Recent Posts

FB email, put a fork in it

Today Facebook quietly put a bullet in the heart of it’s email program. Instead of running mailboxes, mail to Facebook addresses now simply forwarded to the users primary email address. Color me unsurprised.

Read More

Gmail pilots new FBL

Yes, it’s true. Gmail announced last Thursday at M3AAWG that they were piloting a new Feedback loop.
The Gmail FBL is currently for ESPs only. The announcement during MAAWG was that only MAAWG ESP members were eligible. They are requiring a DKIM signature for the FBL, but ESPs using individual customer d= values can get a FBL based on IPs. They are also not providing ANY information that reveals the complainer. Gmail’s intention is only to give ESPs feedback so that ESPs can prevent abuse. They are not giving feedback so complainers can be removed.
The email has a .csv attachment that has 3 columns: date, identifier and complaint rate.
The identifier is an ESP provided customer identifier. One of the ESPs I talked to said they were adding an X-header into their emails.
I’ve heard from beta testers that there is a minimum of 100 complaints before you’ll get any report.
Reports are sent daily if there is sufficient traffic to trigger them.
If you’re a MAAWG member, check the senders list for the signup URL.

Read More

Massive new phishing run

It seems while the experts are meeting to figure out how to stop spam, the spammers are exploiting new ways to spam. This morning my mailbox had over 100 messages with either the subject “market report” or “eviction notice.” What headers I checked showed this was from a botnet, sent to dozens of addresses at my domains.

Read More

So much to write about

This was a great MAAWG conference and there are a couple sessions I can write about. There were multiple sessions where representatives from various blocking groups and ISPs talked about what they block on. I have extensive notes and will be writing things up in the next few days.
The awesome folks at Mailchimp brought t-shirts for us.

Read More

Lavabit and darkmail

The M3AAWG keynote address today was a talk from Ladar Levinson about the shut down of Lavabit mail service after receiving demands from the NSA to hand over their SSL keys.
@maawg tweeted different quotes from the session. There is a conflict between privacy and security, and these are questions we need to resolve.
Ladar talked about his potential new service called darkmail, which pushes encryption back to the user level. I think there is relevance to this, as many online services are used for political and other organizing. As someone said to me last night, some of the people using our service could be killed if we don’t protect their privacy. He wasn’t speaking of the US residents, but people in places like Ukraine or Arab countries or other places undergoing violent revolutions.
Privacy is important, how we treat privacy is important. Handing over SSL keys to governments strikes me as a big problem.

Read More

Brian Krebs wins the Mary Litynski award

A little late, but I’ve been in sessions most of today. M3AAWG announced this morning that Brian Krebs won the 2014 Mary Litynski award. This award is given to people who work tirelessly to make the internet a better place.
I first had the pleasure of listening to Brian give the keynote address at a MAAWG conference many years ago. His ability to infiltrate some major spam operations and online forums for criminals is amazing. He’s also had retaliation attempts, including being SWATed and having heroin delivered to his house.
If you get a chance to hear Brian speak, I strongly encourage you to do so. His knowledge is outstanding and his speaking style is entertaining. I’ve learned a lot from Brian over the years and I’m pleased he won this award and that M3AAWG recognized his contribution to stopping abuse online.
M3AAWG press release

Read More

Using confirmation to get good email addresses

For 25 hours the group De La Soul is releasing their entire catalog for free online. What none of the articles are mentioning is that they’re using this to build their database of email addresses in a way that’s going to result in a clean database of high value email addresses.
How are they doing that? By making sure the addresses belong to their fans before they actually give fans access to the catalog. Yes, they are using confirmation as part of their signup process.
If you go to their website: wearedelasoul.com you’re asked for an email address so they can send the downloads to you.
dls_website
The fine print is the interesting bit:

Read More

M3AAWG conference next week

Next week is M3AAWG 30 in San Francisco. We’ll be there and are very excited to see the familiar faces and meet new people.
I recently had someone ask me what would I recommend to someone going to their first M3AAWG conference. My recommendation to anyone in the sender or marketer space is to go to some of the talks that are not about email delivery. Go to the sessions that talk about malware or SMS or anything other than just email delivery. For anyone in the ISP space go to a session focused on mobile or email sending. Use this time to learn about something totally different than what you do every day.
Another question I get frequently from senders is if the people from the ISPs are open to sitting down and talking with senders about the senders’ email problems. Generally, the answer is no. Most of the time, the ISP has no knowledge of who you are and what mail you’re sending, so all they can say is “send me an email with the IPs and I’ll take a look at it.” That’s it.
We’ll be in the city starting Monday afternoon, and I always enjoy meeting readers. Stop by and introduce yourself.

Read More

Target breach started from email

According to Brian Krebs the compromise of Target’s POS system probably originated with a phishing attack against one of Target’s vendors. This attack compromised credentials of the HVAC vendor and possibly allowed the hackers entrance into Target’s systems.
Interestingly, Brian mentions Ariba, a company I’ve been forced to deal by a large customer of ours. I’m not sure if there really is an attack vector where a vendor can get access through Ariba to the internal systems of the customers. However, my experience with Ariba has been frustrating and problematic, so I’ll be happy to believe their security is as broken as their email.
Email is a great way to interact with people and companies. It’s great for growing communities and businesses. But it is also a way for attackers to get access to your computer and the websites you interact with. Protect yourself, and your company, by running security software. And, please, don’t open attachments or click on links in emails and provide usernames and passwords.

Read More

LinkedIn shuts down Intro product

Intro was the LinkedIn product that created an email proxy where all email users sent went through LinkedIn servers. This week LinkedIn announced it is discontinuing the product. They promise to find new ways to worm their way into the inbox, but intercepting and modifying user mail doesn’t seem to have been a successful business model.

Read More
Categories
Tags