Yesterday -- in a unanimous decision of the US Federal Court of Appeals for the DC Circuit (CADC) in ASTM v. Public.Resource.Org --- some of the worst standards paywalls came tumbling down. The court definitively determined that where governmental authorities incorporate private organisation technical standards into law by reference, non-commercial dissemination of those standards "constitutes fair use and cannot support liability for copyright infringement." more
CDA Section 230 has been called "The 26 Words that Created the Internet". While it is obvious how Sec 230 protects the World Wide Web, it is equally important for e-mail. A recent Pennsylvania court case emphasizes this point. Dr. Thomas, a professor at the University of Pennsylvania, forwarded an article about another professor Dr. Monge to an online e-mail discussion list. Dr. Monge claimed the article was defamatory and sued Dr. Thomas, the university, and many others. more
From time to time, a party can get out of control. Raucous celebration can become careless, even destructive. Combine a critical number of young people, a certain amount of beer and lots of music and damage often happens. Partygoers leave a mess behind them. The same thing happens to some IP addresses. Malicious actors use IP addresses properly registered to someone else. more
Network operators rely on guidance from IP address experts because not all IP addresses used on the Internet are the same. The "reputation" of email senders is especially important because some are malicious users of the system. But identifying "senders" based on their email addresses or the individual IP address of a user presents issues that are unnecessarily complex. more
I can still hear it. ‘Hee hee’. That’s good. We all have unique laughs, but few are distinctive. Fewer yet belly the true nature of the human being issuing them. British insult comedian Jimmy Carr has one such laugh, a tri-tone ‘dah dah DUH,’ rising on the third expulsion. It has a bell-like quality, ringing, embodying the deft touch that Don Rickles had of insulting while loving, something Carr has mastered. It lets you know that despite him having just said something shocking and horrid, he is laughing with, never at, reassuring the target, ‘all is well.’ more
Has your organization recently received an email claiming to be from NABP's Internet Drug Outlet Identification Program (IDOI)? If so, it is possible that someone is trying to trick you. The NABP IDOI team's email account has recently been illegally "spoofed" by unaffiliated persons or organizations. Email spoofing involves the forgery of an email header so that the email appears to have originated from someone other than the actual source. more
Like measuring COVID's impact, so too measuring the impact of COVID-related abuse on the Internet is difficult, there are those that would foolishly dismiss the danger entirely, others over-state the problem, perhaps to prompt sales of tools and services. The amount and type of abuse varies from network to network, and to declare everything is fine based on one world-view you believe to be ubiquitous, or that the sky is falling based upon another, extrapolated to 'everybody else' is simply poor analysis. more
A recent piece in The Markup called Swinging the Vote? attempts to figure out how Google decides where to deliver political e-mail. They were startled to discover that only a small fraction of it was delivered into the main inbox, and a fair amount was classed as spam. They shouldn't have been. This is an example of the fallacy We're so nice that the rules don't apply to us, which is far too common among non-profit and political mailers. more
It is with a heavy heart that we note the passing of a dear friend, colleague and member of the CAUCE board of directors, Don Blumenthal, on September 28, 2019, in Ann Arbor, Michigan. He was 67. Don was an anti-spammer for as long a there was an anti-spam community: he helped design, deploy and maintain the famous 'Spam Fridge,' the repository of junk email maintained by the Federal Trade Commission (FTC). more
One of the ongoing recommendations to improve deliverability is to send email that is timely and relevant to the recipient. The idea being that if you send mail a recipient wants, they're more likely to interact with it in a way that signals to the mailbox provider that the message is wanted. The baseline for that, at least whenever I've talked about timely and relevant, is that the recipient asked for mail from you in the first place. more
It is both amusing and dismaying. Last year, Congress passed Ray Baum's Act telling the FCC to do something about those pesky incoming foreign SPAM calls and texts with the fake callerIDs. The FCC a couple of weeks ago responded with a chest thumping Report and Order claiming it has "extraterritorial jurisdiction" that is does not have, and promising it will do something. Don't hold your breath on that one. more
One of the fascinating parts of my job is seeing how different groups in email have radically disparate points of view. A current example is how much value senders put on spamtraps compared to ISPs and filtering companies. I understand why this is. In all too many cases, when a sender asks why they're mail is going to bulk or being blocked, the answer is "you're hitting spamtraps." The thing is, spamtraps are almost never the only reason mail is being blocked. more
Want to be a cybersleuth and track down hackers? It may sound ambitious considering that malevolent entities are extremely clever, and tracing them requires certain skills that may not be easy to build for the typical computer user. But then again, the best defense is offense. And learning the basics of sniffing out cybercriminals may not only be necessary nowadays, it has become essential for survival on the Web. So where can you begin? more
Many companies have the occasional "oops" where they send email they probably shouldn't have. This can often cause a decrease in reputation and subsequent delivery problems. Some companies rush to fix things by changing domains. Brand new domains, those registered less than 30 days, have really bad reputations. Blame the spammers and scammers who exploited a loophole and sent tons of untraceable spam from newly registered domains that they then abandoned without paying for them. more
I have recently become aware of a blog post from Recorded Future that attempts to analyze the effects of the GDPR on online security. Unfortunately, it starts by asking an irrelevant question and then goes on to use irrelevant metrics to come to a meaningless answer. The premise of Recorded Future's article - that spammers would send more spam and register more domains because GDPR came into effect - tells us nothing useful about how GDPR affects anything. It's the wrong question... more
J.D. Falk: 1974 - 2011
Researchers Use Social Graphs to Detect Spammers, AttackersA World-Renowned Source for Internet Developments. Serving Since 2002.