Virgin Media is so rustic and artisan you get to hand-sort your own spam

Can't beat that headline. UK ISP Virgin Media is having a few problems with its spam filters, reports the Register. Previously hosting user mailboxes on Google-managed systems, the ISP was forced to bring it back in house after Google stopped selling the service to ISPs. Apparently, hilarity has ensued.

Good news for senders: Instead of blocking mail outright, suspected spam will now be routed to the spam folder. Sounds like ISP users will be able to identify spam and non-spam to the ISP, to help improve the filter over time.

A quick search suggests that @ntlworld.com and @blueyonder.co.uk are probably the relevant Virgin Media email domains affected by this issue. I'll update this post if I learn more.

MegaRBL DNSBL FUBAR

Over on the Word to the Wise blog, Laura Atkins explains what happened with that spate of short-term MegaRBL DNSBL listings you may have noticed last week.

AOL FBL Sending Address Changing

The AOL Postmaster Blog reports that on January 16, 2017, the from address for AOL feedback loop complaints will change from
scomp@aol.net to fbl-no-reply@postmaster.aol.com

AOL Postmaster Lili Crowley reports that this change is being implemented at the same time as they implement DKIM signing of all complaints sent.

AOL seems to be timing the change to occur after the busiest part of the Holiday email season has passed.

Putting Spam to the culinary test

Time for a distraction. The Staunton (VA) News Leader reports on the Virginia Military Institute's Spam challenge, wherein chefs are tasked to "create an entree and two sides using only five mystery ingredients and anything from the pantry, which was comprised of items that would have been available to the World War II-era home cook." Spam croquettes, anyone?

Holiday Season Tip: Don't Experiment

Hey, November and December are a big, important time period for online retailers. Lots of people always ask me what they should do to minimize the risk of deliverability problems during this period. Keeping in time that ISP email volumes are up (way up), ISP staff managing unblocking requests are probably getting more requests than usual, and that they all have holidays they're going to go on at some point. There's not always going to be a backup contact able to help. Responses are going to be slower. Maybe even less forgiving, out of frustration.

So what is the one most important thing you can do to make sure you don't have to deal with any of this? Avoid surprises. This isn't the time of the year to experiment. Don't add a new list. Don't buy a list. Don't mail a seven year old list that you just found in the back of a cabinet (that really happened). New lists, new data sources, anything you haven't been mailing to recently already, that adds new risk. Without knowing the reputation history of mailing to these "new to you" subscribers -- and how they're going to react to your mail in particular, you're opening yourself up to deliverability trouble.

Avoid that trouble. Don't start changing things now. Get through the season before adding more variables to what you're doing.

Gmail Updated on iOS

Google announced an updated version of the Gmail email client for iOS devices today. The big new enhancements seem to be "undo," "swipe to archive or delete" and a faster search function. There does not appear to be any support at all for list-unsubscribe functionality, which Gmail's Android client appears to have. Poking around in the new version of the iOS app, I can't get it to trigger any sort of action based on the list-unsubscribe header whatsoever. Strange, given Gmail was long a driver of this functionality.

Email and the 2016 Presidential Election

Just a few more days until the election, and then everybody can calm down and get back to their normal lives, I hope.

Every time I read the Washington Post, I see another article about email servers or weird DNS server activity. It's tiring.

I don't have the strength or energy to debate folks about the Hillary Clinton email server saga, so I'll just link back to this Word to the Wise post from July where Steve Atkins quotes Lane Winree on how plausible the explanation for the HRC email server scenario actually was. I do personally find it quite plausible. Of course, some commenters disagree, but security best practices aren't a monolith now, nor were they then.

Then there's this whole question of whether or not a Trump owned/managed server was communicating with a Russian bank. One of the people quoted in the Salon article is Paul Vixie. I worked for Paul around 15 years ago. We're not friends, but I generally think of him as a smart guy. Unfortunately, the more I read about this, the more it smells like this was probably just an email service provider running a dedicated outbound email server for marketing campaigns for some business of Trump's. The traffic could just be "typical ESP stuff" -- click tracking connections, image hosting lookups, performing DNS-based authentication checks, etc. and I could pretty much see a few really smart DNS nerds getting confused and thinking something more nefarious was afoot. I think the folks at the Intercept probably agree with me.

So, little to see on one hand and nothing to see on the other. Back to work, everyone.

Barracuda (was) down

Founded in 2003, Barracuda Networks provides anti-spam and security-related hardware and services and was believed to have more than 150,000 clients as of 2014.

Looks like if Barracuda hosts your spam filtering or mail services, you might not be receiving email right now. Multiple folks are telling me that they're having trouble connecting to Barracuda servers to deliver mail. The Register (UK) has mention of Barracuda downtime today as well.

As of 2:26 pm Eastern Time on Wednesday, November 2, 2016, Barracuda's status website says: "Investigating - Customers are experiencing delays with inbound message delivery. Outbound is unaffected.  [...] Engineering and Operations teams are still working to resolve delays in mail delivery."

Update: November 3, 2016: "Barracuda Networks is still continuing to see a large number of inbound connections from unverified sources for customers using Essentials for Email Security and Cloud Protection Layer. We have successfully filtered and are actively monitoring the situation while taking the appropriate actions when needed. Email processing has returned to normal. Previously delayed emails are now being accepted and processed."