Posts Tagged ‘spf’
Wednesday, January 21st, 2015
The scope and frequency of cyber attacks, data breaches, information disclosures, and the sophistication of the tools used to attack companies and individuals has been increasing at a tremendous rate.
It doesn’t strain our memories to come up with numerous prime examples including the deliberate corporate penetration of Sony (which was “easy”) and of Sands Casino (presumably very hard); or the exposure of super-powerful nation state sponsored attack software Regin that helps enable penetration of specific, complex targets. Don’t forget as well, the numerous phishing attacks that were propagated in 2014. And, perhaps just as infamous, the social engineering attacks in which malicious individuals tricked Apple and GoDaddy into revealing sensitive information.
All of these are different attack vectors, with different ultimate purposes, targeting individuals or corporations. All were successful. And the actual, complete list would be too large to publish (and would be impossible to know as more than half of data breaches go unnoticed).
Read the rest of this post »
Tags: attack, dkim, email, email identity, forged, identity, identity theft, jedi mind trick, phishing, regin, spear phishing, spf
Posted in LuxSci Library: Security and Privacy
No comments »
Monday, October 20th, 2014
No, your computer can’t catch the actual Ebola virus… its not even airborn yet. However, we are finding that criminals are taking advantage of the hype and scare and curiosity over Ebola to infect people’s computers more easily.
This is commonly being done via email. There are four prevalent types of email going around now that are meant to infect your computer:
- A fake report on the Ebola virus — when you click the link to read more, your Windows machine is infected with a virus that can collect and steal your personal information.
- A fake email from telecommunications provider that contains an important “Ebola Presentation” for your to download and view. If you do it, you install malware that can allow others to remotely control your computer, access your web cam, log what you type, etc.
- Fake emails talking about an “Ebola Cure” which contains a malware attachment and which asks you to forward the news on to your friends. The malware records your keystrokes and downloads additional malware on to your computer
- Fake emails about Ebola news and lists of “precautions”.
There are many other types of attacks and attack vectors that are being and can be exploited. We will go over many of these, below, and how to protect yourself from them. You should be very wary of any email received about Ebola, even if it appears to be from a friend. You should be especially wary of opening any attachments sent through email, unless you have good confidence that they are malware-free.
Read the rest of this post »
Tags: attachments, ebola, email, encrypted, file, infect, link, malware, phishing, skim, spam, spf, virus, zip
Posted in LuxSci Library: Security and Privacy
No comments »
Monday, September 8th, 2014
You need to send millions of messages to your large opt-in mailing list over the upcoming holiday season. You need these messages to go out pretty quickly and to not get blocked by your recipient ISPs so that the maximum number of your (potential) customers get your marketing messages and thus you can maximize your conversion rates on these messages.
This is a common scenario that we see, often from customers who have been using another provider that is excessively expensive, where delivery is sluggish, and/or where their messages are getting blacklisted or grey listed by their recipient’s systems.
Here we will share with you our standard prescription for solving this delivery dilemma once and for all. There are multiple important factors involved, each of which will contribute to your success.
Read the rest of this post »
Tags: dedicated server, deliverability, dkim, email marketing, high volume, ip addrees, pre-warmed ip, spf
Posted in Case Studies, Email Marketing
No comments »
Friday, October 11th, 2013
DNS (Domain Name Services) are as fundamental to email and web services as address books and published street addresses and phone numbers are to other types of communications. Without them, it is difficult to connect with new people and organizations and it is even inconvenient to communicate with your friends and family.
In this article, we cover the basic concepts involved in Domain Name Services (DNS) and domain registration, so that you can understand how they are involved in email and web hosting services.
Read the rest of this post »
Tags: dkim, dns, dns settings, domain, domain name service, easydns, mail exchange, propagation, registration, spf, sumdomain, time-to-live, ttl, txt, whois
Posted in LuxSci Library: The Technical Side of Email
7 Comments »
Tuesday, September 24th, 2013
So, you’re minding your own business, going about your daily tasks, checking your email, and suddenly your INBOX is flooded with a series of non-delivery reports (aka NDRs or bounce messages). But wait just a minute, you didn’t send these. How did this happen? Did someone steal your email address? How is that possible?
What has most likely happened here is that you’ve fallen victim to “backscatter“, or as it’s commonly known, bounce-back spam. As spam-detection techniques have evolved and become more accurate, the spammers have been forced to devise increasingly complicated and devious methods of getting their messages delivered. For example: email forgery.
Read the rest of this post »
Tags: backscatter, bounce, bounce message, catch-all, challenge response, dkim, domain keys, email alias, email forgery, mailer daemon, NDR, sender policy framework, spam, spf
Posted in LuxSci Library: The Technical Side of Email
6 Comments »
Tuesday, August 21st, 2012
LuxSci’s Premium Email Filtering has been enhanced to provide customers with the capacity to filter email based on DKIM signatures to provide more accurate protection from forged email.
Customers can add or upload lists of domains to be covered by DKIM checking (e.g. their own domains to start with) and can then say what should happen to messages when:
- a DKIM signature is present but is not valid
- no DKIM signature is present
- a valid DKIM signature is present
Enabling DKIM helps mitigate backscatter email and, even more importantly, eliminates inbound SPAM forged to appear to be from your own users or domains.
All LuxSci outbound email services support DKIM-signing messages; so enabling inbound filtering based on DKIM completes the loop of email authentication.
Premium Email Filtering also supports enforced use of SPF and TLS for inbound email from domains you choose. All of these things together serve to lock down your email flow and eliminate unwanted messages.
Tags: backscatter, dkim, filtering, spf
Posted in New Feature Announcements
No comments »
Monday, December 5th, 2011
LuxSci has long supported SPF for inbound and outbound email. SPF is a mechanism by which you can specify what servers are permitted to send email for your domain … and identify email from other places that may be fraudulent. This helps stop inbound Spam and helps ensure that your own messages are distinguished from any fraudulently sent ones by your recipients.
DKIM (DomainKeys Identified Mail) is the other standard for preventing email forgery. DKIM works by cryptographically signing each email message sent. The recipients can use information published in your DNS settings to verify if the message was sent from an approved location (e.g. the signature is valid) and that it has not been modified in transit.
LuxSci now supports DKIM for both inbound and outbound email.
See our online DKIM Generator Tool.
Read the rest of this post »
Tags: dkim, domainkeys, identified mail, spf
Posted in Email Marketing, New Feature Announcements
No comments »
Wednesday, June 23rd, 2010
It is an extremely common and annoying practice of spammers to send you email that is from yourself or your colleagues or friends. I.e. “forged email”. We discuss this problem in the article: Save Yourself From “Yourself”: Stop Spam From Your Own Address.
Users of LuxSci’s Premium Email Filtering service now have a new and very powerful weapon to stop this kind of spam — “SPF-enabled allow list entries”.
This feature allows you to easily receive protection from forged spam messages while at the same time ensuring that legitimate messages sent between users in your organization are not filtered or caught as spam.
Read the rest of this post »
Tags: allow list, dns, email filtering, spam, spf
Posted in New Feature Announcements
No comments »
Saturday, June 25th, 2005
Email Defense has been updated with several significant enhancements. These include an improved user interface and full support for Mozilla FireFox. Additionally, this new release includes the following significant addition:
Sender Policy Framework (SPF):
- We are adding a Sender Policy Framework classifier to the Spam detection system to help identify and block fraudulent “spoofing” emails — those sent by Spammers using forged “From” addresses.
- For each inbound message, the SPF classifier will look up the sending domain’s Domain Naming System (DNS) record and its list of authorized IP addresses (if such are specified). Messages that carry an IP address not found on the authorized list will be given a higher ‘spam-likelihood’ score.
- By determining whether or not the relationship between the DNS record and the IP address is legitimate, Email Defense can more accurately filter out fraudulent spoofed emails. As a result, this reduces risk for end-users who might be duped by the email into divulging confidential personal information.
- LuxSci supports the addition of entries to your DNS records which will support SPF — to help make it harder for Spammers to forge email from your domain. If you would like us to add an SPF record to your DNS entries or if you would like help in determining what SPF records to add yourself, contact our support team.
Tags: email defense, filtering, sender policy framework, spf
Posted in New Feature Announcements
Comments Off on Sender Policy Framework (SPF) added to Email Defense
It is an extremely common and annoying practice of spammers to send you email that is from yourself or your colleagues or friends. I.e. “forged email”. We discuss this problem in the article: 