Outlook.com in practice

I’ve seen a few people talking about outlook.com and how it’s working. There aren’t many insights here but there are a couple.

  • Images are not always showing up from all senders.
  • There are two different “safe” sender lists: one for individuals and one for mailing lists.
  • If you log in with a live.com account address (rather than a hotmail address or instead of creating a new outlook.com address) that email address will be used in the From line outbound mail. This has been causing SPF problems for a some people.
  • Outlook is not signing with DKIM
  • Outlook is authenticating with SPF (not senderID)

What have other people been seeing in terms of problems, issues or quirks with Outlook? What do you like about it?

Related Posts

DMARC: an authentication framework

A new email industry group was announced this morning. DMARC is a group of industry participants, including large senders, large receivers and relevant intermediaries working on a framework to reduce the harm from phishing.
DMARC is working on a standard to allow senders to publish sending policies and receivers to act on those policies. Currently, senders who want receivers to not deliver unauthenticated email have to negotiate private agreements with the ISPs to make that happen. This is a way to expand the existing programs. Without a published standard, the overhead in managing individual agreements would quickly become prohibitive.
It is an anti-phishing technique built on top of current authentication processes. This is the “next step” in the process and one that most people involved in the authentication process were anticipating and planning for. I’m glad to see so many big players participating.
 

Read More

Authentication and phishing

Yahoo announced today that they are releasing the Yahoo! Mail Anti-Phishing Platform (YMAP) that will help protect their users from phishing. They have a similar project in place for eBay and PayPal mail, but this will extend to a broader range of companies.

Read More

Phishing protection

Last week Return Path announced a new service: Domain Assurance. This service allows companies who send only authenticated email to protect their brand from phishing attacks. Participating ISPs will reject unauthenticated email from domains participating in this program.

Read More