Remember the old email hoax about Hillary Clinton pushing for email taxation? When we first heard AOL's plans for Goodmail today, we thought maybe the hoax had re-surfaced and a few industry reporters got hooked by it. But alas, this tax plan seems to be true. AOL has long held the leading standard in email whitelisting. Every email sender who cares about delivery has tried to keep their email reputation high so that they could earn placement on AOL's coveted Enhanced Whitelist. Now, AOL may be saying that those standards don't matter as much as a postage stamp when it comes to email delivery. more
For those who've been living in an e-mail free cave for the past year, phishing has become a huge problem for banks. Every day I get dozens of urgent messages from a wide variety of banks telling me that I'd better confirm my account info pronto. ...Several people have been floating proposals to extend authentication schemes to the URLs in a mail message. A sender might declare that all of links in it are to its own domain, e.g., if the sender is bigbank.com, all of the links have to be to bigbank.com or maybe www.bigbank.com. Current path authentication schemes don't handle this, but it wouldn't be too hard to retrofit into SPF. ...So the question is, is it worth the effort to make all of the senders and URLs match up? more
TL;DR? It's worth reading, BUT, if not -- ICANN has yet another group looking at WHOIS, and there is a huge push to redact it to nothing. I spend easily half my day in WHOIS data fighting online crime, losing it would not make my job harder, it will make it impossible. PLEASE JOIN THE ICANN GROUP and help us fight back against people who are fighting in favour of crime. more
Engineers in the Internet Engineering Task Force, in the Messaging Anti-Abuse Working Group, and elsewhere have been debating how to handle e-mail-server blocklists in an IPv6 network. Let's take a look at the problem here. We basically have three ways to address spam, in our goal of reducing the amount of spam in our inboxes... more
Kidnap. Rape. There are no lesser words that can be used to describe what happened to the daughter of an anti-spam investigator in Russia. His daughter was recently released, according to Joseph Menn's recent article on Boing Boin, after having been kidnapped from her home five years ago, fed drugs, and made to service men, as a warning to ward off further investigations. The criminals behind these vicious acts were also responsible for large spamming organization associated with Russian Mob activity. more
In my department, we block about 92% of our total email (around 2.5 billion per day) at the network edge without accepting the message. When we do that, we don't see any traffic from that IP anymore and don't keep stats on it due to the overwhelming volume of mail. However, we do keep stats on mail that we block with our content filter. I decided to go and calculate how much spam we receive from each country by mapping the source IP back to its source country... more
You may have read reports that the total amount of spam is on the decline. Don't believe them. In the month of October, I saw the amount of spam in my traps here roughly double, from about 50,000 per day to 100,000/day now. In conversations with managers at both ISPs and corporate networks, I'm hearing the same thing. more
Google News now shows more than 300 stories about Spamhaus, most about a proposed court order following a district court default judgment. To me, the most interesting is the meta-story -- why the non-event of a proposed order has the blogs scrambling with claims of constitutional crisis and even the notoriously close-lipped ICANN issuing an announcement "in response to community interest expressed on this topic." more
Why do we run content filters at the recipient's side? Paul Graham's Plan for Spam introduced them that way. After several years, we can say that plan doesn't work very well. Email has become much less reliable. One way to recover reliability, at least between trusted parties, is to run filters at the sender's side. Let's look at the diagram in more detail... more
An article in the September issue of Wired explores search spam and the role of .info domain names. The article, titled "Spam + Blogs = Trouble" is a good overview of the problems of search spam, blog spam, and other various forms of web activity designed to take advantage of search engines. (The article will be online September 5, but you can read it on page 104 of the print edition that is available to subscribers now). For those not versed in search spam, it's basically creating multiple websites, typically auto-generated by computers, to get good search rankings and then monetize the resulting search traffic through AdSense or affiliate programs. The article focuses much of its attention to splogs, or auto-generated blogs... more
One of the best sources of information about sites on the web is the Whois database. A trio of patent applications from Go Daddy, published last week at the US Patent and Trademark Office, explores whether adding additional information to the Whois database might help reduce spam, phishing, and other fraudulent practices and improve search engine results. The patent filings from Go Daddy would add reputation information to the published Whois data to let others use it for a number of reasons, including enabling search engines incorporate it into their ranking mechanisms. ...The patent application from Google focuses upon fighting web spam using a wide range of data, including that associated with domain names. ...We can't really be certain that Google is presently using this information, but there are some indications that they may be... more
The latest post on DearAOL's blog, by EFF activist coordinator Danny O'Brien, is titled "The Shakedown Begins". In short, Danny receives email from overstock.com on an AOL mailbox -- email that he apparently paid overstock $29.95 to receive. And that email arrives with Goodmail certification that AOL recognizes and flags as such. Danny seems to think this is not the sort of email that should be certified by Goodmail, and that AOL should not suddenly turn on Goodmail certification. Suddenly? more
You all remember Sitefinder don't you? According to The Register, CentralNic , owner of a number of popular domains including uk.com and us.com, has added wildcard A records to .uk.com. Cue the usual round of sniping about Internet stability (with which, as you will see, I agree). The question is, given the difference in scale (.com and .net are huge; .uk.com is quite small) will anyone notice? And does it matter? Certainly CentralNic seems to think the small scale of their domains excuses or at least mitigates the Internet stability side effects of their ploy. more
Spam is not about who sent it, it's about who benefits from it. For a moment forget everything you know about filters, zombie PCs, firewalls, spoofing, viruses, beisyan algorithms, header forgery, botnets, or blacklists. These are all methods for sending spam or preventing spam delivery. None of these explain why spam is sent and for far too long all the attention has been paid to the effects and not the driving force. Under the endless onslaught of junk mail it is easy to feel that the goal of the game is send spam and annoy us all. more
ICANN has posted a request by Afilias for a new registry service in relation to "abusive" domains in dot-info. While in general the proposal is motivated by good intentions, the devil is in the details. While most folks (including myself) probably care very little about the .info TLD, my concern is that any bad implementation in .info might be copied or used as a precedent in other more important TLDs, in particular .com run by VeriSign. more
A World-Renowned Source for Internet Developments. Serving Since 2002.