Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

  • Terry Zink: Security Talk

    Outbound filtering - part 4

    • 1 Comments
    There are other options for dealing with outbound mail.  Let's take a look at another one. Option 2 - Treat outbound mail the same as inbound mail Another option for outbound mail filtering is to treat inbound mail nearly the same as outbound mail...
  • Terry Zink: Security Talk

    Outbound filtering - part 3

    • 1 Comments
    There's a great deal of discussion surrounding policy and outbound spam.  What do we do with messages marked as spam and how do we treat the organization as whole? Option 1 - Keep track of the mail disposition and cut off the entire organization...
  • Terry Zink: Security Talk

    Outbound filtering - part 2

    • 3 Comments
    In my previous post, I mused about what it takes to do outbound spam filtering.  If customers use us for outbound mail and start relaying spam, it damages our reputation and credibility.  Ergo, we need to come up with a solution wherein we don...
  • Terry Zink: Security Talk

    Outbound filtering - Part 1

    • 4 Comments
    We are nearing the end of the dev cycle of our next release and the plans naturally start to look forward to our next release.  Don't get me wrong, there's still a ways to go in our current release.  We have to hit code complete on January 31...
  • Terry Zink: Security Talk

    Anti-spam service is not just about filtering

    • 2 Comments
    As part of a Hosted Service, sometimes I have to give credit where credit is due to other people within our department. Our latest release has a feature called Message Trace Real Time Reporting.  Basically, whenever somebody sends a message through...
  • Terry Zink: Security Talk

    Follow up - how many IPs could we potentially block?

    • 3 Comments
    This is a follow up to my previous post .  I recently looked up an old version of the PBL and decided to count up how many IPs they were blocking.  By my calculations, if we expand CIDR ranges, the PBL blocks nearly 390 million IPs. Actually...
  • Terry Zink: Security Talk

    Just how many IPs are spamming, anyhow?

    • 6 Comments
    Yesterday, one of our architects popped into my office and we had a brief discussion about blocklists.  The topic shifted to how many IPs we have banned over the years. The total number of available IPv4 IP addresses is 2 32 , or 4,294,967,296 different...
  • Terry Zink: Security Talk

    End-of-year wrap-up

    • 1 Comments
    Well, here we are on New Year's Eve.  I'd like to reflect a bit on this blog about the past year: I succeeded in my goal of learning Unix better.  This, as you may recall, was a New Year's resolution.  While I hardly consider myself an...
  • Terry Zink: Security Talk

    Response to Trust-based messages

    • 1 Comments
    In my other post in a Q&A excerpt with Dave Crocker by Investor's Business Daily, I'd like to now respond to some of my selected quotes. Crocker: You have to create what I call a trust overlay to the existing e-mail system. Existing senders and receivers...
  • Terry Zink: Security Talk

    Some early stats on TMA

    • 1 Comments
    We finally got around to deploying all of our new features from our latest release.  As I explained a couple of months ago, I created a hybrid of SPF and SenderID in response to customer demand.  I called it TMA, or Terry's Message Authentication...
  • Terry Zink: Security Talk

    Spam's new nemesis: Trust-based messages

    • 3 Comments
    The other day I was reading Investors Business Daily and came across an article whose title you see in the subject line of this blog post.  The article is a Q&A Dave Crocker of BrandenBurg InternetWorking.  If you're like me and too lazy...
  • Terry Zink: Security Talk

    Classic Viagra spam

    • 0 Comments
    It's been a while since I processed the spam abuse inbox, but I came across the following spam message today. Usee \/ i a g r /\ Proo and all wmoen wiill be yorus. Etxend the qualtiy of yoour sxeual perfromance with Ge |\| eerik \/ i a g r /\. ...
  • Terry Zink: Security Talk

    If perception is everything, then Gmail needs better filtering

    • 5 Comments
    Every now and again, I get spam delivered to my inbox from one of the leading webmail services.  AFAIK, there are the big 4: Gmail, Yahoo, Hotmail and AOL. The thing is that to my work email account where I get some of my mail (ie, I eat our own...
  • Terry Zink: Security Talk

    Once again, I'm proven right about false positive lag time

    • 2 Comments
    I hate to brag (no, wait, I love to brag), but once again I have been proven right. One the problems with getting accurate statistics about false positives is that users quite regularly submit them late.  So, assume for the week of Dec 3 - Dec 10...
  • Terry Zink: Security Talk

    A rarity - I'm proven wrong!

    • 1 Comments
    The other day, I posted that the Christmas season is upon us and that there has not been a major correlation between an expected rise in Christmas spam and the actual spam that we are seeing on our networks. However, I believe that I have now seen such...
  • Terry Zink: Security Talk

    The 12 days of Christmas spam song

    • 0 Comments
    Kudos to Symantec for coming up with this 12 Days of Christmas Spam song.  Very clever. It's going to be very tough to top this.
  • Terry Zink: Security Talk

    Numbers don't lie, but they can confuse (part 3)

    • 1 Comments
    As I was saying in my previous post, one of the interesting relationships I have discovered is that the better our virus filters perform, the more spam our end-users see in their inbox (and the less total mail we see on our network). Another very interesting...
  • Terry Zink: Security Talk

    Numbers don't lie, but they can confuse (part 2)

    • 4 Comments
    As I was saying in my previous post, statistics, and correlation and scatter plots in particular, are excellent ways of verifying whether or not relationships within components of the spam filter are valid or if the theory is spurious. Now that I have...
  • Terry Zink: Security Talk

    Numbers don't lie, but they can confuse (part 1)

    • 1 Comments
    One of things I do here at Microsoft is look at numbers.  I have a table of statistics that I look at, not every day, but certainly a few times per week.  It's a table of the daily number of messages we block, how many are blocked by content...
  • Terry Zink: Security Talk

    Security risks in a powerful corporation

    • 1 Comments
    Last week, I was watching the season finale of the second season of Heroes.  It's not technically the season finale, but with the Hollywood writer's strike, they finished off the first part of the season until new episodes could be written. Anyhow...
  • Terry Zink: Security Talk

    It's December! Time for the spam season, right?

    • 5 Comments
    Ah, the holidays are upon us.  And, as we all know, 'tis the season for piles of spam! Or is it?  Last year, we saw a very large run up of spam heading into December, but in the month of December itself I saw nothing out of the ordinary. ...
  • Terry Zink: Security Talk

    Behind the scenes (part 2) - Now I know how Homer felt

    • 5 Comments
    Following on from my previous post about who shot Mr. Burns, don't worry, I'm building to something.  Mr. Burns begins to do a lot of evil things, including blocking out the sun.  The Simpson family is in their house discussing this turn of...
  • Terry Zink: Security Talk

    Behind the scenes (part 1) - now I know how Homer felt

    • 1 Comments
    Here at Microsoft, I am a Program Manager.  One of the projects that we are currently working on is slipping behind schedule (and it has barely even gotten started).  There are various components that have to be re-engineered and it's forcing...
  • Terry Zink: Security Talk

    Futurama is great

    • 2 Comments
    I had to comment about this post from the Spam Wars blog.  It's called the Futurama of Spam.  The blogger is a lot like me - he enjoys Futurama and he blogs about spam stuff.  The post ties together an episode of Futurama and how it relates...
  • Terry Zink: Security Talk

    Security risks at a big box retailer

    • 6 Comments
    Even though things like phishing and spoofing and hacking are what we normally think of when we consider electronic security risks, sometimes the simple things are what cause the biggest problems. I was recently in a big box retailer picking up some stuff...
Page 37 of 46 (1,150 items) «3536373839»