Recent Posts

Finally! Spam has a purpose

omrayspam_kabekAuthor Julie Czerneda posted about some of her writing techniques on Jim C. Hines’ blog today. Julie is one of my favorite authors. She’s a biologist so her science writing flows well for me. Too many folks try to write biology and get little nitpicky details wrong and it can disrupt the whole book for me. I spend way too much time thinking about the actual biology and lose track of the plot.
One part of her post stood out and made me smile, though.

Read More

Weird Lashback listings

LashbackLogoI’m seeing some reports from various ESP folks that they’re experiencing an increase in Lashback listings the last day or so. They have contacted and are working with Lashback to identify what might be going on, if anything.
I’ll update once I know more and have permission to share.

Read More

Brian Krebs answers questions

IDCardForBlogBrian Krebs did an AMA on Reddit today answering a bunch of questions people had for him. I suggest taking a browse through his answers.
A few quotes stood out for me.
Q: Why do you think organizations seem to prefer “learning these lessons the hard way”? It doesn’t seem to be an information gap, as most IT executives say security is important and most individual contributors share risks upward with specific steps that can be taken to remediate risks. Given the huge costs for some breaches, why do you think more organizations don’t take the easy, preventative approach?

Read More

Trawling through the junk folder

As a break from writing unit tests this morning I took a few minutes to go through my Mail.app junk folder, looking for false positives for mail delivered over the past six weeks.

We don’t do any connection level rejection here, so any mail sent to me gets delivered somewhere. Anything that looks like malware gets dumped in one folder and never read, anything that scores a ridiculously high spamassassin score gets dumped in another folder and never read, mailing lists get handled specially and everything else gets delivered to Mail.app to deal with. That means that Mail.app sees less of the ridiculously obvious spam and is mostly left to do bayesian filtering, and whatever other magic Apple implemented.
There were about thirty false positives, and they were all B2C bulk advertising mail. I receive a lot of 1:1 mail, transactional mail and B2B marketing mail and there were no false positives at all for any of those.
All the false positives were authenticated with both SPF and DKIM. All of them were for marketing lists I’d signed up for while making a purchase. All of them were “greymail” – mail that I’d agreed to receive, and that was inoffensive but not compelling. While I easily spotted all of them as false positives via the from address and subject, none of them were content I’d particularly missed.
Almost all of the false positives were sent through ESPs I recognized the name of, and about 80% of them were sent through just two ESPs (though that wasn’t immediately obvious, as one of them not only uses random four character domain names, it uses several different ones – stop doing that).
If you’d asked me to name two large, legitimate ESPs from whom I recalled receiving blatant, blatant spam recently, it would be those same two ESPs. Is Mail.app is picking up on my opinions of the mail those ESPs are sending? It’s possible – details specific to a particular ESPs mail composition and delivery pipelines are details that a bayesian learning filter may well recognize as efficient tokens.

Read More

88 Miles per hour!

A lot of advertisers are really getting into this whole Back to the Future Day thing. A number of companies are compiling emails related to the phenomenon.
MailCharts
Milled
What other ads have folks seen referencing Marty and his trip back?

Read More

DMARC News – Gmail p=reject and ARC

DMARC.org announced this morning that Gmail will be moving to publishing a p=reject DMARC record in June of next year, much the same as Yahoo and AOL have.
Unlike Yahoo and AOL, Gmail are giving those who will be affected plenty of time to prepare for any issues, and have waited until there are some potential ways to mitigate problems in the development pipeline.
The ARC proposal, mentioned in the announcement, is one of the more promising mitigation approaches, and the specification for it can be found here:
Authenticated Received Chain (ARC) (draft-anderson-arc-00)
Recommended Usage of the Authenticated Received Chain (ARC) (draft-jones-arc-usage-00)
And some background on the issues it intends to mitigate can be found here:
Interoperability Issues Between DMARC and Indirect Email Flows (draft-ietf-dmarc-interoperability-07)

Read More

Silly Spam

I was cleaning out my inbox over the weekend and found a spam that actually made me laugh.
GreedCardLibrary
Yes, it is spam advertising the “Official Greed[sic] Card Lottery.” It’s been 20 years since I’ve seen one of those!

Read More

Glitchy Google Postmaster tools

A bunch of folks today mentioned they were seeing poor reputation for formerly good reputations on Google Postmaster Tools. I’m seeing a lot of screen shots that look like this one.
Postmaster_Tools
It looks like something is going on over there that has nothing to do with actual reputation. Could be a reporting bug, could be a filtering problem. I’m not seeing people mention delivery problems, just that the reputation monitor is showing bad reputation.

Read More

Network Solutions email issues

According to twitter and mailop Network Solutions is having issues with inbound mail, with both TCP level disconnections and 451 deferrals.

Read More

Ethics in Internet Operations

In early September, I posted about a survey being done by Jan Schaumann regarding how sysadmins viewed their ethical obligations with regard to users. The results of this have now been published by Jan. He’s also shared his talk and slides on the data.
Well worth a look through the data. I took a quick run through of his talk and it looked interesting and is definitely going on my to-read list.

Read More
Categories
Tags