Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

  • Terry Zink: Security Talk

    The antispam accuracy of sender verification

    • 2 Comments
    Three simple techniques that are used as inputs for filtering spam are the following: Check to see if the sending domain in the SMTP MAIL FROM has an MX record Check to see if the sending domain in the SMTP MAIL FROM has an A-record Check to see if the...
  • Terry Zink: Security Talk

    Sender authentication part 9: SPF Syntax

    • 3 Comments
    This is essentially going to be a summary of the information that appears on the OpenSPF documentation web page. Really, what else can I say that isn't said there? But, if you're like me and rarely bother clicking on links inside of blog posts and would...
  • Terry Zink: Security Talk

    How to setup your DMARC records if you are outsourcing some, or all, of your email – Part 2

    • 4 Comments
    Continuing on in our series on authenticating outsourced email, how do we outsource our email such that we also pass a DMARC check? First , decide if you want DMARC to pass via an SPF check or a DKIM validation, or both. Second , delegate a subdomain...
  • Terry Zink: Security Talk

    Classic Viagra spam

    • 0 Comments
    It's been a while since I processed the spam abuse inbox, but I came across the following spam message today. Usee \/ i a g r /\ Proo and all wmoen wiill be yorus. Etxend the qualtiy of yoour sxeual perfromance with Ge |\| eerik \/ i a g r /\. ...
  • Terry Zink: Security Talk

    Closing in on the Google hackers

    • 9 Comments
    Joseph Menn has an article on CNN.com wherein the crux of the story is that US experts are closing in on the hackers that broke into Google last month.  It is believed by some that the Chinese government sponsored these hackers.  China, naturally...
  • Terry Zink: Security Talk

    Best practices for sending outbound mail

    • 0 Comments
    One of the questions that I am frequently asked is if we get a sudden burst of outbound mail from a customer using us to send outbound, will we throttle their mail?  Throttling is the process of slowing down outbound mail such that a sending organization...
  • Terry Zink: Security Talk

    10,000 different versions of Viagra

    • 0 Comments
    Viagra spam continues to be the most uniquely spammed product. By unique, what I mean is if you take a specific product, be it a Rolex, mortgage refinance or university degree, Viagra occurs more often than any other product. I never realized how much...
  • Terry Zink: Security Talk

    Gmail disappointing me... a lot like Walmart

    • 6 Comments
    In the past week or so, I have been getting quite a bit of spam in my Gmail account. It's not image spam, it's stock spam. I blogged a few months ago that Gmail was allowing lots of spam through (no pun intended) but that may have been because an email...
  • Terry Zink: Security Talk

    Combating phishing

    • 0 Comments
    From time to time, customers call in and ask us what we are doing to combat phishing attacks. My guess is that they are really asking how we combat spoofing as most malware attacks delivered via email use spoofing (that is, they imitate someone they are...
  • Terry Zink: Security Talk

    Sender authentication part 15: How SenderID interprets SPF records

    • 2 Comments
    In my last post, we were introduced to the new SPF record syntax that is specifically designed for SenderID. The question now is how does SenderID treat SPF records that were originally designed to be used with SPF? SenderID allows the spam filter to...
  • Terry Zink: Security Talk

    How to hack weak passwords

    • 5 Comments
    I was doing my daily stock market research when I happened to come across this article on the strength of passwords and how a hacker would go about trying to steal your password. It's an interesting read. The writer basically goes into a brute-force...
  • Terry Zink: Security Talk

    Sender authentication part 8: Best-Guess SPF

    • 5 Comments
    I've had a document sitting on my shelf (ie, the window-sill 10 feet away from my desk) for about 6 months now just waiting to be read. It's entitled Sender Repuration in a Large Webmail Service. It's by Bradley Taylor, at Google, and is available to...
  • Terry Zink: Security Talk

    An update on DKIM-on-IPv4 and DMARC in Office 365

    • 7 Comments
    If you’re wondering when Office 365 is going to release inbound validation for DKIM-on-IPv4 and DMARC support, I have an update for you. We are currently evaluating DKIM-on-IPv4 everywhere in the service but are fixing the remaining bugs Today, we stamp...
  • Terry Zink: Security Talk

    How Win32/FakeSysdef Corrupts Your Computer

    • 0 Comments
    Microsoft’s Trustworthy Computing group, which publishes the biannual Security Intelligence Report (of which I am a contributing author and reviewer) has published a new video entitled “How Win32/FakeSysdef Corrupts your Computer.”  In it, it shows...
  • Terry Zink: Security Talk

    Does the computer security industry give good or realistic advice?

    • 9 Comments
    As a guy who works in the computer security industry, I am well aware of all the advice that we give.  Use different passwords at multiple sites that you login to.  Always install the latest software updates.  Run antivirus programs. ...
  • Terry Zink: Security Talk

    Funny spam image

    • 2 Comments
    I was surfing the web looking for spam images for a presentation and came across the following.  Very amusing.
  • Terry Zink: Security Talk

    Slideshow: A brief introduction to DMARC

    • 1 Comments
    Below is a slideshow of a presentation about DMARC I did at this year’s Virus Bulletin conference in Seattle. It’s not that technical although I do use a few technical terms. However, even newcomers to email will be able to understand it...
  • Terry Zink: Security Talk

    New Facebook worm

    • 1 Comments
    This morning, I was once again browsing through my Facebook lists (man, Facebook really is a gold mine of material for the cybersecurity world, isn’t it?).  I came across something a friend of mine posted, it is entitled “My ex-girlfriend of 2 years...
  • Terry Zink: Security Talk

    Cracking ReCAPTCHA

    • 4 Comments
    I was browsing dark Reading today and came across an article they published 4 days ago.  A researcher has broken reCAPTCHA, that is a CAPTCHA software tool that many websites use to tell the difference between a human and a computer.  It is...
  • Terry Zink: Security Talk

    Follow up on strengths and weaknesses

    • 1 Comments
    As a follow up from my previous post, I've calmed down a bit and started to regain my calm, Zen-like demeanor. I have not managed to get the new filter out there.  However, I have devised a scheme wherein we can monitor potential FPs closely. ...
  • Terry Zink: Security Talk

    Sender Authentication part 1: The basics of sending email

    • 6 Comments
    This is my first post in my series on email authentication. In order to understand how to authenticate the sender of an email, we need to understand how email works. I remember back in my 4th year of university when we learned how to send "fake" email...
  • Terry Zink: Security Talk

    Cybersecurity and the federal government

    • 2 Comments
    A couple of weeks ago, I was blogging about whether or not cybersecurity should be managed, or overseen, from the White House.  The Obama administration during the campaign was in favor having a cabinet level post, a so-called Cyber-czar.  Leaving...
  • Terry Zink: Security Talk

    The problem of backscatter, part 14 - Bounce Address Tag Validation

    • 2 Comments
    As we approach the end of my series on backscatter, there is still one more piece of technology that holds real promise to combating backscatter - Bounce Address Tag Validation, or BATV.  That sounds a bit like a successor to HDTV... but it's not...
  • Terry Zink: Security Talk

    Facebook’s new messaging platform

    • 1 Comments
    Yesterday, Facebook announced that they were introducing a new messaging platform.  You can read all about it on a blog post here .  Facebook is careful to point out that this is not a replacement for email; it is not email, so they claim. ...
  • Terry Zink: Security Talk

    The Merits and Hazards of Two-Point Filtering

    • 11 Comments
    In my previous post , I defined Two-Point Filtering as the process of using an end-user feedback loop to train a spam filter without verification of the user classifications. I borrowed the Web 2.0 term to refer to the greater community of people contributing...
Page 4 of 48 (1,179 items) «23456»