Al Iverson
DKIM replay attacks are one of the new big things lately, and they work like this: Take a DKIM signed email message, and re-send it to a billion other people. Maybe add another header (or change the subject, if the signature doesn’t cover the subject), or maybe change nothing. Just take that message and randomly spam a million people. The mail will pass DKIM authentication checks, as long as it is sufficiently unchanged, and thus it authenticates as if it were a legitimate email message. Even if you weren’t the original intended recipient. Even if it was sent only to one person but then recent to a million other people, just to annoy them. That’s not a good thing — it can damage a sender’s domain reputation, because people unhappy about that unwanted mail will report it as spam, and spam reporting processing mechanisms will tie it back to the
Mike Scarcella, reporting for Reuters: Google has hired law firm Perkins Coie to help defend it against the RNC’s spam filtering lawsuit. “While Perkins long has provided legal services to the Democratic National Committee in matters of political law, and to political candidates, most of the lawyers fielded to defend against the RNC’s claims focus on privacy, security and business litigation.” Read it all here.
Oracle’s Chad S. White recently shared four fantastic tips on how to maximize your response rate when implementing a double opt-in (aka confirmed opt-in) process. It’s a great way to verify consent (and keep a clean email list), but one of the primary complaints from marketers has always been the low response rate; the percentage of people who will complete the opt-in step is often far less than one hundred. COI/DOI may not be right for every situation (and indeed I just recommend to a client that they consider eliminating a similar process in their site registration because of the challenges they were facing), but it’s still a very good thing to consider in a lot of scenarios. Anyway, enough of my natter, click through to read Chad’s thoughts on the topic.
Google and various news outlets are reporting that Gmail had a significant outage today (Saturday, December 10th). Google reports that as of 4:16 PM UTC (10:16 AM US central time) things are on the mend, but that there’s a backlog of messages to be delivered.I can’t tell if senders found inbound delivery attempts delayed with 4xx errors, or if Google servers accepted messages then sat on them. Message delivery to the inbox, however, was definitely delayed for folks (observed by myself, too), regardless of what the backend systems were doing.
Amazon is hiring! Want to work on Amazon’s Simple Email Service (SES), one of the biggest email sending engines out there?They’re looking for the right person to fill the role of Email Deliverability Manager, Amazon Simple Email Service.In that role, you would “leverage data to build insights about email deliverability for SES customers, work closely with SES engineering, operations, sales, and marketing to help design and build scalable tools and features that can manage and analyze billions of messages for maintaining deliverability excellence and deliver a great experience to thousands of customers, relentlessly advocate responsible email sending and educate internal stakeholders as well as external customers,” and more.Read more and/or apply here.I am told that remote is NOT a possibility for this role, unfortunately.
Another week is drawing to a close, and I think that means it’s time for another music break. If Katy Perry doesn’t make you want to get up and dance, you might be dead inside. Enjoy!Thank you to Denise Miller for the suggestion!
Will Easton is an expert email strategist and nonprofit fundraiser, and the webmaster of ethicalemail.org. He was recently laid off and looking for work, so feel free to connect with him on LinkedIn or by email to weaston@igc.org.Today’s topic? The deluge of fundraising spam you’re likely to receive after making a political contribution and handing over your email address.First, let me make it clear that I’ve managed email communities for generally progressive nonprofits, B2C companies & candidates throughout my career, so my focus here is on that side of the aisle. Republican email fundraising is a separate kettle of fish with its own problems, highlighted in this piece from the NY Times focusing on the Trump campaign … as well as a followup article pointing out that elderly donors to both parties are particularly susceptible to unethical tactics, and represent a disproportionate share of refunds requested for donations they don’t
Rackspace appears to have suffered a security issue related to their Hosted Exchange mailbox environment, starting on December 2nd. You can find more information here, here and here.From what I can tell, their Hosted Exchange systems make up only a small portion of the overall mailbox provider infrastructure hosted by Rackspace. Doing a quick check against the top 10 million domains suggests that the vast majority of mail traffic to Rackspace is handled by their non-Exchange infrastructure. Less than 1% of the Rackspace-hosted domains in the top 10 million domains point at the affected Exchange services. Rackspace’s MX records typically look like mx*.emailsrvr.com for non-Exchange-using domains, and mex*.emailsrvr.com for Hosted Exchange infrastructure-using customers.Sender impact is thus likely to be small — you’ll see a bit of bouncing at a handful of affected domains, as they’re not able to accept mail at this time. If you’re a mail/IT admin at an
Email/technology expert Mike Hillyer has put together a list of six very smart email/technology people that were affected by recent layoffs or other job upheaval.The group is a diverse set of experts, starting with a specialist in customer engagement (Tom Mairs), running support teams (Scott Habict), providing expert deliverability guidance (Josie Garcia), bringing Agile product/project prowess (Klaudia Piaskowska), Java back-end development mastery (Alex Drake) and providing strategy/marketing expertise (Jeremy Wright). Any and all of these fine folks would be good hires for companies in need of their particular expertise.Click on through to read a bit of detail about each of them, with links to each individual. And thank you, Mike, for pulling this together to help our email community assist friends in need!
It’s infographic time! This one breaks down the top 25 mailbox providers in the UK, as measured by this methodology:Any domain in the “top 10 million domains” (as measured by various online tools),And that domain name ends in .uk, the Internet country code top-level domain (ccTLD) for the United Kingdom,Analyze and roll up counts of all the MX records/email hosting for all of those domains;And thus, we have how many “top 10 million .uk domains” each of these mailbox providers hosts,Which probably makes this breakdown mostly B2B-oriented, and B2C mail tends to be more oriented toward many users at a small number of domains, and very few of these domains are going to be freemail/webmail domains.This ranking by number of domains is not quite the same as noting how much email traffic (or how many messages) each service handles, inbound or outbound, but’s I don’t have access to that, do