Click the comments link on any
story to see comments or add your own.
Subscribe to this blog
Home :: Email
31 Oct 2014
Someone was asking who has the largest set of spamtraps;
I opined that nobody knows, since the people will the biggest ones
don't discuss the details. Also, it's not a very useful metric. There are spammers who only send to
specific large ISPS, so, say, Google would know all about them, and other people wouldn't see them at all.
Also, different kinds of spamtraps get different kinds of spam. I have three general kinds:
- Addresses that were never valid, typically invented by broken scrapeware that grabbed message IDs or
mangled addresses from web sites
- Abandoned addresses and domains, that may have been valid a decade or more ago, but only get spam now
- A depressingly large number of addresses given to well-known companies who then leaked them to spammers.
I also get a fair amount to real addresses that aren't spamtraps, but that are caught by filters or by
I haven't analyzed the spam profiles in detail but they're clearly different. For example, one ESP
doesn't appear on most people's spam radar, but they send me a great deal of spam (relative to my overall modest
volume.) That appears to be because they have a lot of poor quality lists with repurposed addresses, from senders
booted from more selective ESPs, and they're constantly hitting role addresses that aren't spamtraps, but should
never be on anyone's lists.
Trackback link is http://jl.ly/Email/spamflavor.trackback
08 Oct 2014
For reasons that should be obvious, a lot of people are
thinking about ways to make e-mail more secure, and harder
to spy on.
The most likely scenario is an improved version of PGP or S/MIME, two
existing encrypted mail systems, that let people publish their encryption
key, which correspondents use to encrypt mail so that only the recipient
can read it. While this is a significant improvement in privacy, it has
the problem that spam filters at the ISP can't read the mail either.
See more ...
Trackback link is http://jl.ly/Email/cryptospam.trackback
16 Jul 2014
The recent DMARC kerfluffle has brought
new attention to mail forwarders that send mail on behalf of
We've been giving a lot of thought to ways to tell nice forwarders
from nasty ones, so that mail systems can deliver mail from the nice
ones and filter the nasty ones.
It occurs to me that there are several scenarios for the way that forwarders
work, so I've collected them in a little chart.
See more ...
Trackback link is http://jl.ly/Email/fwdthreat.trackback
03 Jun 2014
DMARC is an anti-phishing scheme that was repurposed in April to
try to deal with the fallout from security breaches at AOL and Yahoo.
A side effect of AOL and Yahoo's actions is that a variety of bad things happen
to mail that has From: addresses at aol.com or yahoo.com, but wasn't sent from AOL or Yahoo's
own mail systems.
If the mail is phish or spam, that's good, but when it's mailing lists or
a newspaper's mail-an-article, it's no so good.
The mailing list community has been gnashing its teeth for the past month
trying to figure out the least bad ways to deal with the problem.
To keep track of all the ways of avoiding or limiting the damage, I've made a
on the ASRG wiki. (The ASRG is gone, but the wiki lives on.)
If I've missed anything, let me know and I'll update it.
Trackback link is http://jl.ly/Email/undmarc.trackback
28 Apr 2014
that crooks have stolen credentials and address books from some large number of
(They say 2%, but that's only the ones they know about so far.)
So we suggest you take some routine security precautions.
See more ...
Trackback link is http://jl.ly/Email/aolchange.trackback
My other sites
Who is this guy?
Airline ticket info
CASL Comes into Force
121 days ago
A keen grasp of the obvious
Progress in e-mail
43 days ago
Coalition Against Unsolicited Commercial E-mail
Network Abuse Clearinghouse