinity home security devices at the following addresses: security@xfinity.com; secure@xfinity.com; support@xfinity.com; info@xfinity.com; abuse@xfinity.com, but we did not get a […]

1 Comment

December 2015: The month in email

Happy 2016! We enjoyed a bit of a break over the holidays and hope you did too. Here’s our December wrap up – look for a year-end post later this week, as well as our predictions for the year ahead. I got a bit of a head start on those predictions in my post at […]

No Comments

Are you ready for DMARC?

The next step in email authentication is DMARC. I wrote a Brief DMARC primer a few years ago to help clear up some of the questions about DMARC and alignment. But I didn’t talk much about where DMARC was going. Part of the reason was I didn’t know where things were going and too much was […]

3 Comments

Looking forward

The nice folks over at Sparkpost asked me and other email experts for some thoughts on what we think the most important issues in email will be in 2016. I do think security is going to be a major, major change in delivery. From what I’ve seen there’s been a shift in the mindset of a […]

No Comments

Brian Krebs answers questions

Brian Krebs did an AMA on Reddit today answering a bunch of questions people had for him. I suggest taking a browse through his answers. A few quotes stood out for me. Q: Why do you think organizations seem to prefer “learning these lessons the hard way”? It doesn’t seem to be an information gap, […]

No Comments
  • HE.net DNS problems

    Hurricane Electric had a significant outage of their authoritative DNS servers this morning, causing them to return valid responses with no results for all(?) queries. This will have caused delivery problems for any mail going to domains using HE.net DNS - which will include some of their colocation customers, as well as users of their free services - but also will have caused reverse DNS to fail for most servers hosted by Hurricane Electric worldwide, so if any of your mail is being sent from HE hosted machines you may have seen problems. (We're HE customers so we noticed. Still happy with them as a vendor.)No Comments


  • 65.0.0.0/8 DNS issues

    If you're sending email from any address beginning with a 65 - in 65.0.0.0/8 - it's possible you'll see some delivery problems. Something appears to be broken with dnssec signatures for the reverse DNS zone, leading queries for reverse DNS to fail for anyone using a dnssec aware DNS resolver (which is almost everyone).1 Comment


  • Our green bar certificate is going away

    Later today we'll be switching from an Extended Validation ("green bar") SSL certificate to a Domain Validation certificate. This isn't exactly a planned change but I'm waiting for responses from Comodo before I go into it too much. I'll share some more details next week.3 Comments


Archives