National Public Radio broadcast a fascinating report yesterday about the father of a United States Marine killed in Iraq who is petitioning Yahoo to allow him access to his son’s email account.  His desire is to preserve the messages he sent as a remembrance for his his family and friends.  Apparently Yahoo’s subscriber policy has no provision to allow authorized next-of-kin access to the accounts, but interestingly the report indicates that both AOL and MSN HotMail do.

This raises some interesting questions about all of our digital legacies.

Continue reading ‘What will become of our digital legacies?’

Today, we received an email from a well-known charity. The message talked about the charity’s work relieving suffering caused by last week’s tragic events in the Indian Ocean.

At least, we think the message was from a charity. The huge increase in phishing attacks recently gives us pause for thought. Being the email-savvy people we are, we think twice before clicking on emailed links to web pages.

Continue reading ‘Email from charity: phish or friend?’

Today’s AOL press release about spam volumes makes surprising reading.

To begin with, it talks about how AOL’s spam filters are better than they were last year. One would hope so, but we say well done to AOL, nevertheless.

But after that, AOL said some very odd things. It’s a complicated area and we can’t help but to presume that someone at AOL has been confused by statistics.

Continue reading ‘AOL spam: damned statistics?’

New technologies are becoming available that catch viruses very quickly: before you’ve received the anti-virus (AV) signature from conventional AV suppliers. They’re worth considering adding as a second layer of defense, after conventional AV.

We’re aware of at least four vendors with such technology: MessageLabs, MailFrontier, IronPort, and Avinti. We wrote about Avinti’s unusual detection method recently.

This is important; during 2004, viruses have propagated much more rapidly than in the past. This has made obvious a window of exposure — typically 6-to-8 hours — before you’ve been able to put in protection against a new virus.

The cost argument for these "zero-hour" defenses is simple, yet powerful:

Continue reading ‘ROI of Zero-Hour Anti-Virus Defense’

In the past we’ve seen some amusing tit-for-tat between Microsoft and IBM/Lotus around their respective messaging/collaboration user conferences.

For example, there was the big yellow Notes bus at one or more MECs (now sadly defunct). On a few occasions, Lotusphere^[1] attendees have arrived at Disney World^[2] with significant Exchange announcements from Microsoft ringing in their ears. It’s all in a day’s work for Marketing folk.

Continue reading ‘Lotusphere spoiler ahoy?’

Today Microsoft announced their new plans and timing for Exchange Edge Server.  Exchange Edge Server has now morphed into a new "role" for Exchange Server that administrators can deploy, similar to other Exchange roles (front-end server, back end-server, routing server, etc.).  This new "Edge role" will ship with the next version of Exchange, sometime late in 2006.  However, many of the features that were previously announced for Edge will ship in 2005 as downloads or service packs, and Exchange 2003 customers can deploy them as they choose.

The good news you can take away from this announcement is that Exchange administrators will get some additional technologies for battling spam, including an implementation of SenderID for Exchange. Microsoft will also be deploying some anti-phishing technology and Intelligent Message Filter (IMF) updates during 2005.

Even with the best attempts to spin it however, the bad news this announcement brings is that administrators are on their own for another year or more in the battle against spam…

Continue reading ‘Spitballs and band-aids’

Ed Brill’s comment to Richi’s post yesterday prompted me to post my own view on the "scorn" over the lack of an Exchange roadmap.

I don’t believe for a second that there is no Exchange roadmap in Redmond, it’s simply that they have not gone public with it.  I think there is a very sound reason for that - they don’t want customers on older releases who still have not upgraded to Exchange 2003 to start thinking "Well, maybe I should wait until the next release.."

I can’t say that I blame them…

Continue reading ‘On the absence of an Exchange Roadmap’

An observation: although Hotmail and MSN now examine SPF records as part of their spam scoring for incoming email, Exchange still does not.

The obvious place to put this feature would be in the Intelligent Message Filter add-on (IMF). Or is it? There’s also the rather nebulous "Edge Services" platform to consider. Microsoft is officially tight-lipped on Edge, but is hinting that they’ll have more to say very soon. However, if this article is to be believed, Edge has been delayed until 2006.

Surely Microsoft will roll out a SPF/SenderID update to IMF soon? The Lotus community’s scorn over the Exchange roadmap isn’t entirely justified, but it seems to be getting louder by the day.

At this time of year, we exchange Christmas greetings. Many of the expressions we receive are sincere. And many obviously aren’t, as when you receive boilerplate text that is irrelevant and you barely know the person concerned anyway.

In an important new project, Ferris Research has been tracking greetings sincerity. A key metric is what we call the sincerity ratio. This is defined as the number of sincere greetings received compared to the total number of greetings received.

In a sincere world, the value should be 1. Typically, in the business world--business being what it is--the sincerity ratio has been about .5.

This Christmas, with the widespread adoption of email by sales staff of every persuasion, it’s dropping rapidly. We predict a sincerity ratio of .1 to .2. In other words, one out of every five to ten greetings received will be sincere.

The omens are dreadful. Next Christmas, expect a sincerity ratio of about 2%. For every sincere greeting, you’ll be sent about 50 insincere ones. And it’ll be worse in ensuring years. O, shallow world!

Author: David Ferris

Continue reading ‘Xmas Greeting Sincerity Erodes Rapidly!’

In InformationWeek, Bob Evans polled for ideas to stop spam. We’re not very impressed with the answers he got. (Reading between the lines, it doesn’t sound like he is, either.)

The best contribution turned out to be Tempfailing. In case you’ve not come across this before, the idea is that if a receiving MTA "tempfails" an incoming connection, spammers will give up and go somewhere else. An example of a tempfail is, "451 4.7.1 Please try again later." Legitimate MTAs will just pause and resend, so the theory goes. (Note that many people call this "Greylisting," however other people use that term to describe other anti-spam techniques.)

Nice idea in theory, but in practice, it doesn’t work any more…

Continue reading ‘Is this the best we can do to fight spam?’