Dutchman Arrested in Spamhaus DDoS

Brian Krebs reports on the arrest made in response to the recent massive distributed denial-of-service attack against anti-spam group Spamhaus.

(Hat tip: Laura Atkins)

COI: Another List Manager's View (or two)

Ken Magill posted today on "Why Fully Confirmed Opt-in Sucks." It's definitely worth reading, and I hear where Ken's coming from.

To "lose a subscriber" through their failure to confirm, that can really hurt when a list is pretty small. I should know -- I do know this myself -- because I managed the email list for my friend's wonderful jazz club in St. Paul, Minnesota, from late 1998 through mid-2006. (That would be the Artists' Quarter, by the way, and you should definitely go there next time you're up in the Twin Cities. Tell Kenny and Davis that Al sent you.)

For the AQ email list, I used COI from the start. It wasn't necessarily a political statement. It was born of using the tools I had handy. I had previously written a confirmed opt-in list management tool myself, so that's what I used.

Payday Loans in the News

It looks like email permission is not the only challenge for some payday loan marketers. Case in point: This weekend I ran across this story on Slashdot explaining how a Wordpress plugin was hacked to include a link to a UK payday loan site.

Tons of Misdirected Mail

In Laura Atkins' blog post where she shares her thoughts on COI, she links to this amazing article from the New Yorker, where Matthew J.X. Malady shares a bit of insight about the vast amounts of misdirected mail received at his own vanity Gmail account.

Does COI make sense?

You've read one point of view somewhere else. Now go read this different, very well thought out take on the subject. It provides a very good overview of the considerations surrounding whether or not you would want to implement confirmed opt-in.

Two-step auth coming to Microsoft?

I'm very happy to hear that two-step (also call two-factor) authentication is coming to Microsoft, supposedly in the near future. Yahoo! and Google have had it for a while now, and I'm a big fan. Getting spam from a friend's hacked account is a common attack vector and anything that a platform and its users can do to better lock down accounts to prevent unauthorized access means less spam for you and me.

Sky.com Transitioning to Yahoo! Mail backend

One of the UK's largest ISPs, Sky.com, has hired Yahoo! Mail to run their email infrastructure. For more information, surf on over to this page with current status and details. Sounds like it's not going so well for subscribers.

What does this mean for senders? Smart UK deliverability consultant Richard Bewley brought two very important questions to my attention: Does this mean that the Yahoo! FBL now covers sky.com? And also, does this mean that a poor sending reputation with sky.com recipients will impede your overall ability to get mail to the inbox at any Yahoo-hosted mailboxes? I'm not sure of the answers to those questions today, but I rather suspect we'll eventually hear "yes" to both of those. Stay tuned!

(H/T: Richard Bewley)

Worst Write-up?

Can't blame this on the date, as it was posted days ago. This publication would like you to know that "the attacks were focused on a company called Spamhaus, which maintains a "domain name system" to connect a typed-in URL to the correct server hosting the appropriate content."

Uh, what? You probably shouldn't be allowed to write any more stories covering tech until you learn what a spam filter is, what a DNSBL is, and even what DNS is.