Internet and e-mail policy and practice
including Notes on Internet E-mail


2014
Months
JulAug
Sep Oct
Nov Dec

Click the comments link on any story to see comments or add your own.


Subscribe to this blog


RSS feed

Add to My Yahoo!

Subscribe with Bloglines


[Valid RSS]

Home

16 Jul 2014

The mail forwarding threat model Email
The recent
DMARC kerfluffle has brought new attention to mail forwarders that send mail on behalf of other people. We've been giving a lot of thought to ways to tell nice forwarders from nasty ones, so that mail systems can deliver mail from the nice ones and filter the nasty ones. It occurs to me that there are several scenarios for the way that forwarders work, so I've collected them in a little chart.

See more ...


posted at: 19:42 :: permanent link to this entry :: 0 comments
Trackback link is http://jl.ly/Email/fwdthreat.trackback

05 Jul 2014

Why Iran is not going to lose the .IR domain ICANN

Press reports say:

A United States court on Tuesday effectively awarded a group of American and Israeli victims of Iranian terror the rights to the .ir domain, the suffix used to identify Iranian websites, along with all of Iran's IP addresses.
While the court and the lawsuit are real, it is extremely unlikely that .IR is going anywhere.

See more ...


posted at: 17:16 :: permanent link to this entry :: 0 comments
Trackback link is http://jl.ly/ICANN/irtld.trackback

26 Jun 2014

What the Aereo decision actually said Copyright Law

Aereo is (was?) a system with a large array of tiny TV antennas, each of which is assigned to a customer who can pick a channel and record it on a remote DVR system and/or stream it through the Internet. TV networks claimed they had to pay for retransmission like a CATV system. The Supreme Court decided yesterday in the networks' favor.

I'm not a constitutional law scholar, but I play one on the net, so ...

See more ...


posted at: 22:02 :: permanent link to this entry :: 1 comments
Trackback link is http://jl.ly/Copyright_Law/aereo.trackback

03 Jun 2014

Dealing with DMARC Email

DMARC is an anti-phishing scheme that was repurposed in April to try to deal with the fallout from security breaches at AOL and Yahoo. A side effect of AOL and Yahoo's actions is that a variety of bad things happen to mail that has From: addresses at aol.com or yahoo.com, but wasn't sent from AOL or Yahoo's own mail systems. If the mail is phish or spam, that's good, but when it's mailing lists or a newspaper's mail-an-article, it's no so good.

The mailing list community has been gnashing its teeth for the past month trying to figure out the least bad ways to deal with the problem.

To keep track of all the ways of avoiding or limiting the damage, I've made a page on the ASRG wiki. (The ASRG is gone, but the wiki lives on.)

If I've missed anything, let me know and I'll update it.


posted at: 23:26 :: permanent link to this entry :: 0 comments
Trackback link is http://jl.ly/Email/undmarc.trackback

24 May 2014

Why do we accept $10 security on $1,000,000 data? Internet

Last week we heard of yet another egregious security breach at an online provider, as crooks made off with the names, address, and birth dates of eBay users, along with encrypted passwords. They suggest you change your password, which is likely a good idea, and you better also change every other place you used the same password. But that's not much help since you can't change your name, address, and birth date, which are ever so handy for phishing and identity theft.

There is plenty not to like about the way that eBay handled it, but a more important question is why we tolerate big allegedly sophisticated companies treating our personal information so casually.

See more ...


posted at: 23:06 :: permanent link to this entry :: 0 comments
Trackback link is http://jl.ly/Internet/badsec.trackback

Topics


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

CAUCE
CASL Comes into Force
22 days ago

A keen grasp of the obvious
Applying the Hobby Lobby decision
19 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse



© 2005-2014 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.