One of my pet peeves is the headline "n %" of email is spam, it is inherently misleading, and conveys no useful data. I guess it makes for great newspaper headlines then! On our servers looking at one email address for 4 hours, we saw 208 attempted connections for SMTP traffic referring to this email address. ...One can't measure spam in relation to the amount of genuine email, because the amount of genuine email is not connected to the amount of spam... more
The latest post on DearAOL's blog, by EFF activist coordinator Danny O'Brien, is titled "The Shakedown Begins". In short, Danny receives email from overstock.com on an AOL mailbox -- email that he apparently paid overstock $29.95 to receive. And that email arrives with Goodmail certification that AOL recognizes and flags as such. Danny seems to think this is not the sort of email that should be certified by Goodmail, and that AOL should not suddenly turn on Goodmail certification. Suddenly? more
Google News now shows more than 300 stories about Spamhaus, most about a proposed court order following a district court default judgment. To me, the most interesting is the meta-story -- why the non-event of a proposed order has the blogs scrambling with claims of constitutional crisis and even the notoriously close-lipped ICANN issuing an announcement "in response to community interest expressed on this topic." more
Apparently, at this stage, it is only a proposed ruling. But I am no lawyer. This story has been discussed before, when Spamhaus, which is located in the UK, was sued in the US by a spammer. They refused to come before the court as "they do no business in Illinois, and are located in the UK...After this court ruling, Spamhaus.org was under a DDoS attack, in my opinion for the purpose of preventing users from reaching the information it provided about the court ruling. This was done along-side a Joe Job, sending fake email appearing to come from Spamhaus's CEO... more
An article in the September issue of Wired explores search spam and the role of .info domain names. The article, titled "Spam + Blogs = Trouble" is a good overview of the problems of search spam, blog spam, and other various forms of web activity designed to take advantage of search engines. (The article will be online September 5, but you can read it on page 104 of the print edition that is available to subscribers now). For those not versed in search spam, it's basically creating multiple websites, typically auto-generated by computers, to get good search rankings and then monetize the resulting search traffic through AdSense or affiliate programs. The article focuses much of its attention to splogs, or auto-generated blogs... more
Remember the old email hoax about Hillary Clinton pushing for email taxation? When we first heard AOL's plans for Goodmail today, we thought maybe the hoax had re-surfaced and a few industry reporters got hooked by it. But alas, this tax plan seems to be true. AOL has long held the leading standard in email whitelisting. Every email sender who cares about delivery has tried to keep their email reputation high so that they could earn placement on AOL's coveted Enhanced Whitelist. Now, AOL may be saying that those standards don't matter as much as a postage stamp when it comes to email delivery. more
There's been a lot of noise this week since the news broke about AOL and Goodmail, so I thought I'd take the opportunity to change the direction of the dialog a little bit. First, there are two main issues here, and I think it's healthy to separate them and address them separately. One issue is the merits of an email stamp system like the one Goodmail is proposing, relative to other methods of improving and ensuring email deliverability. The second issue -- and the one that got me started earlier this week - is the question of AOL making usage of Goodmail stamps a mandatory event, replacing its enhanced whitelist. more
Public consultations on the new "Internet Governance Forum" being created by the United Nations will be held in Geneva February 16-17. The Internet Governance Project has released a new discussion paper explaining how the Forum could work. The Forum must be as open as possible and give all stakeholders equal participation rights. Its deliberations must be wide-ranging and resist politically motivated barriers to discussion. And its products must feed into other, more authoritative Internet governance forums. more
Without commenting on the particulars as they relate to Goodmail -- especially since I am on the advisory board for Habeas, a competitor -- let me note that public discussion is largely missing the nature of the current Internet mail realities and the nature of the ways we can deal with them. There are two articles in the current issue of the Internet Protocol Journal, of which I wrote one, that provide some useful background about this reality. Simply put, Internet mail needs to sustain spontaneous communications... more
Cindy's piece on the EFF website seems to be a bit of a pastiche, with elements taken out of various articles (some outright wrong, some merely misinformed) that have been doing the rounds of the media for quite a while now about Goodmail. She started off comparing AOL and Goodmail with the old email hoax about congress taxing email. That same line was used in a CircleID post by Matt Blumberg, CEO & Chairman of Returnpath... Various other quotes from different places - Richard Cox from Spamhaus on CNN for example. However a lot of the quotes in those articles are being based on wrong or out of context assumptions, starting with one that goes "AOL is going to remove all its existing whitelists and force people to use Goodmail". more
Goodmail Systems made a big splash last week when AOL and Yahoo announced that they will be giving preferential treatment to mail that uses Goodmail's CertifiedEmail service, claiming (implausibly) that this has something to do with stopping spam... Since Goodmail charges senders for each message, some people see this as the end of e-mail as we know it. I have my concerns about Goodmail, but a lot of the concerns are either overblown or based on bad reporting... more
All those Internet Governance pundits who track ICANN the way paparazzi track Paris Hilton are barking up the wrong tree. They've mistaken the Department of Street Signs for the whole of the state. The real action involves words like rbldnsd, content filtering, and webs of trust. Welcome to the Internet! What's on the menu today? Spam, with some phish on the side! We've got email spam, Usenet spam, IRC spam, IM spam, Jabber spam, Web spam, blogs spam, and spam splogs. And next week we'll have some brand new VoIP spam for you. Now that we're a few years into the Cambrian explosion of messaging protocols, I'd like to present a few observations around a theme and offer some suggestions. more
In my recent write-up I start by discussing some recent threats network operators should be aware of, such as recursive DNS attacks. Then, a bit on the state of the Internet, cooperation across different fields and how these latest threats with DDoS also relate to worms and bots, as well as spam, phishing and the immense ROI organized crime sees. I try and bring some suggestions on what can be done better, and where we as a community, as well as specifically where us, the "secret hand-shake clubs" of Internet security fail and succeed. Over-secrecy, lack of cooperation, lack of public information, and not being secret enough about what really matters. more
I suppose not many have been listening to Paul Vixie or surfing from China, I have done both. The Chinese "alternate root" has been going on for a while. China is creating an alternate root, which it can control while using the Chinese language. I doubt I need to tell any of you about ICANN, VeriSign, Internet Governance, alternate roots or the history of these issues. Everyone else will. Unlike most of my colleagues, I hold a different opinion on the subject and have for some time. China launches an alternate root? It's about time they do, too! more
Paul McNamara quotes me extensively in this piece on the EFF protest of Goodmail. When I say "the EFF has lost its mind", i really mean "the EFF has lost its way". In the early days, the EFF was about preventing the government from ruining the Internet commons, and preventing the government from putting walls on the frontier. These days, the EFF is more about preventing companies who have no power to regulate from doing things the EFF doesn't like. That is a huge change, and one that makes the EFF much less worthy of support... more