Internet and e-mail policy and practice including Notes on Internet E-mail

←2019→ Months Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Click the comments link on any story to see comments or add your own. Subscribe to this blog RSS feed

Home :: Email 28 May 2019 What does it mean to Deploy DMARC? Email The IETF's DMARC working group is thinking about a maintenance update to the DMARC spec, fixing bits that are unclear and perhaps changing it where what mail servers do doesn't exactly agree with what it says. Someone noted that a lot of mailers claim to have ``deployed DMARC'', and it's not at at all clear what that really means. See more ... posted at: 23:32 :: permanent link to this entry :: 0 comments Stable link is https://jl.ly/Email/dmarcwhat.html 03 May 2018 Choosing Internationalized E-mail addresses Email Recently I've been working on EAI mail, looking at what software is available (Gmail and Outlook/Hotmail both handle it now) and what work remains to be done. A surprisingly tricky part is assigning EAI addresses to users. In traditional ASCII mail, the local part of the address, what goes before the @ sign, can be any printable ASCII characters. Although an address like %i()/;~f@examp1e.com is valid, and mail systems will handle it, users don't want addresses like that. A good address is one that is easy to remember, easy to tell someone over the phone, and easy to type. Mail systems all give senders some help when interpreting addresses. If an address is Bob@example, they'll accept bob@ or BOB@. If the address is joe.smith@, they'll accept Joe.Smith@ and often variations in punctuation like joesmith@ without the dots. The flip side of this is that you don't assign different addresses that are too similar. While it is techincally possible that BOB@ and bob@ could deliver to different mailboxes, nobody does that. Similarly, nobody makes joesmith@ and joe.smith@ different. (They may not both work, but if they do, they're the same mailbox.) The domain (the part of the address after the @ sign) has to follow the DNS rules, which don't allow any fuzzy matching other than ASCII upper and lower case. How does all this extend into EAI mail? See more ... posted at: 14:24 :: permanent link to this entry :: 0 comments Stable link is https://jl.ly/Email/eaiaddr.html 21 Apr 2017 Craigslist gets a $40 million CAN-SPAM judgment Email Classified ad site craigslist is famously protective of its contents. While they are happy for search engines like Google to index the listings, they really, really do not like third parties to scrape and republish their content in other forms. In 2013 craigslist sued a company called 3taps which had created an API for craigslist data. They also sued real estate site Padmapper, which showed craigslist and other apartment listings on a map, something craigslist didn't do at the time. After extensive legal wrangling, 3taps eventually gave up and in 2015 paid craigslist $1 million and shut down. Craigslist donated the money to the EFF which was a little odd since the EFF had generally supported 3taps. One of 3taps' other customers was another real estate site Radpad, which kept showing craigslist listings after 3taps shut down. See more ... posted at: 23:37 :: permanent link to this entry :: 0 comments Stable link is https://jl.ly/Email/radpad.html 26 Jan 2017 One-click unsubscription is now an RFC Email In September I wrote about a proposal to allow one-click unsubscriptions from mailing lists without user interaction. After taking a rather tortuous path through the IETF, it's now been issued as RFC 8058. The changes since September are quite minor, mostly tightening up some details to prevent various attacks from fake unsub requests. Now that it's official, I expect email service providers will start implementing it, and we'll have an arguably better alternative to mail feedback loops to tell mailers when their mail is unwanted. posted at: 18:41 :: permanent link to this entry :: 0 comments Stable link is https://jl.ly/Email/oneclickrfc.html 20 Dec 2016 DMARC and message wrapping Email I have groused at length about the damage that anti-phishing technique DMARC does to e-mail discussion lists. For at least two years list managers and list software developers have been trying to figure out what to do about it. The group that brought us DMARC is working on an un-DMARC-ing scheme called ARC, which will likely help somewhat, but ARC isn't ready yet, and due to ARC's complexity it's likely that there will be many medium or small mail systems that enforce DMARC and can't or won't use ARC. The Internet Engineering Task Force, which writes technical standards for the Internet, works primarily through discussion lists, and the pain from DMARC has gotten to the point where we may do something about it. So we've been doing some experiments. See more ... posted at: 00:03 :: permanent link to this entry :: 0 comments Stable link is https://jl.ly/Email/wrapme.html

Topics Copyright Law - 21 Email - 222 ICANN - 128 Internet - 60 Money - 31 Security - 2 My other sites Who is this guy? Airline ticket info Taughannock Networks Other blogs CAUCE CSA recap: CAUCE discusses international email and security 56 days ago A keen grasp of the obvious My high security debit card 186 days ago Related sites Coalition Against Unsolicited Commercial E-mail Network Abuse Clearinghouse

© 2005-2018 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.