Spam

Spam / Most Viewed

Best Practices: A Meaningless Term

Chad White wrote an article for MediaPost about best practices which parallels a lot of thinking I've been doing about how the email marketing industry treats best practices. After several conversations recently about "best practices," I'm convinced that the term is now meaningless. It's been bastardized in the same way that the definition of "spam" has shifted to the point that it has very different meanings to different groups of people. more

Technologists vs. Marketers: Talking Incompatible Talk Leads to Walking in the Wrong Direction

As if conversations between technologists and marketers weren't already difficult enough, it appears that the Direct Marketing Association's (DMA) Email Experience Council wants to redefine long-standardized terms such as "header" and "message." more

The Jaynes Case is Finally Over

Last September the Virginia Supreme Court issued a surprise ruling that reversed its previous decision and threw out the state’s anti-spam law on First Amendment grounds. The Commonwealth made a last ditch appeal to the US Supreme Court, which I predicted they’d be unlikely to accept. I guessed right... more

If Thou Be’st as Poor for a Subject as He’s for a King…

Way back in 1995, Wired reporter Simson Garfinkel gave Jeff Slaton the name "Spam King." Less than a year later, Sanford Wallace earned the title -- and soon had to share it (and his upstream provider) with Walt Rines. Others have come and gone; Sanford and Walt reappear every few years, together or separately, only to be sued away again... it seems as if any spammer noticed by law enforcement is immediately crowned "the Spam King," even when there are multiple such crownings happening at the same time. more

Court Case Serves as a Good Reminder as to the Perils of Marketing Through Text Messages

A court in Illinois rejected a motion to dismiss case filed by defendants in a class action brought on behalf of plaintiffs who received SMS spam marketing for an animated film called "Robots". The court's ruling is not surprising, given the other cases which have come to a similar conclusion. more

New Fear, Uncertainty and Doubt about Canada’s Anti-Spam Bill C-28

From time to time, we see unenlightened comments about the efficacy of laws in the fight against spam. "Laws won't stop spam" being the most common. No, they won't. What laws do is dissuade some people from undertaking shoddy mailing practices or even outright spam campaigns. Laws don't stop murder, rape and robbery either, but for those un-dissuaded who undertake such heinous crimes, we, as a society, have laws for punitive effect. They pay the price society exacts for their actions. C-28 will attenuate spam in Canada, and help us to fight spam internationally. more

Email Service Providers and the Coming Changes

Yesterday I talked about how I'm hearing warnings of a coming paradigm shift in the email industry. While these changes will affect all senders, Email Service Providers (ESPs) in particular are going to need to change how they interact with both ISPs and their customers. Currently, ESPs are able to act as "routine conveyers." The traffic going across their network is generated by their customers and the ESP only handles technical issues. more

Phishing Attack: An Open Letter to the Anti-Spam and Mailbox Operator Community

I'm sure many of you are familiar with the targeted ESP phishing attack that has been ongoing for almost a year now and has led to multiple known ESP system breaches. Return Path was recently a victim of this same attack... In short, a relatively small list of our clients' email addresses was taken from us, meaning those addresses are now the targets of the phishing campaign that are intended to compromise those client systems. more

The Incredible Leakyness of Commercial Mailers (Cont’d)

Last week I blogged about the way that lots of otherwise legitimate companies leak e-mail addresses to spammers. Here's a few more thoughts. One person asked how I knew that these were leaks, and not dictionary attacks, since the addresses I use are fairly obvious, the name of an often well known company @ my domain. It's a reasonable question, but the answer is simple... more

J.D. Falk Award

This morning M3AAWG announced the creation of the J.D. Falk award to recognize and honor people like J.D. who work to make the Internet safer for all users... J.D. was a legend in the abuse prevention world when I first started learning about spam and abuse prevention back in the late 90's. more

Bridging the Gaps: MAAWG, IETF, and BITS Establish Formal Relationships

As announced this morning, the Messaging Anti-Abuse Working Group (MAAWG) has established formal relationships with the Internet Engineering Task Force (IETF) and the BITS/Financial Services Roundtable... It's often said that there are too many different organizations working on the overlapping areas of abuse, trust, and related issues. I believe the collaborative approach MAAWG has chosen will bridge these gaps. more

Is Australia a Hot-Bed of Zombie Activity?

About a week ago, I posted that Australia was getting ISPs to boot infected computers off of their network. I commented on whether or not this was a good policy. However, there was one thing in that article that I wanted to comment on but didn't... more

Another One (Partially) Bites the Dust

Following in the footsteps of Lethic, Waledac and Mariposa, yet another botnet has been taken offline. Not completely, though, it was only a partial disconnect. The Zeus botnet, also known as Zbot, is a trojan password stealer that captures passwords and sends them to the attacker. more

Email Related Predictions for 2010

As my recent series of posts has indicated, I am seeing a lot of future changes in the email industry. What do I think we can look forward to in email in 2010? ...In the realm of real authentication, the protocol most are using is is DKIM. While people will probably continue to publish SPF records (and Microsoft will continue to cling to the hope it becomes widespread) its relevance will continue to decrease. more

Searching for Truth in DKIM: Part 4 of 5

Once you've determined that you can trust the signer of a message, as we discussed in part 3, it's easy to extrapolate that various portions of the message are equally trustworthy. For example, when there's a valid DKIM signature, we might assume that the From: header isn't spoofed. But in reality, DKIM only tells us two basic things... more