Click the comments link on any
story to see comments or add your own.
Subscribe to this blog
RSS feed
|
Home
26 Dec 2011
An interesting new paper from the
Naval Postgraduate School
(paper here,
conference slides here)
describes what appears to be an interesting new twist on spam filtering, looking at the
characteristics of the TCP session through which the mail is delivered.
See more ...
Stable link is https://jl.ly/Email/tcpfilter.html
17 Dec 2011
ICANN has an obscure process called Zone File Access, which lets
you get access to each top-level domain's zone file, which lists all
of its
second-level domains. I asked for access to .XXX several months ago, and my
password arrived this afternoon.
See more ...
Stable link is https://jl.ly/ICANN/xxxzone.html
14 Dec 2011
A year and a half ago I blogged about my Capital One
credit card's
payment checks
sent along with the monthly statement, that offered a free loan for about 45 days.
Early last year I stopped because they sometimes bounce the checks
even though the online statement says there's plenty of credit.
Since then, they stopped sending the checks, but I found that I could point and click
on their web site and have them mail me a check, payable to me.
See more ...
Stable link is https://jl.ly/Money/freeupdate.html
07 Dec 2011
Last month I blogged about
greylisting, a well-known anti-spam technique for rejecting spam sent
by botnets. When a mail server
receives a an attempt to deliver mail from an IP address that's never sent
mail before, it rejects the message with a "soft fail" error which
tells the sender to try again later. Real mail senders always retry,
badly written spamware often doesn't.
I found that even though everyone knows about greylisting, about
2/3 of IPs don't successfully retry.
See more ...
Stable link is https://jl.ly/Email/grey11a.html
21 Nov 2011
Manwin Licensing is a Luxembourg company that turns out to manage a large
fraction of the mainstream porn available on the Internet.
They run websites including youporn.com (widely agreed to be the most
popular porn site on the Net) as well as Playboy's online and TV properties.
This week they and Digital Playground, a producer of porn video,
sued ICANN and the ICM registry, which runs .XXX, on
anti-trust grounds.
In theory, .XXX was authorized by ICANN following the same rules as all
of the other sponsored TLDs such as the uncontroversial .COOP and .AERO.
Do they have a case?
See more ...
Stable link is https://jl.ly/ICANN/manwinsuit.html
19 Nov 2011
J D Falk, one of the best known people in the e-mail industry, died this
week from cancer. Despite his youth (20 years younger than me) he had worked
for nearly every important e-mail company, and accomplished as much
as anyone.
I couldn't possibly write as fine a remembrance as the one that Neil
Schwartzman did, so please read it
here.
Stable link is https://jl.ly/Email/jdfalk.html
15 Nov 2011
In a press release
earlier this week, a long list of large US businesses and trade associations
announced the formation of the Coalition for Responsible Internet Domain Oversight or CRIDO.
It has long been apparent to me that ICANN stopped listening
to all of the reasons that a flood of new TLDs is a bad idea,
mesmerized by a combination of lobbying by parties that stand to profit
from them, and the prospect of a torrent of cash for ICANN itself.
It is a complete waste of time to try to use ICANN's own processes
to make them stop and
reconsider or even slow down a little.
Although ICANN fancies itself to be a global-scope
bottom-up, multi-stakeholder,
consensus-based (is that enough hyphens?) organization, in fact it is
a California not-for-profit corporation subject to US law.
So the key facts about CRIDO are that a) they're in the US, and b)
they represent organizations with a great deal of money and a great deal to
lose from new TLDs.
CRIDO clearly exists to force ICANN to defend its new TLD plans in US
courts, and I look forward to the discovery stage in which we will with
any luck learn more about the conflicts of interest by
ICANN board and staff.
Will we, for example, find out
whether former ICANN board chair Peter Dengate Thrush already had a job offer
from domain consultants Minds+Machines when he voted to approve new
TLDs? Stay tuned.
Stable link is https://jl.ly/ICANN/crido.html
09 Nov 2011
Greylisting is a hoary technique for rejecting spam sent by botnets and other poorly
written spamware.
When a mail server receives an attempt to deliver mail from a hitherto unseen
sending host IP address, it rejects the message with a "soft fail" error which tells the
sender to try again later.
Real mail software does try again, at which point you note that the host knows
how to retry and you don't greylist mail from that IP again.
The theory is that spamware doesn't retry, so you won't get that spam.
I wrote a paper on it for the 2005 CEAS conference, and concluded that conservative
greylisters worked well.
We've now been using greylisting for close to a decade, and some people have
argued that it's no longer useful, since the bad guys could easily fix their
spamware to retry, or since bots are so cheap, they could just send everything
twice. So does it still work?
See more ...
Stable link is https://jl.ly/Email/grey11.html
18 Oct 2011
Mainsleaze is nerdy slang for spam sent by large, well-known,
otherwise reputable organizations.
Although the volume of mainsleaze is dwarfed by the volume of spam
for fake drugs, account phishes, and Nigerian 419 fraud, it causes
work for mail managers far out of proportion to its volume.
See more ...
Stable link is https://jl.ly/Email/mainsleaze.html
10 Oct 2011
A friend whose daughter just had yet another credit card cancelled and reissued
due to online fraud asked me what she did that let bad guys steal her
credit card.
The answer is probably nothing. Bank security stinks,
and large company security stinks more.
For example, a few years ago someone stole 45 million card numbers from TJ
Maxx, cards which as far as I can tell, the customers swiped at the
register and never left their hands. Banks are figuring out that they
need to do better, but they are ponderous, timid, and move in herds, so
change comes slowly. I've seen estimates from well-informed people that
crooks may have something like half of all credit card numbers issued in the US.
See more ...
Stable link is https://jl.ly/Money/cards.html
22 Sep 2011
I was most displeased to find the message below in my spam folder today.
It was sent by Responsys on behalf of Symantec. I know it is real because
it has a valid DKIM signature from symantec-corporation.com.
See more ...
Stable link is https://jl.ly/Email/symantec.html
17 Sep 2011
In previous
installments
we've been looking at aspects of the design of the DNS.
In today's grand finale we look at the the subtle but very knotty issue of names inside and outside the DNS.
See more ...
Stable link is https://jl.ly/Internet/dnsdesign8.html
08 Sep 2011
In the
previous
installments, we've been looking at aspects of the design of the DNS.
Many databases go to great effort to present a globablly consistent
view of the data they control, since the alternative is to lose
credit card charges and double-book airline seats.
The DNS has never tried to to that. The data is roughly consistent,
but not perfectly so.
See more ...
Stable link is https://jl.ly/Internet/dnsdesign4.html
In the previous installments, we looked at the overall design
of the DNS and the way DNS name matching works.
The DNS gains considerable administrative flexibility from its delegation structure.
Each zone cut, the place in the DNS name tree where one set of DNS servers hands off to
another, offers the option to delegate the administration of a part of the DNS
at the delegation point. But for the delegation to work well, the delegation
structure has to match the name structure.
See more ...
Stable link is https://jl.ly/Internet/dnsdesign3.html
Over the past 30 years the Domain Name System has become an
integral part of the operation of the Internet. Due to its ubiquity and good performance, many
new applications over the years have used the DNS to publish information. But as the DNS and
its applications have grown farther from its original use in publishing information about
Internet hosts, questions have arisen about what applications are appropriate for publication
in the DNS, and how one should design an application to work well with the DNS.
See more ...
Stable link is https://jl.ly/Internet/dnsdesign1.html
07 Sep 2011
In the
previous
four
installments, we've been looking at aspects of the design of the DNS.
Today we look at the amount of data one can ask the DNS to store and to serve to clients.
See more ...
Stable link is https://jl.ly/Internet/dnsdesign5.html
In the
five
previous
exciting
installments, we've been looking at aspects of the design of the DNS.
Today we look at records types, and how you can tell what a DNS record means.
See more ...
Stable link is https://jl.ly/Internet/dnsdesign6.html
06 Sep 2011
In previous
installments
we've been looking at aspects of the design of the DNS.
Today we look at the relationship of similar names in the DNS.
See more ...
Stable link is https://jl.ly/Internet/dnsdesign7.html
26 Aug 2011
In the previous installment, we looked at the overall design
of the DNS.
Today we'll look at the ways it does and does not allow clients to look up data by name.
See more ...
Stable link is https://jl.ly/Internet/dnsdesign2.html
17 Aug 2011
I've never claimed to be a marketing expert, but sometimes people
leave me no choice.
Last week I got a note from a friend who works at a national
non-profit which is an umbrella organization for many local chapters,
which we'll call the ABC.
(The details are disguised for reasons that will shortly be apparent.)
The national organization has contact information for most of the
chapter members, so they can send them the magazine. They've asked for
e-mail addresses, although they haven't done much with them so far.
They also run mailing lists for the chapter officers and the like.
So in last week's note, the friend said that they were thinking of
starting an online newsletter, and would it be OK to send it to
every address they have, or at least send an invitation to every
address they have?. Of course not, that's Bad Marketer Syndrome.
See more ...
Stable link is https://jl.ly/Email/bms.html
10 Jul 2011
In our last installment we discussed MIME,
Unicode and UTF-8, and IDNA, three things that have brought the Internet
and e-mail out of the ASCII and English only era and closer to fully
handling all languages. Today we'll look at the surprisingly difficult
problems involved in fixing the last bit, internationalized e-mail
addresses.
See more ...
Stable link is https://jl.ly/Email/i18n2.html
In our last
installments we discussed the various ways to
encode non-ASCII character sets, of which UTF-8 is the winner, and some complex
approaches that tried to make UTF-8 mail backward compatible with ASCII mail.
After years of experiments, the perhaps surprising consensus is that if you're
going to do international mail, you just do it.
See more ...
Stable link is https://jl.ly/Email/i18n3.html
08 Jul 2011
Back when the Internet was young and servers came with shovels (for
the coal), everyone on the net spoke English, and all the e-mail was in
English.
To represent text in a computer, each character needs to have a numeric
code. The most common code set was (and is) ASCII, which is basically
the codes used by the cheap, reliable Teletype printing
terminals everyone used as their computer consoles.
ASCII is a seven bit character code, code values 0 through 127,
and it includes upper and lower case letters
and a reasonable selection
of punctuation adequate for written English. It also includes some obscure
characters, such as @ which was chosen for the middle of e-mail addresses
in part because it was on the ASCII keyboard and otherwise not much used.
But nearly every other written language requires characters outside the
ASCII set. On the modern Internet, mail users live in every country in
the world and write in a vast array of languages, and e-mail has been slowly
evolving to handle everyone else's language.
In today's note I'll describe the changes already made to Internet mail
to handle other languages, and in the next message I'll describe the work
in progress to handle the last missing parts.
See more ...
Stable link is https://jl.ly/Email/i18n.html
04 Jul 2011
In a previous message we looked at
the question of how hard it will be to get IPv4 address space once the
original supply runs out. Today we'll look at the other end of the
question, how much v4 address space do people really need?
The end to end principle says, more or less, that all computers
on the Internet are in principle the same, any of them can be a
server, any can be a client, and the Net should just be a dumb pipe
between them, allowing people to invent new applications without
having to get permission from, or even notify anyone in between.
While this idea has great appeal, for consumers Internet connections,
it's much more common to have several kinks in the pipe.
See more ...
Stable link is https://jl.ly/Internet/v6incor2.html
Every packet of data sent over the Internet is sent from one IP address
to another. The IP addresses in the Internet serve somewhat the same
function as phone numbers in the US phone system, fixed length numeric
identifiers where the first part tells
what network the address is on. Since the dawn of the Internet in the
early 1980s, the IP addresses in use have been IPv4, 32 bit addresses
which means there are about 4 billion of them.
Unless you've been living under a rock, you've doubtless seen reports
that the supply of IPv4 addresses is running out. Earlier this month
IANA, the master allocation authority, handed out
the last so-called /8, a large chunk of 16 million
addresses, to one of the regional address
registries, and sometime months or perhaps a few years after that,
the registries will hand out the last pieces of their chunks.
Then what?
The conventional wisdom is that everyone needs to support IPv6, a mostly
compatible upgrade to IPv4 with much larger addresses, by the time the
v4 space runs out. But I'm not so sure, particularly for e-mail.
See more ...
Stable link is https://jl.ly/Internet/v6incor.html
27 Jun 2011
On June 20th, the ICANN board voted to move ahead with the New gTLDs
program, intended to add hundreds if not thousands of new names to
the DNS root. Now what? Not even the most enthusiastic ICANN supporters
think that any new TLDs will be added before the end of 2012, but there
are other things going on that greatly complicate the outlook.
See more ...
Stable link is https://jl.ly/ICANN/tldchess.html
17 Jun 2011
In most parts of the world, people tend to use domain names in their
country's top level domain. In the UK, it's whatever.co.uk, in
Canada, it's whatever.ca, in Japan it's whatever.co.jp, and so forth.
But in the US, most people use .COM rather than .US. Why?
Back in 1992 and 1993, the then-powers that be in the Internet (mostly
Jon Postel) decided to arrange the .US domain in a tidy geographic way.
As laid out in
RFC 1386
and
RFC 1480,
all registrations had to be of the form
<name>.<place>.st.us, such
as IBM.ARMONK.NY.US (an example they used.) Government agencies had
their own pseudo-places, e.g., WWW.STATE.NY.US.
The place names were cities, towns, counties, and such, with reasonable
abbreviations allowed such as NYC.NY.US.
See more ...
Stable link is https://jl.ly/Internet/commreg.html
16 Jun 2011
I've been watching at the excitement build in the domain community, where
a lot of people seem to believe that at next month's Singapore meeting,
by golly, this time ICANN will really truly open the floodgates and
start adding lots of new TLDs.
I have my doubts, because there's still significant issues with the GAC
and the US Government and ICANN hasn't yet grasped the fact that
governments do not defer to NGOs, but let's back up a little and ask
whether this is a good idea.
I see four arguments in favor of new TLDs:
- More competition
- More Innovation!
- ICANN promised they would in 1998
- Lots of money
See more ...
Stable link is https://jl.ly/ICANN/boondoggle.html
03 Jun 2011
Bitcoin, for anyone who's not up
on their techno-trends, is this year's hot trendy digital payment system.
Its main claim to fame is that it is peer-to-peer, not depending on a
central bank to issue or validate the "coins", actually blobs of
cryptographically signed bits.
This makes it both fairly anonymous and hard to manipulate (at least in
the ways that real money is manipulated), making it a darling of
anarcho-libertarians.
A lot of people have opined on its merits, most notably
this Quora message.
I took a look at the design of Bitcoin, which
is credited to "Satoshi Nakamoto". Nobody seems to know who he is (or who
they are), but he definitely knows his crypto. As a piece of cryptographic
software design, it's quite clever. As a system you might want to use to
pay for stuff, it's hopeless.
See more ...
Stable link is https://jl.ly/Money/bitcoin.html
01 Jun 2011
For many years, the Cornell Legal
Information Institute (LII) has been a premier source of reference
information about laws in the US and elsewhere.
It's been around so long that in its early days, they wrote
the first Windows web browser,
Cello, so non-Unix users could get to the site.
One day last year, LII
director Tom Bruce and I were talking over
breakfast, and noted that there was no authoritative online source of
legal information about spam and e-mail, something that the LII and
CAUCE are, together, uniquely qualified to create. The Inbox Project
is a new section of the LII web site, meeting that need.
See more ...
Stable link is https://jl.ly/Email/inbox.html
15 May 2011
It's no secret that the supply of IPv4
addresses, on which the Internet has been based since the dawn of
digital time, is rapidly running out. The official replacement is
much larger IPv6 addresses,
but I can report from experience that the task of switching is
not trivial, and for a long time there will be a lot of the net that's
only on IPv4. So once the initial supply of IPv4 addresses run out,
and the only way to get some is to buy them from someone else, what
will the market be like?
See more ...
Stable link is https://jl.ly/Internet/ipmoney.html
28 Apr 2011
It's been a very bad month for ESPs, companies that handle bulk mailings
for their clients.
Several of them have had internal security breaches, leaking client information,
client mailing lists, or both.
Many have also seen clients compromised, with the compromised credentials
used to send spam.
The sequence of events sugests all the ESPs whose clients were compromised
were themselves compromised first. (That's how the crooks knew who to
attack.)
The Online Trust Alliance published some guidelines, that offer mostly good
advice.
So what should ESPs do now?
See more ...
Stable link is https://jl.ly/Email/espnext.html
21 Apr 2011
Emailvision is a bulk mail company in the suburbs of Paris, France. They are,
in my experience, almost uniquely inept. Nearly all of the mail they send to
my users is clearly spam, sent to addresses on stolen, scraped, or resold lists,
which is pretty impressive in France, a country where selling individuals' personal
information is illegal.
See more ...
Stable link is https://jl.ly/Email/emailvis.html
19 Apr 2011
When last we saw the Holomaxx case,
in which a bulk mailer in Pennsylvania sued Microsoft and Yahoo in
separate cases for not delivering their mail on the legally absurd theory
that Microsoft and Yahoo are required to deliver mail from random spammers
who claim to be CAN SPAM compliant,
the judge threw the case
out, but gave them the option to amend their complaint and try again.
They've refiled against Yahoo, with the main difference being that
they added out of context quotations from a MAAWG document that doesn't say what
Holomaxx wishes that it said.
At this point, the main question is how
much more of his time the judge will allow them to waste before he
shuts them down for good.
Word to the Wise has a more detailed analysis and a link
to the amended complaint.
Stable link is https://jl.ly/Email/holo4.html
This spam showed up in one of my user's mailboxes earlier today. It was
sent from Cheetahmail, a large Email Service Provider, easily
verified by checking the sending IP address It is not an ad for Adobe
and the URL, which you should definitely not visit, is located in
China, and shows a fake Adobe web page which invites you to download a fake
Adobe Reader update which is in fact malware. The headers in the message
suggest that someone used a Cheetamail client's credentials to log in
and create and send this spam in large quantities. (My tiny network
got four of them, three of them to spamtrap addresses.)
See more ...
Stable link is https://jl.ly/Email/chspam.html
07 Apr 2011
I've belonged to LinkedIn for
a long time, long enough to have collected over 500 connections, all
to people I at least sort of know. It's sometimes useful. So why am I
about ready to block all their mail as spam?
See more ...
Stable link is https://jl.ly/Email/linkspam.html
03 Apr 2011
I didn't get to the San Francisico ICANN meeting, but my friend
J.D. Falk did.
Don't miss Impenetrable Processes and Fool's Gold at ICANN, his report of what he found there.
Stable link is https://jl.ly/ICANN/jdsf.html
24 Mar 2011
The Google book settlement has been grinding through the courts since
the Authors' Guild and Association of American Publishers (AAP)
sued them in a class action in 2005, and
they came to a tentative settlement in 2008.
Yesterday Judge Denny Chin once again rejected the proposed settlement,
with a strong hint about how to fix it.
Fortunately for the American public, Judge Chin is an excellent judge
with a deep understanding of the issues, and his
opinion
makes it clear what all the problems with the proposed settlement are.
See more ...
Stable link is https://jl.ly/Copyright_Law/googrej.html
19 Mar 2011
At Friday's board meeting, ICANN once again narrowly approved the
contentious .XXX domain intended for pornography. What this vote
primarily shows is that ICANN's processes have been broken for a long
time, and aren't getting fixed.
See more ...
Stable link is https://jl.ly/ICANN/xxx11.html
05 Mar 2011
A friend (yes, really) asks that if someone sends you an anonymous
e-mail message, how anonymous is it?
That depends how skilled they are.
See more ...
Stable link is https://jl.ly/Internet/anony.html
02 Mar 2011
In two previous
messages we looked at
the question of how hard it will be to get IPv4 address space once the
original supply runs out, and how much v4 address space people really need.
Today we look at e-mail and IPv6.
Of all the applications on the net, mail is probably the one that is
least affected by NAT, and will be
the least affected by running out of v4 addresses. For one thing, mail
doesn't need a whole lot of IP addresses. You can easily put 10,000 users
behind mail servers on a single IP, and even a giant mail system is
unlikely to need more than a few hundred IPs. (For example, all of
Hotmail's inbound servers sit behind 24 IPs.) So even if you had to go
buy addresses for your v4 mail servers, you wouldn't have to buy very
many.
See more ...
Stable link is https://jl.ly/Internet/v6incor3.html
13 Feb 2011
For a very long time, predating the birth of ICANN, there's been a
running battle about what should be required when one registers domain
names. To oversimplify quite a lot, one side sees domain names as an
essential component of free speech, so anyone should be able to
register any domain without limit, the other notes that they're primarily used
for commercial purposes and they enable quite a lot of mischief,
so the more control, the better. This has led to endless skirmishes
about the WHOIS service, one side wanting to abolish it or make it
as hard as possible to get info about registrants,
the other wanting ICANN to enforce
the widely ignored rules that every domain is supposed to have accurate
contact info.
Back in 1995, before the current shape of the net was clear, the
domains as speech argument sort
of made sense. It wasn't clear how dominant the web would be, and
search engines weren't widely available, so many people still thought
that the DNS would be used as the Internet's directory, an approach
that top-level domains like .MUSEUM and .TRAVEL tried with a total
lack of success. But it's not 1995 any more.
See more ...
Stable link is https://jl.ly/ICANN/not95.html
12 Jan 2011
Last September
MySpace sued ur-spammers
Sanford "Spamford" Wallace and Walt "Pickle Jar" Rines
for egregious violations of CAN SPAM.
After some early skirmishes involving an expert for Wallace so unqualified
that the judge threw out his testimony, Wallace and Rines stopped responding,
so as was widely reported, earlier this week
the court granted a default judgement.
Since they sent a lot of spam, the statutory damages came to an
enormous $235 million.
Even for Spamford, that's a lot of money.
See more ...
Stable link is https://jl.ly/Email/spamford2.html
09 Jan 2011
Every day we get mail with text like this at the bottom:
This E-mail and any of its attachments may contain [big company]
proprietary information, which is privileged, confidential, or subject to
copyright belonging to [big company]. This E-mail is intended solely for
the use of the individual or entity to which it is addressed. If you are not
the intended recipient of this E-mail, you are hereby notified that any
dissemination, distribution, copying, or action taken in relation to the
contents of and attachments to this E-mail is strictly prohibited and may be
unlawful. If you have received this E-mail in error, please notify the
sender immediately and permanently delete the original and any copy of this
E-mail and any printout.
Why do people put those tags on their mail? And do they mean
anything? I can't answer the first question, but the answer
to the second is definitely No.
See more ...
Stable link is https://jl.ly/Internet/confid.html
08 Jan 2011
On Dec 23, Yahoo responded to the silly
Holomaxx lawsuit.
Their analysis agrees with mine: every claim is wrong, and the suit
has no merit at all.
This doesn't mean that I'm a brilliant legal analyst.
It just means that the issues are obvious.
Laura at Word to the Wise
goes
through the response and we all agree, they have no case.
Stable link is https://jl.ly/Email/holohoo.html
03 Jan 2011
Leon and Clara Walker live near Detroit, divorced on Dec 14,
and clearly should never have gotten married in the first place.
The case is a messy one with multiple ex-husbands and child custody battles,
but its basic facts seem not to be in dispute.
See more ...
Stable link is https://jl.ly/Email/divorcemail.html
|
Topics
My other sites
Who is this guy?
Airline ticket info
Taughannock Networks
Other blogs
CAUCE It turns out you don’t need a license to hunt for spam. 206 days ago
A keen grasp of the obvious Italian Apple Cake 764 days ago
Related sites
Coalition Against Unsolicited Commercial E-mail
Network Abuse Clearinghouse
My
Mastodon feed
|