The latest discovery came while researchers at a security firm found a young Russian hacker bragging in an online forum that he had collected and was ready to give away a far larger number of stolen credentials that ended up totalling 1.17 billion records, Reuters reports. more
The U.S. House of Representatives voted unanimously today to pass H.R. 699, the Email Privacy Act, closing a loophole that allowed law enforcement authorities to obtain old email and other digital communications without a warrant from the court. more
The Internet Infrastructure Coalition (i2Coalition) has joined the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) to continue efforts on developing best practices for hosting and cloud service companies as well as sharing other information that will protect end-users. more
Sometimes, a software company is as much about people as it is about technology. Who says PowerMTA admins don't have influence? Not only are they the influencers of our brand [Port25] they are also the main influencers and decision-makers when it comes to purchasing decisions. more
Internet pioneer, Ray Tomlinson has passed away. He died at his home yesterday morning from a suspected heart attack at the age of 74. While best known as the creator of the email messaging system, Tomlinson made tremendous contributions to the field of computing science, evolution of the Internet, and ultimately how the world communicates today. more
Last month I attended the 36th annual M3AAWG conference in San Francisco, where esteemed members of the online messaging and anti-abuse community come together to make the Internet a safer and more secure environment. The sending community is highly influential especially among Email Service Providers (ESPs) and truly dominated the two-macro conversations that I participated in. These conversations have the industry in somewhat of a transition. more
The IGF this morning published a number of reports, including the aforementioned one, at the URL provided, titled 'IGF 2015 Best Practice Forum Regulation and mitigation of unsolicited communications.' The reports can be found in the included URLs on the IGF Website. more
Google in partnership with the University of Michigan and the University of Illinois, has published the results of a multi-year study that measured how email security has evolved since 2013. Although Gmail was the foundation of the research, insights from the study are believed to be applicable to email more broadly. more
DMARC is an anti-phishing technique that AOL and Yahoo repurposed last year to help them deal with the consequences of spam to (and apparently from) addresses in stolen address books. Since DMARC cannot tell mail sent through complex paths like mailing lists from phishes, this had the unfortunate side effect of screwing up nearly every discussion list on the planet. Last week the DMARC group published a proposal called ARC, for Authenticated Received Chain, that is intended to mitigate the damage. What is it, and how likely is it to work? more
Every year M3AAWG gives an award for lifetime work in fighting abuse and making the Internet a better place. Yesterday at its Dublin meeting they awarded it to Rodney Joffe, who has been quietly working for over 20 years. I can't imagine anyone who deserves it more. more
Facebook just announced support for PGP, an encrypted email standard, for email from them to you. It's an interesting move on many levels, albeit one that raises some interesting questions. The answers, and Facebook's possible follow-on moves, are even more interesting. The first question, of course, is why Facebook has done this. It will only appeal to a very small minority of users. Using encrypted email is not easy. more
I am excited to announce the recent release of the industry first Best Common Practices document for Cloud and Hosting providers for addressing abuse issues that was created by M3AAWG and the i2Coalition. M3AAWG has been collaborating with the Best Practices Working Group of the i2Coalition over the past 2 years to discuss ways to solve malicious activity within hosting and cloud ecosystems. more
You might expect that the IT department or security team knows who's sending email using your company's domains. But for a variety of reasons these groups are often unaware of many legitimate senders -- not to mention all the bad actors. Fortunately you can get a more complete view by using DMARC's reporting features. How does it happen? Product teams managing a new product launch or customer survey hire marketing consultants and Email Service Providers (ESP)... more
During the M3AAWG meeting in Brussels earlier this year, Dave Crocker and John Levine were asked to step into an impromptu video studio and talk about how email has changed over the past several decades and whether we are any closer to resolving the spam problem. more
The history of long distance communication is a fascinating, and huge, subject. I'm going to focus just on the history of network email -- otherwise I'm going to get distracted by AUTODIN and semaphore and facsimile and all sorts of other telegraphy. Electronic messaging between users on the same timesharing computer was developed fairly soon after time-sharing computer systems were available, beginning around 1965 -- including both instant messaging and mail. more
A World-Renowned Source for Internet Developments. Serving Since 2002.