Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Between September of 2015 and May 2016, (last 8 months) Port25 saw almost a 30 percent jump in new cloud-based email infrastructure interest outside the United States... While most of the influential senders are not abandoning on-premises mail transfer agent (MTA) solutions, many are looking to cloud infrastructure for managing higher-volumes by bifurcating individual email streams to the cloud.
Happy Early Memorial Day. Once an ESP or marketing automation company declares itself for sale, there seems to be a mass exodus by investors, which sends up a red flag, (well in this case, a red & white striped flag). This past week there were rumblings about the potential suitors for Marketo. While it is rumored that German company SAP is the front-runner, there are many other potential suitors circling the marketing automation software company.
Sometimes, a software company is as much about people as it is about technology. Who says PowerMTA admins don't have influence? Not only are they the influencers of our brand [Port25] they are also the main influencers and decision-makers when it comes to purchasing decisions.
Last month I attended the 36th annual M3AAWG conference in San Francisco, where esteemed members of the online messaging and anti-abuse community come together to make the Internet a safer and more secure environment. The sending community is highly influential especially among Email Service Providers (ESPs) and truly dominated the two-macro conversations that I participated in. These conversations have the industry in somewhat of a transition.
The IGF this morning published a number of reports, including the aforementioned one, at the URL provided, titled 'IGF 2015 Best Practice Forum Regulation and mitigation of unsolicited communications.' The reports can be found in the included URLs on the IGF Website.
DMARC is an anti-phishing technique that AOL and Yahoo repurposed last year to help them deal with the consequences of spam to (and apparently from) addresses in stolen address books. Since DMARC cannot tell mail sent through complex paths like mailing lists from phishes, this had the unfortunate side effect of screwing up nearly every discussion list on the planet. Last week the DMARC group published a proposal called ARC, for Authenticated Received Chain, that is intended to mitigate the damage. What is it, and how likely is it to work?
RHEL6/Centos6 (and presumably RHEL7/Centos7) machines with the latest openssl packages now refuse SSL connections with DH keys shorter than 768 bits. Consider RHEL6 sendmail operating as a client, sending mail out to a target server. If the target server advertises STARTTLS, sendmail will try to negotiate a secure connection. This negotiation uses openssl, which will now refuse to connect to mail servers that have 512 bit DH keys. The maillog will contain entries with "reject=403 4.7.0 TLS handshake failed".
Stepping back from the DMARC arguments, it occurs to me that there is a predictable cycle with every new e-mail security technology... Someone invents a new way to make e-mail more secure, call it SPF or DKIM or DMARC or (this month's mini-fiasco) PGP in DANE. Each scheme has a model of the way that mail works. For some subset of e-mail, the model works great, for other mail it works less great.
Every year M3AAWG gives an award for lifetime work in fighting abuse and making the Internet a better place. Yesterday at its Dublin meeting they awarded it to Rodney Joffe, who has been quietly working for over 20 years. I can't imagine anyone who deserves it more.
Facebook just announced support for PGP, an encrypted email standard, for email from them to you. It's an interesting move on many levels, albeit one that raises some interesting questions. The answers, and Facebook's possible follow-on moves, are even more interesting. The first question, of course, is why Facebook has done this. It will only appeal to a very small minority of users. Using encrypted email is not easy.
A World-Renowned Source for Internet Developments. Serving Since 2002.