September 2007 - Posts
The other day, I was taking a look at some of our traffic statistics. One of the challenges that I have is determining what our catch rate is. We know how much traffic we see (more or less), we know how much we catch with blocklists and we
Read More...
Canonicalization is the process of preparing a message for signing. This process is necessary because of the way email is handled in transit by various mail servers. For example, some mail relayers handle white space and line wraps just fine, others do
Read More...
Let's plow through a few real life examples. Here's an actual DomainKey Signature: Example 1 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.au; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type;
Read More...
This post will again be a paraphrase of that which is found in RFC 4870 . Now that we have seen how public keys are stored in DNS, we will next look at how a signing server generates the message signature. The signature of the email is stored in the "DomainKey-Signature:"
Read More...
Now that we have an overview of how DomainKeys works, we're going to look at how a service using DomainKeys generates a DomainKeys signature. When a receiving email server gets the message and sees that there is a DomainKeys header, it has to retrieve
Read More...
There's an old saying that goes "Crime doesn't take a vacation." Whenever I say that in my head, it's always in Chief Wiggum's voice for some reason. However, Wiggum was wrong, crime does take a vacation. Over the week including
Read More...
Now that we understand how digital signatures work, let's take a look at DomainKeys. Like SPF and SenderID, DomainKeys is a mechanism of sender authentication. DomainKeys uses public key encryption to authenticate messages. It works in the following way
Read More...
Has anyone noticed those annoying ads on Facebook? It's in my News Feed, I have a couple of notices from my friends and then an ad to join an Awesome Club and suit up! I don't mind having ads at the top of the screen, but come on Facebook, leave them
Read More...
I'm taking a quick timeout from my series on explaining Sender Authentication to post some quick stats on authentication. I took an 8-hour snapshot of our logs to collect some statistics. I started tracking how often senders use SPF, DomainKeys and DKIM
Read More...
I came across some spam in my inbox today. This company was pushing pump-and-dump stock spam for a medical company. I saw that the company passed an SPF check. That's odd, I thought. A spammer passing an SPF check? So, I decided to check out the SPF records:
Read More...
We've seen encryption, secret key encryption and public key encryption. Public key encryption allows a sender to encrypt the contents of the message and have only the intended recipient read it. They do this by encrypting with the public key and decrypting
Read More...
The basic idea behind secret key encryption is the following: You don't have to keep the algorithm a secret. You do need to keep the key a secret. To increase the security of the contents, you lengthen the size of the key. This is all well and good, except
Read More...
We saw in my previous post that substitution ciphers are a method of encoding a message such that its contents are unintelligible (much like the ramblings of many of the presidential candidates), and they are fairly easy to break with computers that can
Read More...
It's been a long time since I took the unit on encryption in my 4th year Telecommunications class in university, but I did quite well in it (I believe I got 5/5 on the assignment). For you see, the concept of encryption is relevant to our next section
Read More...
My posting has been on-again, off-again lately because I am in the process of moving from Canada down to Seattle. I hope to begin more regular posting (once every two days or so) shortly.
Read More...
Over the past couple of days, we've seen either the beginning of a new botnet tactic, or we changed something on our networks that is causing network problems. The shift in tactics is the amount of time that a bot will connect to our service, we issue
Read More...
