There are a lot of folks in the email industry that take issue with my stance that DMARC is not a viable solution to phishing. DMARC, at it’s absolute best, addresses one tiny, TINY piece of phishing. Look at this message I received today. My mail client presents this as from Quickbooks and hides the actual from email address from me. Most mail clients do…
Read More »
One of the things I do for clients is look at who is really handling mail for their subscribers. Steve’s written a nifty tool that does a MX lookup for a list of domains. Then I have a SQL script that takes the raw MX lookup and categorizes not by the domain or even the MX, but by the underlying mail filter. Part of that…
Read More »
In my previous career I was a molecular biologist. Much of my work was done on bacteria but after I left grad school, I ended up working in a developmental biology lab. Bacteria were (mostly) simple: just about every trait was controlled by a single gene. We could study what that gene did by removing it from the bacteria or adding it to a well…
Read More »
Back in April I wrote about some poor marketing automation that ended up spamming me with ‘cart abandonment’ emails when the issue was the company’s credit card processing went down. That post has now been scraped by the spammers Moosend and they keep sending me… poorly targeted automated spam. So, yes, Moosend (who are prolific and annoying spammers) are sending me spam about a blog…
Read More »
There’s a lot of my education in the sciences that focused on how to get a statistically accurate sample. There’s a lot of math involved to pick the right sample size. Then there’s an equal amount of math involved to figure out the right statistical tests to analyse the data. One of the lessons of grad school was: the university has statistics experts, use them…
Read More »
In my post earlier this week, katie asks: what do you do next when the problem statement is as non-specific as “open rates are falling”? how would you go about getting from there to that next level of marketing email from our ESP goes to bulk? That’s a great question, and will help me explain pieces I didn’t in the initial post. The observation here…
Read More »
At the end of last year, Steve wrote a post about the different types of authentication. I thought I’d build on that and write about the costs associated with each type. While I know a lot of my readers are actually on the sending side, I’m also going to talk about the costs associated with the receiving side and a little bit about the costs…
Read More »
Everyone has their own way of troubleshooting problems. I thought I would list out the steps I take when I’m trying to troubleshoot them. Clarify the problem. As a consultant, folks come to me asking me to help them solve their delivery problems. My first step is to get them to clarify what symptoms they’re seeing. Something happened to make them contact me, and that’s…
Read More »
Well, it’s 2020. The start of a new year and a new decade, or not depending on what number theory you use to count decades. Personally, I think we, as pattern loving humans, just happen to love numbers that end with 0 and we’re going to consider it special whether or not it’s the actual end or start of a decade. This is the point…
Read More »
Some notes on some of the different protocols used for authentication and authentication-adjacent things in email. Some of this is oral history, and some of it may be contradicted by later or more public historical revision. SPF Associates an email with a domain that takes responsibility for it. Originally Sender Permitted From, now Sender Policy Framework. It allows a domain owner to announce which IP…
Read More »
This morning hundreds of delivery folks logged into their Google Postmaster Tools account to see their IP reputation was bad. Even one of my client’s that is using a major ESP shared pools is seeing bad IP reputation on December 10, 2019. The good news is this doesn’t seem to be affecting delivery. Most folks are reporting no delivery issues at Gmail and no change…
Read More »
Many years ago, we bought a VMWare license to manage the various virtual machines running our business infrastructure. As part of our move to Dublin, we decommissioned our cabinet and moved all of services into various bits of the cloud. This meant that when our VMWare support contract came up for renewal we declined the renewal. Despite no longer being customers and unsubscribing from email,…
Read More »
Sendgrid announced their volumes for Black Friday and Cyber Monday: To provide a clearer understanding of our scalable systems, on Black Friday 2019 we processed 4.1 billion emails and this Cyber Monday we processed 4.2 billion emails (46% more than 2018) and processed up to 315 million emails/hour (burst rate) into inboxes all around the world! To give you a better understanding of this scale, you can…
Read More »
I’m basically waiting for the various ESPs to announce Just How Much Mail they’ve sent over the last 4 days. Early information from one ESP shows a hefty percentage over the amount they sent last year, and that amount had many, many, many zeros in it. In terms of best practices and ongoing advice: you can never put too many lights on a Christmas tree.
Read More »
I’ve shared a version of this image repeatedly. I think it was only my Facebook friends that got the stick figure screaming in frustration, though. The reality is bounce handling is one of the most frustrating pieces of email delivery. Not only that, many people in the email space treat it as a simple process. It’s really not as simple as we’d like it to…
Read More »
The phishing attack against Sendgrid is still going on. Most of the mail and the websites are being hosted on Linode. I’ve still not gotten to see what one of the sites looks like, as Linode is getting the sites down before I click on the links. Everyone here is doing the Right Things(tm) in order to address the problem. Sendgrid has a p=reject message…
Read More »
For a long time one of the “best practices” for links in html content has been to avoid having anything that looks like a URL or hostname in the visible content of the link, as ISP phishing filters are very, very suspicious of links that seem to mislead recipients about where the link goes to. They’re a very common pattern in phishing emails. /* This…
Read More »
The nice folks at Kickbox asked me what I thought the biggest myths about spamtraps were. I said: I think the biggest misconception is that spamtraps are the reason for delivery failures, whether blocking or spamfoldering. When the article came out, I was highly amused to see that John from Campaign Monitor said the same thing in his first sentence, too. A common misconception is that spamtraps are…
Read More »
One of the interesting things about moving to the EU is experiencing the internet where GDPR is a thing. We get asked permission for everything. Including if we want shopping cart updates.
Read More »
There is currently a phishing attack against a major ESP. The mail came through what I presume was a compromised account hosted at one of the providers. It’s just as possible this was a domain set up for the sole purpose of phishing, though. The underlying attack is pretty good. They took the ESP compliance notification email and changed a couple of the links to…
Read More »