Jul
13

Wednesday’s Word(s) of The Week: Spear Phishing


tom sather
By Tom Sather
Director, Professional Services

I’d like to dive into another security topic that everyone needs to be aware of, one that most people have been a target of, and that no one wants to be a victim of, namely spear phishing. Spear phishing is a highly targeted attack towards an individual that uses things like personalization and often uses a spoofed From: address that is recognizable to the recipient, like an email from your husband or wife asking for your social security number for benefits enrollment, when it’s actually not your husband or wife, but a fraudster.

Tell me more

Categories: Best Practices News View Comments

Jul
7

Word of the Week: Security


tom sather
By Tom Sather
Director, Professional Services

The past week had some announcements in the email security realm and how email providers are helping to secure the channel for everyone involved. Here are some of the more noteworthy articles and blogs to share on the topic.

Tell me more

Categories: Commentary Return Path View Comments

Apr
28

Join Me for Email Authentication Training at the Online Trust Alliance Academy


georgebilbrey
By George Bilbrey
Co-Founder, President

I’m headed off to Chicago next week, excited to attend the OTA Academy training program. The OTA Academy is a comprehensive full-day email authentication training program designed to aid email administrators, security professionals and interactive marketers to implement authentication so they can prevent and detect email spoofing, phishing and brand exploits.

Tell me more

Categories: Best Practices Return Path View Comments

Mar
18

The Privileges of Membership (and Performance)


alexrubin
By Alex Rubin
Vice President of Business Development

Yahoo! Mail has been using the Return Path Certification whitelist as part of its filtering process for more than a year. So we’re thrilled that our partners at Yahoo! Mail will begin automatically turning on images and links for our authenticated whitelist program members. Even better, this includes not only Yahoo! Mail webmail but also email hosted by Yahoo!, including BT Internet, Rogers, Bellsouth, SBC, and Rocketmail.

This is great news for the email universe for a couple of reasons: …

Tell me more

Categories: Commentary Commentary View Comments

Nov
18

Domain Reputation: Hope or Hype?


georgebilbrey
By George Bilbrey
Co-Founder, President

Fred Tabsharani has a thought-provoking article on Deliverability.com about domain reputation.

I have a few thoughts on the “gold rush” Fred describes, based on my conversations with major ISPs and others in the industry:

1) The industry is making WAY too much out of domain reputation

The manic nature of a “Gold Rush” is exactly what the raft of articles about domain reputation feels like. It feels like a lot of marketers are saying the equivalent of “Now that domain reputation is in place, all my delivery problems will disappear.” Sure, domain reputation has some advantages such as reputation portability (as Fred points out). However, there are two things to note …

Tell me more

Categories: Commentary View Comments

Jul
29

Domain Reputation: What It Means for Email Senders


tom sather
By Tom Sather
Director, Professional Services

Imagine if your reputation was linked to your domain name, rather than your IP addresses.

It would eliminate the need to “warm up” servers – a situation that exists now because ISPs are wary of new IP addresses with no sending history. Domain reputation would essentially make reputation portable – you could add new IPs, you could move IPs, you could send mail from different systems, even different ESPs – and you’d still enjoy the benefits of your good reputation.

The domain name is part of your brand identity, part of the “you” that you’re trying to portray to your customers. An IP address is just a string of numbers.

Of course, the flip side is a bad reputation will also be portable. To some extent, this has always been true. ISPs have used the reputation of domains to block content for a long time now. This is why some companies that used bad third-party marketers found that their “regular” email took a hit when the links in both types of email got tarnished and caused blocking.

So why aren’t ISPs using domains for good reputation, too? Unfortunately, the IP address has for decades been the only thing – the only “identifier” – associated with a message which cannot be forged. Enter authentication, which we talk about all the time on this blog. When a message is authenticated with a domain, the receiving site knows that the message really did come from that domain – which makes domain reputation possible.

Ken Magill has joined the conversation by writing a story on domain reputation, causing renewed buzz in the industry.

According to Magill’s story AOL will implement a domain reputation system sometime …

Tell me more

Categories: Commentary View Comments

Jul
27

DKIM: Not Shiny, But Very Important


J.D.
By J.D. Falk
Director, Internet Standards & Governance
Email Intelligence Group

When a new iPhone or Palm device is released or Google announces a new OS, everybody hears about it. These are, for a short time, the shiniest thing in the tech world. One reason for this phenomenon — perhaps the primary reason — is that they directly affect end users. They’re things that early adopters drool over and stand in line for, while slower adopters ask “Why would I want that? My 8-track player still works perfectly.” In the meantime, the U.S. Department of Justice is investigating whether domestic telecommunications companies have been engaging in “monopolistic and anticompetitive practices” again — which could have much larger, longer-lasting effects on how we access and utilize the internet in this country. But, it’s not shiny and immediate, so that gets far less attention.

Even in the email industry, shininess is rarely an accurate indication of importance or impact. Google removed the “beta” label from Gmail a few weeks ago, but Gmail is still basically the same as it was before. Spammers are mentioning Michael Jackson more often than they did before he died, but so is everyone else. And Return Path has published two more studies, proving twice again that email marketers need to pay more attention to deliverability. …

Tell me more

Categories: Explanation View Comments

Mar
24

Searching for Truth in DKIM: Part 5 of 5


J.D.
By J.D. Falk
Director, Internet Standards & Governance
Email Intelligence Group

Throughout this series of articles we’ve been talking about DKIM, and what a valid DKIM signature actually means.

Part 1 explained that the DKIM “d=” value identifies the domain name which signed the message, which may be different from the author of the message. Part 2 described how the author domain can gain some control over whether any other domain name should ever sign a message purporting to be From: that author domain. Part 3 discussed how the reputation of a d= domain leads to a reliable determination of trustworthiness, while part 4 reminded us that truth cannot be assumed until trust is certain.

What this means for senders (of any type) is that …

Tell me more

Categories: Explanation View Comments

Mar
23

Searching for Truth in DKIM: Part 4 of 5


J.D.
By J.D. Falk
Director, Internet Standards & Governance
Email Intelligence Group

Once you’ve determined that you can trust the signer of a message, as we discussed in part 3, it’s easy to extrapolate that various portions of the message are equally trustworthy. For example, when there’s a valid DKIM signature, we might assume that the From: header isn’t spoofed. But in reality, DKIM only tells us two basic things:

  1. Does the message have a valid signature? (yes or no)
  2. Which identifier signed the message? (the d= domain)

DKIM uses a cryptographic signature based on a hash of the message, so if the signature is valid, we also know that the message wasn’t changed in any way between the time it was signed and the time the signature was verified. What we don’t know, and can’t know, is what happened — intentionally or unintentionally — before it was signed.

For example, I could write a message where I claim to be Joshua Norton, Emperor of these United States and Protector of Mexico. It’ll be signed when I send it to you. But DKIM doesn’t tell you if it’s true

Tell me more

Categories: Explanation View Comments

Mar
17

Searching for Truth in DKIM: Part 3 of 5


J.D.
By J.D. Falk
Director, Internet Standards & Governance
Email Intelligence Group

Last year, MAAWG published a white paper titled Trust in Email Begins with Authentication, which explains that authentication (DKIM) is “[a] safe means of identifying a participant-such as an author or an operator of an email service” while reputation is a “means of assessing their trustworthiness.”

Regular readers of this blog already know that reputation systems based on IP addresses, including our Sender Score, are used by many ISPs and anti-spam vendors to determine which mail to accept, which to reject, and which to subject to additional filtering before making a delivery decision. There, the identifier is the IP address.

The reason this sort of reputation works for delivery decisions is that it’s an attempt to measure whether the sender of a message can be trusted to send mail that the recipients want — or, more accurately, whether the IP address of a message can be trusted to send mail that the recipients won’t complain about. We also mix in the concept of safety, largely in the form of how likely it is that the IP address is sending phishing scams or similar bad stuff. …

Tell me more

Categories: Explanation View Comments

<<1 >>