Internet and e-mail policy and practice
including Notes on Internet E-mail


2017
Months
JanFeb
Mar Apr
May Jun
Jul Aug
Sep Oct
Nov Dec

Click the comments link on any story to see comments or add your own.


Subscribe to this blog


RSS feed


Home :: Email

20 Dec 2016

DMARC and message wrapping Email

I have groused at length about the damage that anti-phishing technique DMARC does to e-mail discussion lists. For at least two years list managers and list software developers have been trying to figure out what to do about it. The group that brought us DMARC is working on an un-DMARC-ing scheme called ARC, which will likely help somewhat, but ARC isn't ready yet, and due to ARC's complexity it's likely that there will be many medium or small mail systems that enforce DMARC and can't or won't use ARC.

The Internet Engineering Task Force, which writes technical standards for the Internet, works primarily through discussion lists, and the pain from DMARC has gotten to the point where we may do something about it. So we've been doing some experiments.

See more ...


posted at: 00:03 :: permanent link to this entry :: 0 comments
Trackback link is https://jl.ly/Email/wrapme.trackback

29 Sep 2016

One-click unsubscription Email

Unsubscribing from mailing lists is hard. How many times have you seen a message "please remove me from this list," followed by two or three more pointing out that the instructions are in the footer of every message, followed by three or four more asking people to not send their replies to the whole list (all sent to the whole list, of course,) perhaps with a final message by the list manager saying she's dealt with it?

For marketing broadcast lists, it's even worse because there's no list to write to. Messages are supposed to have an unsubscribe link (required by law in most places) which usually works except when it doesn't, or it leads to a web page making incomprehensible demands ("click here unless you want not to be removed only from this sender's mail") so for a lot of users it's easier just to click the junk button until the messages go away.

See more ...


posted at: 18:26 :: permanent link to this entry :: 0 comments
Trackback link is https://jl.ly/Email/oneclick.trackback

17 Sep 2016

The kindness of strangers, or not Email

A few days ago I was startled to get an anti-spam challenge from an Earthlink user, to whom I had not written. Challenges are a WKBA (well known bad idea) which I thought had been stamped out, but apparently not.

The plan of challenges seems simple enough; they demand that the sender does something to prove he's human that a spammer is unlikely to do. The simplest ones just ask you to respond to the challenge, the worse ones like this one have a variety of complicated hoops they expect you to jump through.

What this does, of course, is to outsource the management of your mailbox to people who probably do not share your interests.

See more ...


posted at: 20:45 :: permanent link to this entry :: 0 comments
Trackback link is https://jl.ly/Email/badchallenge.trackback

05 Sep 2016

An e-mail authorization cheat sheet Email

A friend (really) asked for advice about what to say about mail authorization to people setting up new mail systems, particularly in parts of the world where networks are relatively new and staff less experienced.

Phish targets

The first question is are you a phish target? There's two parts to this question.

See more ...


posted at: 15:17 :: permanent link to this entry :: 0 comments
Trackback link is https://jl.ly/Email/authcheat.trackback

27 Oct 2015

What's ARC? Email

DMARC is an anti-phishing technique that AOL and Yahoo repurposed last year to help them deal with the consequences of spam to (and apparently from) addresses in stolen address books. Since DMARC cannot tell mail sent through complex paths like mailing lists from phishes, this had the unfortunate side effect of screwing up nearly every discussion list on the planet.

Last week the DMARC group published a proposal called ARC, for Authenticated Received Chain, that is intended to mitigate the damage. What is it, and how likely is it to work?

See more ...


posted at: 23:43 :: permanent link to this entry :: 1 comments
Trackback link is https://jl.ly/Email/arc1.trackback

Topics


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

CAUCE
Chart of Legal Actions taken under CASL
13 days ago

A keen grasp of the obvious
A little musical history
236 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse



© 2005-2015 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.