Recent Posts

Deliverability at Yahoo

We have multiple measures of deliverability. Ones that we don’t even let in the door, and then we have ones that customers indicated that they don’t want to be delivered.

Read More

Insight 2015 and upcoming talks

In about an hour I will be heading down to Monterey to give a talk at the MessageSystems Insight 2015 conference.
I really wanted to go to the whole conference, as I’ve heard great things about previous ones. It just didn’t work with my schedule. I’ll be around this afternoon and tomorrow morning, though. So if you’re there, do drop by and say Hi!
If you’re not at Insight, but are interested in hearing me speak, you can join us on November 12 at the 2015 All About eMail Virtual Conference & Expo. Ken Magill will be interviewing me about email and delivery. The session is also very open to audience questions, so come with some of your own.

Read More

Truths and Myths about email deliverability

virtualShow_forblogKen Magill will be interviewing me on the Truths and Myths of Email Deliverability, November 12 at the 2015 All About eMail Virtual Conference & Expo. Ken has a bunch of questions he wants to ask me, but he’s also expecting to take a lot of questions from the audience as well.
Speaking of myths, there has been discussion lately about recycled spamtraps. Apparently, there are people who believe (believed?) that every ISP uses recycled spamtraps. When Hotmail and Gmail said recently they didn’t use recycled traps people got very upset that they believed something that was not true.
It’s a mess. There is so much about email that is like a version of telephone. One person says “hotmail uses recycled spamtraps” someone else repeats “big ISPs use recycled spamtraps” then then third person says “all ISPs use recycled spamtraps.” People try and correct this type of misinformation all the time but sometimes it’s hard to clarify.
So show up to our session and let Ken lob questions at me, lob some of your own and we can see what myths we can clear up.

Read More

Finally! Spam has a purpose

omrayspam_kabekAuthor Julie Czerneda posted about some of her writing techniques on Jim C. Hines’ blog today. Julie is one of my favorite authors. She’s a biologist so her science writing flows well for me. Too many folks try to write biology and get little nitpicky details wrong and it can disrupt the whole book for me. I spend way too much time thinking about the actual biology and lose track of the plot.
One part of her post stood out and made me smile, though.

Read More

Weird Lashback listings

LashbackLogoI’m seeing some reports from various ESP folks that they’re experiencing an increase in Lashback listings the last day or so. They have contacted and are working with Lashback to identify what might be going on, if anything.
I’ll update once I know more and have permission to share.

Read More

Brian Krebs answers questions

IDCardForBlogBrian Krebs did an AMA on Reddit today answering a bunch of questions people had for him. I suggest taking a browse through his answers.
A few quotes stood out for me.
Q: Why do you think organizations seem to prefer “learning these lessons the hard way”? It doesn’t seem to be an information gap, as most IT executives say security is important and most individual contributors share risks upward with specific steps that can be taken to remediate risks. Given the huge costs for some breaches, why do you think more organizations don’t take the easy, preventative approach?

Read More

Trawling through the junk folder

As a break from writing unit tests this morning I took a few minutes to go through my Mail.app junk folder, looking for false positives for mail delivered over the past six weeks.

We don’t do any connection level rejection here, so any mail sent to me gets delivered somewhere. Anything that looks like malware gets dumped in one folder and never read, anything that scores a ridiculously high spamassassin score gets dumped in another folder and never read, mailing lists get handled specially and everything else gets delivered to Mail.app to deal with. That means that Mail.app sees less of the ridiculously obvious spam and is mostly left to do bayesian filtering, and whatever other magic Apple implemented.
There were about thirty false positives, and they were all B2C bulk advertising mail. I receive a lot of 1:1 mail, transactional mail and B2B marketing mail and there were no false positives at all for any of those.
All the false positives were authenticated with both SPF and DKIM. All of them were for marketing lists I’d signed up for while making a purchase. All of them were “greymail” – mail that I’d agreed to receive, and that was inoffensive but not compelling. While I easily spotted all of them as false positives via the from address and subject, none of them were content I’d particularly missed.
Almost all of the false positives were sent through ESPs I recognized the name of, and about 80% of them were sent through just two ESPs (though that wasn’t immediately obvious, as one of them not only uses random four character domain names, it uses several different ones – stop doing that).
If you’d asked me to name two large, legitimate ESPs from whom I recalled receiving blatant, blatant spam recently, it would be those same two ESPs. Is Mail.app is picking up on my opinions of the mail those ESPs are sending? It’s possible – details specific to a particular ESPs mail composition and delivery pipelines are details that a bayesian learning filter may well recognize as efficient tokens.

Read More

88 Miles per hour!

A lot of advertisers are really getting into this whole Back to the Future Day thing. A number of companies are compiling emails related to the phenomenon.
MailCharts
Milled
What other ads have folks seen referencing Marty and his trip back?

Read More

DMARC News – Gmail p=reject and ARC

DMARC.org announced this morning that Gmail will be moving to publishing a p=reject DMARC record in June of next year, much the same as Yahoo and AOL have.
Unlike Yahoo and AOL, Gmail are giving those who will be affected plenty of time to prepare for any issues, and have waited until there are some potential ways to mitigate problems in the development pipeline.
The ARC proposal, mentioned in the announcement, is one of the more promising mitigation approaches, and the specification for it can be found here:
Authenticated Received Chain (ARC) (draft-anderson-arc-00)
Recommended Usage of the Authenticated Received Chain (ARC) (draft-jones-arc-usage-00)
And some background on the issues it intends to mitigate can be found here:
Interoperability Issues Between DMARC and Indirect Email Flows (draft-ietf-dmarc-interoperability-07)

Read More

Silly Spam

I was cleaning out my inbox over the weekend and found a spam that actually made me laugh.
GreedCardLibrary
Yes, it is spam advertising the “Official Greed[sic] Card Lottery.” It’s been 20 years since I’ve seen one of those!

Read More
Categories
Tags