Major Telecommunications Providers Cooperate to Stop Spam in Europe

Using the Abuse Reporting Format (ARF) and Return Path’s feedback report processing technology, ETIS members help each other find the spammers lurking within each others’ networks — and their customers’ networks, and their customers’ networks.

Tell me more

Categories: Explanation Return Path View Comments

Understanding the “Precedence:” Header

Though never formally standardized, the Precedence: header has been around since the earliest days of internet email. Google’s use of the Precedence: header for labeling is a new idea, and (probably) unique.

Tell me more

Categories: Explanation Standards View Comments

How To (or How Not To) Operate a Blacklist

A set of Best Practices for how to run a blacklist — or any other popular anti-spam service. These can also help mail system operators evaluate which blacklists they’d like to use.

Tell me more

Categories: Best Practices View Comments

Catch More Spam with Zombies

Zombie email addresses are once-valid addresses which have been literally abandoned by their users, yet remain on marketers’ subscriber lists more or less forever. Spam trap operators we spoke to all agreed that it’s best if the address or domain reject all mail for a period of months or (preferably) years before being recycled as a spam trap.

Tell me more

Categories: Explanation View Comments

Lacking a Common Language

Some of the terms I see floating around the industry are silly and annoying, but probably harmless. Are you really a rock star if you’ve never gyrated on stage in front of 50,000 screaming fans? Can you call yourself a ninja when you want everyone to be able to see you, or a guru when your wisdom does not lead to enlightenment?

But misunderstanding common terms can also lead to far bigger mistakes.

Tell me more

Categories: Commentary Research View Comments

Same Spam, Different Day

McAfee just released their March 2010 spam report.

The good news: as a percentage of email, spam has remained flat.

The very bad news: Overall email volume is way up so the amount of spam has gone way up too. Translation: there is a lot more crap clogging up the system.

For large inbox providers a move toward systems that …

Tell me more

Categories: News View Comments

An Unwelcome Afterlife for a Long-Dead Blacklist

There’s still a few weeks before Halloween, but have we ever got a scary story for you — and every word of it is true. (Imagine we’re sitting around a campfire, chowing down on s’mores, flashlights under our faces.)

Seven years ago, on this very internet, there was a man named Matthew who was angry about spam. Now sure, there are lots of people angry about spam, and some of them are named Matthew, but this particular Matthew decided that he was going to do something about it.

Matthew noticed that a lot of spam came from foreign countries, and that he didn’t get any real mail from people who lived there. So he created blacklists for each country that sent him spam. Then he noticed that a lot of spam came from particular large ISPs, and he created blacklists for each ISP that sent him spam. Soon Matthew had a lot of lists, and some of them were very big.

Five years passed, and suddenly Matthew and his lists disappeared! …

Tell me more

Categories: News View Comments

Happy Birthday, Internet!

Oh, Internet. You had such potential when you were born — darling of the research community, supported by the wealthiest military the world has ever known. And you married well, into a powerful merchant family. Why are you so lost? Is it a midlife crisis?

You were born, some say, 40 years ago this week in a lab at UCLA — one of ARPA‘s many children. It wasn’t until nearly two months later that you first spoke, transmitting the letters “L” and “O” before crashing — but soon you were growing, expanding into research facilities all over the continent, and eventually (with some delays) the world.

In 1972 you moved from computing theory into the world of human communication when Ray Tomlinson gave you electronic mail. Ray said that “the first message of any substance was a message announcing the availability of network email.” From those first few, feeble test messages and system announcements to today’s daily billions — it’s hard to imagine, now, that there was ever a time when you didn’t carry email!

In the 1980s you were made up of mere hundreds of computers across a few dozen individual networks, each distinct — yet each inter-networked. It was in those intersections that you truly grew up. You were given the Domain Name System (DNS) to ease finding your various parts, and nicknamed “cyberspace” after science fiction author William Gibson coined the term to describe something you still might some day become.

…

Tell me more

Categories: Commentary News View Comments

When Botnets Get Stymied, You’re Next

You’ve probably heard about botnets by now — those networks of home computers infected by viruses or other malware, controlled en masse by some shadowy bad guys. Botnets are used to send most of the world’s spam, attack web sites, steal credit card numbers and other personal information, or other nefarious activities — for anyone, for a fee.

Broadband connections are so prevalent these days, all over the world, that botnet operators can pick and choose which infected computers are sufficiently high-bandwidth for their needs. But these broadband connections all flow through one ISP or another, so ISPs are very aware of the problem — and extremely concerned.

Today MAAWG released a paper aimed at helping these ISPs, titled “MAAWG Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks.” It’s the product of many discussions, including many of the leading experts. “As an industry,” MAAWG Chair Michael O’Reirdan said in the press release, “we are becoming more proactive in alerting customers when bots are detected on their computers and in helping users remove the malware before it can harm them.”

It’ll take some time, and a lot of work, but the effectiveness of botnets will — after a while — be reduced. And then what? Now that they’ve gotten a taste of all the money to be made, the botnet operators won’t go back to flipping perogies. They’ll find another way.

That’d be you. …

Tell me more

Categories: Commentary View Comments

MAAWG Consumer Survey: Deeper in the Data

This week, MAAWG published A Look at Consumers’ Awareness of Email Security and Practices (available from maawg.org.) This research paper is based on a survey of real email users — just like our friends, spouses, grandparents, children — the actual humans who use email and don’t want to have to understand the technical or social underpinnings. It was not a survey of MAAWG members, or conducted by MAAWG members; the intent was to get a true picture. In conversations between senders and ISPs, often with Return Path helping to facilitate, everyone’s always trying to figure out what recipients do or don’t want; finally, this survey gives us some answers.

To read the press and blog response, it sounds like they’ve concluded that spam is a complete success and everyone should start spamming to get rich — but at Return Path we rely on the data, and the data tells a much richer story than a 140-character Twitter paraphrase of the press release ever could.

First, one very humbling realization for all of us …

Tell me more

Categories: Commentary Research View Comments