Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

August, 2007

  • Terry Zink: Security Talk

    Phishing vs Spoofing

    • 1 Comments
    One of things I've noticed amongst the public is the confusion between the terms phishing and spoofing . The two are not synonymous. Phishing attacks generally use spoofing as a strategy but spoofing attacks are not necessarily phishing. Spoofing is impersonating...
  • Terry Zink: Security Talk

    Sender authentication part 21: Some recommendations

    • 4 Comments
    In documentation that Microsoft is going to release shortly, they have some recommendations on how to set up your SenderID records as well as a list of frequently asked questions. I will post a link to the relevant documents when they become available...
  • Terry Zink: Security Talk

    Sender authentication part 19: How spammers evade SPF

    • 6 Comments
    How would a spammer get around SPF? One way is the method used by Spammer-X in his book Inside the Spam Cartel . Spammer-X is a retired spammer (so he says) and goes into a lot of the details in his book. I'll give a review when I'm done this series on...
  • Terry Zink: Security Talk

    Sender authentication part 20: Advantages of PRA vs MAIL FROM

    • 3 Comments
    Microsoft is shortly coming out with some documentation on SenderID and the business case for its implementation. Hopefully by now I have demonstrated its usefulness. The Purported Responsible Address has a couple of advantages when deciding to support...
  • Terry Zink: Security Talk

    See you at the CEAS!

    • 1 Comments
    Well, today I'm off to the Conference on Email and Antispam , in Mountain View, California. It's on Aug 2-3, 2007. I'm not speaking or presenting anything this, but maybe next year I'll present a topic like "How to write an antispam blog."
  • Terry Zink: Security Talk

    I haven't disappeared

    • 1 Comments
    I've just been busy with a bunch of stuff over the past two weeks. I plan to resume to normal blogging in the near term.
  • Terry Zink: Security Talk

    Notes on the CEAS

    • 4 Comments
    Here's a round up of my random thoughts on the CEAS: 1. The stuff on image spam detection was interesting, but it's a little late. Spammers have moved on to other tricks. 2. Speaking of the stuff on image spam, the false positive rates were very high...
  • Terry Zink: Security Talk

    Where has all the pdf spam gone?

    • 4 Comments
    I'm checking our statistics on the amount of pdf spam we're seeing, and after Aug 20 (last week) it seems to have disappeared. It hasn't disappeared entirely, of course. But my spam rules that targeted this stuff have gone from a couple million hits per...
Page 1 of 1 (8 items)