Email

Email / Featured Blogs

Searching for Truth in DKIM: Part 3 of 5

Mar 17, 2009

Last year, MAAWG published a white paper titled Trust in Email Begins with Authentication [PDF], which explains that authentication (DKIM) is “[a] safe means of identifying a participant-such as an author or an operator of an email service” while reputation is a “means of assessing their trustworthiness.”

 more

Gmail and IMAP and BlackBerry (Oh, my!)

Mar 17, 2009

When I was employed, I ran my own mail server and my own BlackBerry Enterprise Server, and I had things tuned pretty much exactly as I wanted them. My incoming mail got some custom processing that looked the sender's address up in my address book and assigned the message a category... I was a very happy email user. Now that I'm on my own, I've decided not to run my own server and all that software, and I've switched to Gmail and the T-Mobile BlackBerry server... Surprisingly, though, I'm mostly still happy... more

Searching for Truth in DKIM: Part 2 of 5

Mar 13, 2009

In part 1, we explained that the DKIM "d=" value identifies the domain name which signed the message, which may be a different domain name from the author of the message. Tying the signing and author domains together will require an additional standard: Author Domain Signing Practices (ADSP). In IETF parlance, the "author domain" is the domain name in the From: header, so ADSP is a way for the author domain to publish a statement specifying whether any other domain name should ever sign a message purporting to be From: that author domain... more

Searching for Truth in DKIM: Part 1 of 5

Mar 09, 2009

DomainKeys Identified Mail (DKIM) is the leading email authentication technology, supported by major ISPs including Google, AOL, and Yahoo! (who invented its predecessor), popular mail server software like Sendmail, and many of the best minds in email technology. But if you peruse the archives of the IETF DKIM mailing list, or start up a conversation at MAAWG, it might appear that there's still a lot of disagreement about what a DKIM signature actually means. more

Spam Fighting: Lessons from Jack Bauer?

Jan 12, 2009

As I blogged about several months ago, as did numerous other anti-spam bloggers, David Ritz was sued by Jeffrey Reynolds and a judge in North Dakota agreed with Reynolds. At the heart of the case was that Ritz engaged in anti-spam activities using techniques known only to a small subset of advanced computer users, and used these techniques maliciously against Reynolds... Back in the olden days of spam fighting, some anti-spammers used to use malicious techniques against spammers in order to shut them down... more

Reply-All Creates a DDoS Attack?

Jan 12, 2009

One can read in an Associated Press article that the US State Department have their email system bogged down due to too many people use the Reply-All function in their email client. IT Departments have asked people to not use Reply-All and also threaten with disciplinary action. To me, that is the wrong path forward. more

Who Pays for Email?

Jan 03, 2009

An acquaintance wondered why the people who run the systems that receive mail get to make all the rules about what gets delivered. After all, he noted: "The sender pays for bandwidth and agrees to abide by the bandwidth provider's rules." It is useful to think of the Internet as a collection of tubes, all leading from the periphery to the middle, where the middle is approximately "the peering point." The sender has paid for the tubes leading from himself to the middle... more

Top 10 Spam Stories of 2008

Jan 01, 2009

Well, it's a yearly tradition in the western hemisphere that at the end of the year, we compose a top 10 list of the 10 most . Since it is now 2009, I thought that I would create my own list of the top 10 spam stories of 2008. Now, not all of these will be universally applicable to everyone, they are the top 10 stories as seen by me. more

Lawless Canada Emerging as a Spam Haven

Dec 03, 2008

The recent Facebook case has placed the spotlight on Canada's ongoing failure to address its spam problem by introducing long overdue anti-spam legislation. The fact that organizations are forced to use U.S. courts and laws to deal with Canadian spammers points to an inconvenient truth – Canadian anti-spam laws are woefully inadequate and we are rapidly emerging as a haven for spammers eager exploit the weak legal framework. more

The Harsh Reality of Spam and Online Security… Should I Stay or Should I Go?

Nov 13, 2008

Working in the anti-spam and online malware fight can be depressing or at best invoke multiple personality disorder. We all know things are bad on the net, but if you want a dose of stark reality, check out Brian Kreb's fantastic 'Security Fix' blog on the Washington Post site... Speaking to an old friend who asked me what I was doing these days, I recently likened the fight against this relentless onslaught to having one's pinky in a dyke, and there are days when I don't even think we have a dyke! more

Industry Updates

Probing an Active Digital Trail of Iranian Hackers

Given a Malicious Email Address, What Can You Discover with Maltego’s WhoisXML API Transforms?

Come April, Nothing Is Certain Except Phishing and Taxes

Business Email Compromise Attacks: The Big Phishing Scam That’s Easily Missed

  • By CSC
  • Nov 20, 2020

MarkMonitor Releases New gTLD Quarterly Report for Q3 2020

Addressing Business Email Compromise in the Time of Coronavirus with Email Validation

Using Email Validation Tools to Stop Malspam Campaigns in Their Tracks

Fight Against Phishing: Email Address Verification as a Cybersecurity Process

The Need for Email Address Verification in Light of Subpoena-Themed Phishing Attacks

Common Threats That Can Be Overcome by Email Verification

Why Suspicious Email Addresses Must be Verified

5 Reasons Why Businesses Must Do Email Verification

IP Geolocation: How to Locate and Stop Phishing Threats

How the Best IP Geolocation API Can Support Cybersecurity Efforts

Port25 Announces Release of PowerMTA V4.5r5

View More