Arrests made in "Mariposa" botnet that infected 13 million PCs

Boing Boing says: "AP reports that authorities in Spain have cracked one of the biggest botnet rings in history, with three arrests made and more coming. The so-called Mariposa botnet appeared in December, 2008." Read more...

Quick Hits

Annalivia Ford, the AOL employee most senders interacted with if they had deliverability issues at that particular provider of mailboxes, has indicated that she's moving on; leaving AOL. A sad day, of sorts, but maybe not -- with AOL's recent layoffs and the world being a different place than it was ten years ago, it's been clear for a while now that mailboxes may no longer be one of AOL's primary points of focus. Her last day at AOL is March 5th. You'll be able to continue to keep up with whatever she's working on over at her blog, www.annaliviaford.com.

On March 1st, Spamhaus launched a new domain blacklist called the DBL. It sounds great, and I trust that the folks at Spamhaus know what they're doing. It's too new for me to have done any testing, so I haven't yet personally observed it being great at catching spam or not. They recommend using it both for from address (sender) and content (URI/URL) filtering. They also recommend continuing the previous practice of changing URI/URL FQDNs into IP addresses and checking those against the SBL as well, in a two-stage filtering process.

Identify anonymous domains with anonwhois.org

Check out this neat new project at anonwhois.org: It's domain data, published in a format similar to a URI DNSBL or RHSBL (right-hand side BL). Meaning, in short, it's a DNS-based list that you can check domains against. What does it tell you? Whether or not a domain is registered anonymously; that is to say, whether or not a domain is registered behind a "privacy protect"-like service. Like many other spam fighters, I've long considered it a bad idea to hide ownership of your domain in this manner. And now, if you, like me, think it's a bad idea, you could use the ANONWHOIS data to help score or otherwise identify messages that come from such domains or use such domains in images or links.

More on Netprospex

I thought I would take a moment to follow-up on my recent post (Bad Advice in the B2B Space) covering Netprospex's suggestion that "opt-out" is good enough. It seems as though more and more folks have been expressing opinions on Netprospex's advice and even the company's business model. Here's what they had to say.

Ask Al: Additional Received Headers?

Jeremy writes, "Hey, Al! I was wondering if you could help me make a case for adding additional received headers to outbound messages. At the company I work for, one of our technologists convinced the head guy that we should try adding additional unique received headers to every message, rotating through unique IP addresses and host names. Do you have any insight on whether or not this would be a good or bad practice? Thanks in advance."

ClickZ: Goodmail CEO Steps Down

ClickZ reported on February 18th that "Peter Horan's two-year run as Goodmail's CEO came to an end on Feb. 12, though the Internet marketing veteran will stay on as chairman for the certified e-mail service provider. Speaking with ClickZ late Thursday afternoon, Horan confirmed an Internet rumor that he had stepped down." Read the rest here.