… until it stops moving

gotzombie

Nothing is impossible to kill. It’s just that sometimes after you kill something you have to keep shooting it until it stops moving.Mira Grant, Feed

It’s getting to the time of year when I can get away with some horror movie metaphors. Today, things that are dead.
1. ADSP
ADSP was a domain repudiation scheme that should never really have lived, but thankfully it’s now dead. If you see “_adsp._domainkey” in DNS somewhere, kill it with fire.
(Don’t confuse it with DMARC, it’s much improved spiritual successor.)
2. SenderID
SenderID was a slight variant of SPF created by Microsoft and pitched for a while as “SPF version 2”. If you see “spf2.0/” in a DNS TXT record, beat it down with a shovel.
3. DomainKeys
DomainKeys served valiantly as a prototype, but has been entirely replaced by it’s successor, DKIM. Nobody is paying any attention to DomainKeys signatures, certainly not for mail that’s also signed with DKIM.
It’s dead. Completely dead. So if you see “DomainKey-Signature:” in an email somewhere, shoot it until it stops moving.
 
 

Related Posts

Broken record…

The Return Path In the Know blog listed 4 reasons mailing those old addresses is a bad idea.
Ashley, the author, is completely right and I endorse everything she said. (Although I’d really like to hear what happened to the customer that added back all those addresses. What was the effect on that campaign and future email marketing?) As I was reading the article though, I realized how many times this has been said and how depressing it is that we have to say it again. And again. And again.
A number of folks have told me that the reason they don’t pay any attention to delivery professionals is because we don’t provide enough real data. They can show that sending mail to old addresses costs them nothing, and makes them real money.
That’s not really true, though. We do provide data, they just don’t like it so they don’t listen to it. Return Path publishes lots of numbers showing that mailing unengaged recipients lowers overall delivery. I can provide case studies and data but companies that are committed to sending as much mail as possible throw up many reasons why our data isn’t good or valid.
The biggest argument is that they want hard numbers. I do understand this. Numbers are great. Direct and clear answers are wonderful. But delivery is a squishy science. There are a lot of inputs and a lot of modifiers and sometimes we can’t get exactly one answer. The data is noisy, and difficult to replicate. One of the reasons is that filtering is a moving target. Filters are not, and cannot be, fixed. They are adaptive and are changing even between one hour and the next.
Delivery experts are about risk management. They are the parents requiring everyone in the car wear seat belts, even though the driver has never had an accident. They are the fire department enforcing fire codes, even though it’s the rainy season.
Risk management isn’t about the idea that bad things will absolutely happen but rather that it is more likely that a bad thing will happen in some cases.
In this case, it’s more likely that delivery problems will happen when mailing old addresses. And if those addresses aren’t actively contributing to revenue, it’s hard to argue that their presence on a list is more beneficial than their absence.
But I repeat myself. Again.

Read More

One letter off…

I’m working on a blog post about the new Gmail tabbed inbox and the messages Gmail is inserting into the promotions tab. The messages aren’t showing up on most of my accounts, so I logged into an infrequently used account of mine. Ads are there, I got my screenshots and some data about the behaviour of the messages. So far so good.
I also discovered that at least two other women are using my address. One of them apparently ordered a bunch of wedding stuff from David’s Bridal shop using my email address. I hope Kirstie got her special order in time.
The other case is more interesting. I found dozens of emails in my inbox from what appeared to be friends including me in their email forward chain.
The Comic Sans. The FW:FW:FW:FW:FW subject lines. The horribly drawn cartoons. The inspirational messages. The prayer requests. The invites to bridge night. The followup demands that I reply to their invites for bridge night. The sad emails that I didn’t go to bridge night. There were emails from grandchildren. Questions about where I’d been and if I moved. Prayer chains. The messages go on and on.
Looking back through my inbox, this has been going on since sometime late in 2012. (Told you this was an infrequently used account). I looked and looked and I think I figured out what happened. A woman named Helen appears to to have an email address one letter off from mine (string@ vs stringsstring@) and one of her church friends tried to reply to her and dropped the ‘s’ from the email address. Once she did that, everyone else just kept hitting “reply all” and are including me in their forward chain.
It’s not commercial, it’s not spam. It’s just a bunch of people mistyping an email address and sending mail to someone they don’t know. I’m kinda glad it was a bunch of church ladies rather than Carlos Danger sending … well… Carlos Danger type messages.
People get email addresses wrong sometimes. It happens (ask me about the time I almost got my mailserver blocked because I mistyped an address while sending mail to a blocklist maintainer and hit a trap address by mistake…). The problem is that it can overwhelm an uninvolved person’s mailbox, even when it’s not commercial. Sure, if I was logging in to this account more often I’d probably have shut it down, but if they were paying attention they would have realized Helen is never replying to anything they send.
I kinda feel the same about commercial mailers that send me mail over and over and over again. I never open it, I never reply to it, I never respond to it. I wonder if there is actually anyone actually sending the mail, or if there’s just a lonely mailserver bricked up in a wall somewhere continually sending out spam.
Don’t be the bricked up server in the wall. Pay attention to what your recipients are doing.

Read More

DKIM and DomainKeys, Spam and Ham

I’ve been preaching “DKIM is great! DomainKeys is obsolete, get rid of it!” for several years now. I thought I’d take a look at my mailbox and see who was using authentication.
I’ve divided this into “Ham” and “Spam”. Spam is, well, all the spam I’ve received over the past couple of years. Ham is the non-spam mail in my inbox, whether personal, business, bulk or transactional. I’ve excluded most of the discussion mailing lists I’m on (not least because many of them consist of people in the email industry or are email standards development mailing lists, so have email authentication levels that are way outside the norm).

Read More