How to align with SPF and DMARC for your domain if you use a lot of 3rd parties to send email as you

Background One of the pieces of advice I frequently give these days to organizations is for domains to set up DMARC records, and implement a hard fail in their SPF record. This is straightforward for smaller organizations that know all of their email servers, but harder for large organizations. Why? Because in a large organization,…

13

Best Practices for Exchange Online Protection customers to align with DMARC

Background Spammers frequently forge the "From" address on email messages so the spam appears to come from a familiar sender such as your bank or social network, or more dangerously, from your own organization so that it looks like an internal sender. To help prevent this abuse, Exchange Online Protection (EOP) supports DMARC, a protocol…

3

Slideshow: A brief overview of how email over IPv6 works in Office 365

The following is a brief overview of how email over IPv6 works in Office 365, and why we are doing some of the things we are doing. Other services that also support email over IPv6 work similarly.   Source: A plan for email over IPv6 on Slideshare   Related Articles: Support for Anonymous Email over…

0

Slideshow: A brief introduction to DMARC

Below is a slideshow of a presentation about DMARC I did at this year’s Virus Bulletin conference in Seattle. It’s not that technical although I do use a few technical terms. However, even newcomers to email will be able to understand it.   Using DMARC to Improve Your Email Reputation from Terry Zink

1

Six steps to sending email over IPv6 – my Internet Draft

A couple of weeks ago, I published my first Internet Draft to the Internet Engineering Task Force (IETF).  Today, I updated it, making it version 2 (but named version 01.txt).  It is titled Recommendations for the use of whitelists for email senders transmitting email over IPv6. Here’s a quick synopsis: Email filters today use IP…

5

Spammers ruining it for everyone

Last week we had an incident with our outbound reputation that caused delivery issues to various US government agencies who don’t use our service.  One of our customers did something inadvertently that caused our outbound IP reputation to degrade with some 3rd party reputation lists and as a result these government agencies wouldn’t accept our…

2

Handling the problem of inbound bulk mail

Over the years, our spam filtering has gotten to be pretty good.  We don’t see a lot of complaints about spam other than the odd escalation (why didn’t your filters stop this “obvious, blatant” spam from coming to my inbox?). However, that doesn’t mean that everything is fine.  There is still one class of mail…

2

Newest round of Twitter spam

This one fooled me for a half second. I got an email to my work account indicating that I had 3 delayed messages in my Twitter account.  The social engineering technique is designed to get me to click on the link and redirect me to a spam site, and quite possibly infect my system with…

3

Apparently my reputation precedes me

I recently made a slight shift in the team I report to at work.  I’m still in anti-spam but the organization under which I report has moved a bit.  Anyhow, we were in a team meeting when my new boss asked people to go around and make introductions.  When it came to me, someone said…

0

Not a great week for outbound spam

It hasn’t been a great week this week (March 1-5) for some of our customers who use us for outbound mail relay.  I’m not going to name names because there have been a wide variety of users, but every single day this week we have had one or two organizations that have been sending abusive…

0

Why send spam over TLS?

In my previous post, I noted that rustock had started sending us a whole pile of spam over the TLS protocol.  The question now is why do it at all?  I mentioned in my post that this is clever behavior and one of my readers posted in a comment “What makes this so clever?” The…

5

More Facebook spam

This morning, I logged into my Facebook account to see what all of my various friends were up to.  Is anyone having a birthday?  I shall write on their wall some warm wishes.  Is anyone doing anything interesting?  Perhaps I could like their status.  Does anyone have a clever wall post?  Perhaps I can post…

3

Into the wild, wild west

Remember way back, in summer of 1999, when Will Smith and Kevin Kline starred in the movie Wild, Wild West?  If you don’t remember, that’s fine, because the movie really sucked.  According to the Wikipedia entry, Will Smith turned down the role of Neo in The Matrix in order to star in this one.  Ordinarily,…

0

The Top Ten Spam, Malware and E-Security Stories of 2009

All Spammed Up has a nice little summary wrap up of the year 2009.  I have my own summary, it is a condensed version of an article that will appear in next month’s edition of Virus Bulletin. There are a lot of stories that could have gone into this that I had to cut, like…

0

Keeping track of botnets

A couple of months ago, I posted a one-day snapshot of how much spam we see from individual botnets.  I’ve been keeping track since July 29 on the biggest ones that have names, and only for IPs that get past our RBLs.  At the time of my first post, I thought that the stats wouldn’t…

0