Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Engineers in the Internet Engineering Task Force, in the Messaging Anti-Abuse Working Group, and elsewhere have been debating how to handle e-mail-server blocklists in an IPv6 network. Let's take a look at the problem here. We basically have three ways to address spam, in our goal of reducing the amount of spam in our inboxes... more
On Monday the 3rd, California state Senator Dean Flores held a hearing of the E-Commerce, Wireless Technology, and Consumer Driven Programming committee grandly titled AOL: You Have Certified Mail, Will Paid E-mail Lead to Separate, Unequal Systems or is it the Foolproof Answer to Spam?. The senator's office said they were very eager to have me there, to the extent they offered to fly me out from New York, so since I happened to be on the way home from ICANN in New Zealand that weekend, I took a detour through Sacramento. Sen. Florez conducted the hearing, with Sens. Escutia and Torlakson sitting in briefly. Unfortunately, Sen. Bowen, who is very well informed on these topics, wasn't there. There were five panels of speakers, and I got to lead off... more
There has been a lot of recent discussions and questions about reputation, content and delivery of email. I started to answer some of them, and then realized there weren't any basic reference documents I could refer to when explaining the interaction. So I decided to write some. This post is about IP address reputation with some background on why IPs are so important and why ISPs focus so heavily on the sending IP. more
A series of attacks on the Email Service Provider (ESP) community began in late 2009. The criminals spear-phish their way into these companies that provide out-sourced mailing infrastructure to their clients, who are companies of all types and sizes. ... On March 30, the Epsilon Interactive division of Alliance Data Marketing (ADS on NASDAQ) suffered a massive breach that upped the ante, substantially. Email lists of at least eight financial institutions were stolen. more
NANOG 62 was held at Baltimore from the 6th to the 9th October. These are my observations on some of the presentations that occurred at this meeting. .. One of the more memorable sides in this presentation was a reference to "map" drawn by Charles Minard in 1869 describing the statistics relating to the Napoleonic military campaign in Russia, and the subsequent retreat. more
As I blogged about several months ago, as did numerous other anti-spam bloggers, David Ritz was sued by Jeffrey Reynolds and a judge in North Dakota agreed with Reynolds. At the heart of the case was that Ritz engaged in anti-spam activities using techniques known only to a small subset of advanced computer users, and used these techniques maliciously against Reynolds... Back in the olden days of spam fighting, some anti-spammers used to use malicious techniques against spammers in order to shut them down... more
The Federal Trade Commission and NIST had a two-day Authentication Summit on Nov 9-10 in Washington DC. When they published their report explaining their decision not to create a National Do Not Email Registry, the FTC identified lack of e-mail authentication as one of the reasons that it wouldn't work, and the authentication summit was part of their process to get some sort of authentication going. At the time the summit was scheduled, the IETF MARID group was still active and most people expected it to endorse Microsoft's Sender-ID in some form, so the summit would have been mostly about Sender-ID. Since MARID didn't do that, the summit had a broader and more interesting agenda. more
Reading through Brian Kreb's blog last week, he has an interesting post up on the White House's call upon the industry on how to formulate a plan to stem the flow of illegal pharmaceuticals...It is unclear to me whether or not the goal of this initiative is to stem the flow of online crime in general or to reduce the flow of illegal pharmaceuticals flowing into the United States (since presumably this cuts into the profits of large pharmaceutical companies... more
This is the second part of a three-part series interview by Geert Lovink with Jeanette Hofmann, policy expert from Germany, where she talks about her experiences as a member of the ICANN's Nominating Committee and her current involvement as a civil society member of the German delegation for the World Summit of the Information Society (WSIS). "So much in the current debates over global governance seems to go back to the issue what place governments and individual nation states have within global governance. What has been your ICANN experience? Ideally, what would be the place of the state? Do you believe in a federal structure? Should, for instance, bigger countries, in terms of its population, have a great say?..." more
Garth Bruen reports on a paper published by the American Society of Law, Medicine & Ethics of Boston University School of Law authored by Bryan A. Liang and Tim Mackey titled, "Searching for Safety: Addressing Search Engine, Website, and Provider Accountability for Illicit Online Drug Sales". From the paper: "Online sales of pharmaceuticals are a rapidly growing phenomenon. Yet despite the dangers of purchasing drugs over the Internet, sales continue to escalate. These dangers include patient harm from fake or tainted drugs, lack of clinical oversight, and financial loss. Patients, and in particular vulnerable groups such as seniors and minorities, purchase drugs online either naïvely or because they lack the ability to access medications from other sources due to price considerations. Unfortunately, high risk online drug sources dominate the Internet, and virtually no accountability exists to ensure safety of purchased products." more
Recently, I wrote about the Spamhaus Policy Block List (PBL), suggesting senders encourage their network/connectivity service providers (whomever they lease or purchase IP addresses from) to list their illegitimate email-sending IPs as a step towards improving the overall email stream on the internet. The initial PBL was seeded with listings from the Dynablock NJABL ("Not Just Another Bogus List"), which at the time of the cut-over was at more than 1.9 million entries... more
The Storm worm has gotten a lot of press this year, with a lot of the coverage tending toward the apocalyptic. There's no question that it's one of the most successful pieces of malware to date, but just how successful is it? Last weekend, Brandon Enright of UC San Diego gave a informal talk at the Toorcon conference in which he reported on his analysis of the Storm botnet. According to his quite informative slides, Storm has evolved quite a lot over the past year... more
Former CIA Director, George J. Tenet recently called for measures to safeguard the United States against internet-enabled attacks. "I know that these actions will be controversial in this age when we still think the Internet is a free and open society with no control or accountability, but ultimately the Wild West must give way to governance and control." Mr. Tenet seems about as confused about the internet as the ITU... more
People hate receiving spam, but most people stopped obsessing about spam a decade ago or more. In the interim, anti-spam filters have improved dramatically. Still, some anti-spammers hate spam so passionately -- or, perhaps, hope to put a little coin in their pockets -- that we still see a steady stream of lawsuits against email marketers. For the most part, those lawsuits don't win; in the past half-decade, repeat anti-spam plaintiffs have rarely won in court. more
The following speech was prepared with the intention of using portions of it during the FTC Spam Summit, but CAUCE was not given the opportunity to participate due to time constraints... "I am here today to question. Yesterday we heard how the tenor of the discussion about spam became more mature. How, in the period of time that has elapsed since the last summit, things have developed as an industry. That may be true, but I question if the discussion at hand here this week is truly a big tent effort. I see few anti-spammers here..." more
A World-Renowned Source for Internet Developments. Serving Since 2002.