Internet and e-mail policy and practice
including Notes on Internet E-mail


2015
Months
Aug
Sep Oct
Nov Dec

Click the comments link on any story to see comments or add your own.


Subscribe to this blog


RSS feed


Add to My Yahoo!

Home :: Email

15 Jun 2015

The cycle of e-mail security Email

Stepping back from the DMARC arguments, it occurs to me that there is a predictable cycle with every new e-mail security technology.

1. Invention and enthusiasm

Someone invents a new way to make e-mail more secure, call it SPF or DKIM or DMARC or (this month's mini-fiasco) PGP in DANE. Each scheme has a model of the way that mail works. For some subset of e-mail, the model works great, for other mail it works less great.

See more ...


posted at: 23:22 :: permanent link to this entry :: 0 comments
Trackback link is http://jl.ly/Email/cycle.trackback

11 May 2015

The theory of e-mail reputation Email
The IETF is once again wrestling with e-mail authentication and reputation, this time in the context of
DMARC, particularly the long running issue of DMARC vs. mailing lists. We have a bunch of proposals with various techniques of signing messages, asking various parties who is authorized to send what. Some of them seem workable, but a lot aren't. I have found that a few basic rules that apply to any reputation scheme make it a lot easier to evaluate whether a proposal can work.

See more ...


posted at: 00:06 :: permanent link to this entry :: 0 comments
Trackback link is http://jl.ly/Email/theoryrep.trackback

13 Jan 2015

When DNSBLs go bad Email
I have often remarked that any fool can run a DNSBL and many fools do so. Since approximately nobody uses the incompetently run BLs, they don't matter. Unfortunately, using a DNSBL requires equally little expertise, which becomes a problem when an operator wants to shut down a list.

See more ...


posted at: 23:47 :: permanent link to this entry :: 0 comments
Trackback link is http://jl.ly/Email/deadbls.trackback

30 Dec 2014

Dave Crocker and I try and figure out if we've solved the spam problem yet. Email

Dave Crocker, author of many of the standards documents that e-mail depends on, and I were at the M3AAWG meeting in Brussels in June when they asked us to step into an impromptu video studio and talk about how e-mail has changed over the past several decades, and whether we're winning the war on spam.

If you want to skip the muzak in the intro, we start talking at :48.


posted at: 21:33 :: permanent link to this entry :: 0 comments
Trackback link is http://jl.ly/Email/m3aawgvideo.trackback

12 Nov 2014

Does spam filtering require insecure mail? Email
A
press release from the EFF complains that some Internet service providers are preventing their users from sending mail over a private encrypted channel, which is bad. While a few ISPs do that, the story is more complex.

See more ...


posted at: 23:57 :: permanent link to this entry :: 0 comments
Trackback link is http://jl.ly/Email/tlsfilter.trackback

Topics


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

CAUCE
The Case of Spamford Wallace: Guilty at Last!
5 days ago

A keen grasp of the obvious
Caption contest
68 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse



© 2005-2015 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.