Recent Posts

McColo goes offline

Last week a major player in the botnet arena was taken offline when they were shutdown by their upstream provider.  With the demise of McColo, there has been a 30 – 50% drop in the amount of spam as measured by any number of different techniques. The CBL team has posted an article about their view of the McColo disconnection, which includes links to press articles about the shutdown. Spamhaus has their own take on the shutdown and another collection of links to articles about the shutdown.
In my own mailbox, I have noticed a drastic decrease in the amount of spam over the last week. I am too jaded to expect that the change is permanent, but it is nice while it lasts.

Read More

Don't do this

I recently received an email from someone I do not know. This email was welcoming me to the friends and family beta of a new website. This email got under my skin a bit and it has been one of those weeks and so I decided to reply to the email.
“Whomever sold you this email address lied to you,” says I. I did not point out all the reasons I know this, including the two @home.com addresses in the To: line next to mine, just stated that as a fact.
The sender replied telling me he did not purchase any email addresses, he just mailed the contents of his address book. At that point, I did a little poking around the web to see if I recognized the sender or we had worked together in the past or if there was a clear join between him and me. I could not find anything that triggered a memory in my mind, so I replied again. “Do you know where we met? I am not placing you.”
He finally replied, “Oh, you’re in my address book under Spamhaus. We must have interacted while you were working there.”
Please, please, dear readers, when you next launch your online business do not mail everyone in the address book you have been maintaining for the last 10 years. If you want to mail your friends and family, then do so. But just because you have an email address does not mean that the recipient wants to hear from you. And, really, mailing the folks you think work for Spamhaus? Not smart. Had I really been a Spamhaus employee, chances are his bright, shiny new company would be blocklisted before it ever had a chance.

Read More

First amendment and spam

One common argument that spammers use to support their “right” to spam is that they have a first amendment right to free speech. My counter to this argument has always been that most networks are private and not government run and therefore there is no first amendment right involved. I have always hedged my bets with government offices, as these are technically government run and there may be first amendment issues involved if the government office blocks email.
Recently the Third Circuit Court of Appeals ruled on Ferrone v. Onorato, No. 07-4299, 2008 WL 4763257 (3rd Cir. October 31, 2008) addressing this issue specifically. Evan Brown at InternetCases has a post up about the court’s finding. He says:

Read More

FBL updates

Roadrunner shifted the release date for their new FBL to December 14th.
Despite rumors, the Yahoo FBL is not actually accepting new participants.

Read More

AOL and DKIM

Yesterday, on an ESPC call, Mike Adkins of AOL announced upcoming changes to the AOL reputation system. As part of these changes, AOL will be checking DKIM on the inbound. Best estimates are that this will be deployed in the first half of 2009, possibly in Q1. This is something AOL has been hinting at for most of 2008.
As part of this, AOL has deployed an address where any sender can check the validity of a DKIM signature against the AOL DKIM implementation. To check a signature, send an email to any address at dkimtest.aol.com.
I have done a couple of tests, from a domain not signing with either DK or DKIM, from a domain signing with DK and from a domain signing with both DK and DKIM. In all cases, the mail is rejected by AOL. The specific rejection messages are different, however.
Unsighng domain: host dkimtest-d01.mx.aol.com[205.188.103.106] said: 554-ERROR: No DKIM header found 554 TRANSACTION FAILED (in reply to
end of DATA command)
DK signing domain: “205.188.103.106 failed after I sent the message.
Remote host said: 554-ERROR: No DKIM header found
554 TRANSACTION FAILED”
DK/DKIM signing domain: “We tried to delivery your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554-PASS: DKIM authentication verified
554 TRANSACTION FAILED (state 18).”
As you can see, in all cases mail is rejected from that address. However, when there is a valid DKIM signature, the failure message is “554-PASS.”
As I have been recommending for months now, all senders should be planning to sign with DKIM early in 2009. AOL’s announcement that they will be using DKIM signatures as part of their reputation scoring system is just one more reason to do so.

Read More

Two reasons not to buy a list

Ken Magill, celebrity, has two articles today that highlight the issue with buying lists from vendors. The first is yet another article about EmailAppenders selling bad data. In this case, it is not the buyers who are complaining. According to Ken EmailAppenders are sending out email advertising they can sell Internet Retailer’s list of 2008 conference attendees. Internet Retailer is disputing this and has sent EmailAppenders a cease and desist. EmailAppenders is currently dodging Ken’s attempts to get their side of the story.
The second is an article about Zoominfo, a new group in the list selling business. Zoominfo has long been harvesting information from other sites. Now, they are offering to sell their scraped and harvested list. Their only requirement is that the buyer sign an agreement to comply with CAN SPAM. And, yes, if someone is dumb enough to buy this harvested list, they should comply with CAN SPAM as sending mail to a harvested list triggers additional penalties if or when the FTC decides to go after the sender.
Not only are Zoominfo harvesting data, they are harvesting from ancient and obscure sources. They have no current information for me, but they managed to find an email address for a job I left in 1993. They have Steve listed as an employee of “postgreSQL INC” because they harvested the postgres mailing list archives. Mickey pointed out one of Zoominfo’s sources is http://free-personal-ads-wanted-sex-partner-near-hays-kansas.themasterwithin.ca/arch/4/. You do not even need to visit that site, just look at the URL!
Zoominfo’s VP and general manager claims they send emails to people regularly, offering them the chance to opt-out. First of all, I have never received one of these, have any of you? Secondly, some of the addresses are so old opt-outs are not relevant. Finally, unless they are monitoring their delivery, which I strongly doubt given their business model, anyone buying addresses from them is going to buy lots of dead addresses. And spamtraps. Lots of spamtraps.
I am sure that people who buy and sell lists regularly will tell me that these are outliers and that most companies who sell lists have higher data collection standards. My experience suggests that these are middle of the road list brokers. They are companies who are willing to sell anything with an @ sign in it and do not care about how sending to that data affects their customers.

Read More

Twittering

Yes, I finally succumbed to peer pressure and started twittering as wise_laura. Stop on by and introduce yourselves.

Read More

e360 v. Comcast

Mickey has new docs up at Spamsuite in the case between e360 and Comcast.

Read More

New AOL postmaster blog

AOL has their new postmaster blog up and running at http://postmaster-blog.aol.com/. Today they announced new tools over there including a FBL checking tool and a block checking tool.

Read More

Gmail problems

Some people have been reporting problems with mail to gmail backing up. Steve has some information about the problem.

Read More
Categories
Tags