July 2007 - Posts
The other hazard I'd like to look at with regards to SPF and SenderID is the issue of newsletters, or more specifically, bulk emailers. Bulk emailers have a long and checkered history of using questionable email practises. They put in lots of advertising
Read More...
Both SenderID and SPF have their critics. I'd like to touch on two potential problems with them: the first is the issue of email forwarding. There's no official standard on how email is to be forwarded (in terms of rewriting the headers). Suppose that
Read More...
SPF and SenderID are similar to each other in the way they act, but the differences between them are in what they are designed to target (at least how I see it). Both OpenSPF and Wikipedia say that SenderID and SPF are designed to address different problems.
Read More...
I started tracking some statistics on pdf spam this weekend. The following numbers will seem a little inflated (since spam performance metrics always appears better on weekends) but they are still interesting. Of all the messages with PDF attachments
Read More...
In my last post, we were introduced to the new SPF record syntax that is specifically designed for SenderID. The question now is how does SenderID treat SPF records that were originally designed to be used with SPF? SenderID allows the spam filter to
Read More...
Now that we've moved our way through the workings of SPF, let's take a look at Microsoft's own branded technology, SenderID (I don't mean that Microsoft invented it since it derives from an earlier standard, only that Microsoft advocates the use of it).
Read More...
Today is a special day at Microsoft, it is the three-year anniversary of the day I joined Frontbridge (now Microsoft Exchange Hosted Services) as a spam analyst. Ah, what a memorable three years it has been. On our first day on the job, me and three others
Read More...
Let’s tie up a couple of loose ends (but by no means all the loose ends) when it comes to SPF. I would like to interpret the below SPF record: v=spf1 a/24 mx/24 ptr ?all Now that we are experts in SPF syntax, reading this is a snap. The version of SPF
Read More...
Now that we've plowed our way through SPF, including the syntax (I can't believe I took the time to do it, but if I ever go into a university and have to teach it I guess I should know it), let's take a look at some real life examples of domains that
Read More...
The mx mechanism mx mx/<prefix-length> mx:<domain> mx:<domain>/<prefix-length> All the A records for all the MX records for domain are tested in order of MX priority. If the client IP is found among them, this mechanism matches.
Read More...
Moving onwards to mechanisms, let's take a look at them in a bit more detail. Again, this information comes straight from the OpenSPF page, with extra commentary by me. The all mechanism all This mechanism always matches. It usually goes at the end of
Read More...
This is essentially going to be a summary of the information that appears on the OpenSPF documentation web page. Really, what else can I say that isn't said there? But, if you're like me and rarely bother clicking on links inside of blog posts and would
Read More...
I've had a document sitting on my shelf (ie, the window-sill 10 feet away from my desk) for about 6 months now just waiting to be read. It's entitled Sender Repuration in a Large Webmail Service. It's by Bradley Taylor, at Google, and is available to
Read More...
This morning I had the distinct "pleasure" of getting spam in my inbox that was pumping the services of Spamhaus. Here's an excerpt: WORKING TO PROTECT INTERNET NETWORKS WORLDWIDE Spamhaus tracks the Internet's Spammers, Spam Gangs and Spam Services,
Read More...
I continue my brief hiatus from sender authentication to comment on the amount of spam we're seeing. We continue to see high levels of spam not seen on our networks in previous times. They haven't really dropped off at all since they started hitting record
Read More...
