Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
CAUCE Executive Director Neil Schwartzman won the prestigious Mary Litynski award on June 08, 2011 for his contributions to Internet anti-abuse efforts, including the passage of Canada's Anti-Spam Law. more
One of the fascinating parts of my job is seeing how different groups in email have radically disparate points of view. A current example is how much value senders put on spamtraps compared to ISPs and filtering companies. I understand why this is. In all too many cases, when a sender asks why they're mail is going to bulk or being blocked, the answer is "you're hitting spamtraps." The thing is, spamtraps are almost never the only reason mail is being blocked. more
Various people whose judgment I value [M. Mueller, B. Fausett] have suggested that ICANN/IANA may finally get to the issue of privacy.
The ICANN Board is establishing a "President's Standing Committee on Privacy" (why the committee is possessed by ICANN's "president" and not the Board is something we can deal with at another time and another place.)
Privacy is a hard question. It is a matter that pervades all aspects of information handling. It would be entirely inappropriate, and ultimately futile, to try to deal with privacy as an after-the-fact adjustment to the existing DNS Whois system. It is necessary to examine the most fundamental questions -- such as what reasons, if any, justify there being a Whois database at all. more
If there were a lifetime achievement award for losing lawsuits for being annoying, Sanford Wallace would be a shoo-in. Fifteen years ago, his junk faxing was a major impetus for the TCPA, the law outlawing junk faxes. Later in the 1990s, his Cyber Promotions set important legal precedents about spam in cases where he lost to Compuserve and AOL. Two years ago, he lost a suit to FTC who sued his Smartbot.net for stuffing spyware onto people's computers. And now, lest anyone think that he's run out of bad ideas, he's back, on the receiving end of a lawsuit from MySpace... more
Here is a list of the most viewed news and blog postings that were featured on CircleID in 2008... Best wishes for 2009 and Happy New Year from all of us here at CircleID. more
Neil Schwartzman writes: "There is a lot of press on the profound effect the take-down of the Rustock botnet, affected by Microsoft, some U.S. federal agencies, and countless others working in the background to assist in the effort. CAUCE has aggregated a few of the best stories and data-points. A community congratulations, and thank-you to all those involved!" more
Last week the DMA announced with considerable fanfare that their members should all use e-mail authentication. DMA members send a lot of bulk e-mail, but not much that would be considered spam by any normal metric. (Altria's Gevalia Kaffee is one of the few exceptions.) Their main problem is their legitimate bulk mail, sent in large quantities from fixed sources, getting caught by ISPs spam filters. That happens to be one problem for which path authentication schemes like SPF and Sender ID are useful, since they make it easier to add known fixed source mailers to a recipient ISP's whitelist, and that's just what AOL and probably other big ISPs use it for. While the DMA may be implying that this is a virtuous move, in reality it's something that their members are doing anyway for straightforward business purposes. more
Many companies have the occasional "oops" where they send email they probably shouldn't have. This can often cause a decrease in reputation and subsequent delivery problems. Some companies rush to fix things by changing domains. Brand new domains, those registered less than 30 days, have really bad reputations. Blame the spammers and scammers who exploited a loophole and sent tons of untraceable spam from newly registered domains that they then abandoned without paying for them. more
Ever since I heard of the new generic Top-Level Domains (gTLDs), I wondered whether they would be prone to abuse. For example, Microsoft might want to register www.microsoft.microsoft, or Sony might want to register www.sony. But isn't this opening up the floodgates for spammers to register their own domains and squat on them? Why couldn't a spammer register www.cit.ibank? They could then send phishing messages and fool people into clicking very legitimate looking domains. But I don't think this will be a problem. more
I have often remarked that any fool can run a DNS-Based Blacklist (DNSBL) and many fools do so. Since approximately nobody uses the incompetently run black lists, they don't matter. Unfortunately, using a DNSBL requires equally little expertise, which becomes a problem when an operator wants to shut down a list. When someone sets up a mail server (which we'll call an MTA for Mail Transfer Agent), one of the tasks is to configure the anti-spam features, which invariably involves using DNSBLs. more
The 2004 criminal spam case against large-scale spammer Jeremy Jaynes, which I've covered in several previous blog entries, appears to have come to an ignominious end with the state supreme court throwing out the law under which he was convicted. The Virginia anti-spam law was one of the first in the country with criminal provisions, but it failed due to the way that First Amendment cases are treated differently from all other cases. more
From "Last Call for Whois Comments", a recent opinion piece by eWeek's Security Center Editor Larry Seltzer: "It's not a good sign when the criminals and the lawyers are on the same side of an issue; there may be no good solution to the problems of Whois service rules. Who would have imagined that so much business and so much abuse would center around Internet domain names? Certainly not the designers of the system, including those of the Whois service, which reports on ownership and some other data on domain names... more
Contrary to concerns regarding the effect of GDPR, "not only has there not been an increase in spam, but the volume of spam and new registrations in spam-heavy generic top-level domains (gTLDs) has been on the decline." more
Canada's Anti-Spam Law, CASL, is now a done deal. Last Thursday, Treasury Board of Canada President (and champion of CASL) Tony Clement approved Industry Canada regulations in their final form. Today, Minister of Industry the Honourable James Moore announced CASL will come into force in July 1, 2014. more
Zango, a company that used to be called 180 solutions, has a long history of making and distributing spyware. (See the Wikipedia article for their sordid history.) Not surprisingly, anti-spyware vendors routinely list Zango's software as what's tactfully called "potentially unwanted". Zango has tried to sue their way out of the doghouse by filing suit against anti-spyware vendors. In a widely reported decision last week, Seattle judge John Coghenour crisply rejected Zango's case, finding that federal law gives Kaspersky complete immunity against Zango's complaint... more
A World-Renowned Source for Internet Developments. Serving Since 2002.