Archive for the ‘spam’ Category

Picking an Email Address – Don’t use a Free Account from your ISP

Wednesday, July 14th, 2010

I’m about to rant about our local cable internet provider, Shaw’s, mediocre email. Their hit-and-miss SPAM filters decided to block an email newsletter that I manage for a local retailer. I hate it when that happens. Shaw.ca email addresses are about 25% of the list, so when they block a message, I know. And it makes my numbers look bad.

When picking an email address, you have three general options:

  • Your own hosted email (maybe like the one at work?)
  • A free webmail provider such as Gmail, Hotmail, or Yahoo Mail (actually, these are not strictly webmail, in particular Gmail offers excellent standards based access to your mailbox that you can use with any standard email application).
  • Your Internet Service Provider’s free email. Around here, the two big providers are Telus (ADSL) and Shaw (Cable). Of course, if you use our Ivy DSL service, we offer you ivydsl.com email addresses too.

    • What should you use?

    I strongly recommend that you use a webmail provider. Especially Google’s Gmail.com. However, Microsoft’s Hotmail.com and Yahoo’s Mail are satisfactory too, certainly better than your ISP.

    Why?

  • To your ISP, email is an expense. No one ever chooses between ADSL and Cable Internet because the email is “better”. Thus, the incentives are to put the least effort and expense into email services. As long as the service is passable… it doesn’t really matter.
  • To a webmail provider? Email is the product. Period. It has to be good, and it has to keep getting better to be competitive. The more people that use their service, the more advertising that they can sell.
  • The big webmail guys have 100′s of millions of email accounts. Your big ISP? I think Shaw and Telus each have less than 10 million accounts. Bigger is better when it comes to providing email. Your staff and equipment and processes get spread over more users. Providing good email boxes is complicated, thanks to the incredible volumes of SPAM.
  • Besides, some day you will change your ISP – unless of course you intend to stay with your ISP until the day you die. When you do change providers, you’ll have to also change your email address. That’s a lot of work. Choose a 3rd party email provider, and you won’t have to worry about that.

    • The proof is in the pudding. Most people don’t maintain an email address at major email providers for testing purposes. I do. The test shaw.ca email address is full of opt-in email newsletters that have been misfiled as SPAM. Including the occasional one that is managed by me.

    There will probably be more posts regarding email newsletters, particularly ones in BC and Alberta. It’s something I deal with a lot, and it’s about time I share some tidbits.

    Tags: , , , , , , , , ,
    Posted in BC, Ivy DSL, annoying, email, spam, vancouver | No Comments »

    FidoListens.ca? Who are you?

    Friday, July 3rd, 2009

    I care about email security and transparency of email content a lot.  I deal with it all the time as a contractor who produces a email newsletters for local retailers.  I’m also the guy who teaches end users (including family) to be extremely skeptical about all the email they receive because 90% of it is fake, SPAM, and scams.

    So, I get peeved when larger firms do email communications wrong.

    Today I received an email invite from a company claiming to do work for Fido.  I think it’s cringe-worthy.

    My first step in my research was a quick glance at the Fido homepage – no mention of a new survey program, though, I didn’t really expect to find one.

    Looking strictly at the email itself then, here are some tidbits:

    Subject line:  Invitation to Join the Fido Listens Panel

    OK so far.

    From: Fido Listens Team <fidolistens@itracks.com>

    Who is iTracks.com? I’ve certainly never heard of them.  Definitely a yellow caution flag.

    The email copy talks about a survey and some prizes for participating in Fido’s latest customer feedback thing.

    A lot of scams offer prizes or financial incentives.   Can you get two yellow caution flags?  Or maybe just upgrade to a larger one.

    The survey link goes to  https://surveys.itracks.com/survey/RogersFido_4?ID=xxxxxxx.

    Well,  iTracks.com hosts the survey.  Their homepage looks legitimate at least.  Funny, I was expecting iTracks.com to be an online MP3 store.

    And a support email address of support@fidolistens.ca.

    Wait, now what is fidolistens.ca? More on Fido Listens later on.

    And a contact mail address of Ipsos Reid, a well respected research firm based in Vancouver.

    Ah! I’ve heard of them. Actually, I know people who have worked there. Of course, anyone can write an email with someone else’s legitimate mail address.

    So, let’s review. Yes, I am a Fido cellphone user.  But who is iTracks.com?  Do I really believe that they got my email address from Fido? Who is FidoListens.ca?  And is IPSOS really involved?

    fidolistens.ca?  At least this was somewhat comforting.  The vanity domain of fidolistens.ca forwards to https://iaf.ipsos.ca…, i.e. a page belonging to IPSOS and transparently hosted by them on their own domain.

    In the end, I feel comfortable doing a survey that is hosted by IPSOS.  But that’s only because I know that IPSOS Reid is a legitimate firm.  A little over a year ago I ranted about another Fido survey attempt in my blog post, How to Properly Use 3rd Party Web Services, I didn’t feel comfortable with the firm conducting that survey.

    If you are using a 3rd party firm for surveys or anything that is customer related, please make it easy to verify that it’s legitimate.  At Papaya Polls, we offer to host our pages under your own subdomain.  It works great and it is very confidence inspiring.  I would have zero hesitation in doing a survey which had a web address of http://fidolistens.fido.ca or http://surveys.fido.ca.

    Anyway, enough ranting.  Time to enjoy the sun.

    Tags: , , , , , ,
    Posted in email, marketing, papayapolls.com, security, spam | No Comments »

    Yikes! “Removal from Google’s Index”

    Tuesday, February 3rd, 2009

    I hate it when people with vacuous business models try to sap my web reputation and waste my time.

    Earlier this week, Google sent me a friendly note with the subject line: “Removal from Google’s Index.” My first thought was that it was a scam or a phishing attempt.  But no, after examining the links carefully and doing a couple web searches, it turned out to be legit.

    A blog we host was running WordPress version 1.5.  It’s not an active blog. It’s up  for posterity, so we didn’t really care that it was several versions out of date.  Unfortunately, that version of WordPress, and everything prior to 2.5.1 (I think), is exploitable.

    In our case, it had been hacked to have hidden text links for run-of-the-mill spam links such as porn, pharmaceuticals, etc. In fact, the links appear to have changed a few times over the week or more that it had been compromised. Google noticed, and told us to get rid of the spam links or else it would be booted out of it’s search results.

    So, upgrade WordPress we did. Overall, cleaning up the mess wasn’t too bad.  It could have been worse.

    The moral of this story?  Do backups. Check for upgrades of software every once in a while (yeah right). And make sure that one or more of these email addresses work: contact@yourdomain.com, info@yourdomain.com, support@yourdomain.com, webmaster@yourdomain.com.  These are the addresses to which Google addressed the email.

    My wish?  That WordPress and other common web applications had a single line in their FAQ that said in 100% unambiguous language what was the minimum version of software that was free of exploits.  I looked for several minutes to see if this blog, running WordPress 2.5.1 was ‘safe’.  In the end, I couldn’t tell, so I decided to upgrade to 2.7 while I had all the files handy.

    Tags: , , , , ,
    Posted in problem, security, spam | No Comments »

    User Friendly Form Spam Block

    Thursday, December 25th, 2008

    SPAM, SPAM, SPAM. How do I hate thee.

    Well, it finally happened again – abuse of one of our web pages by spammers.  This time, it is form spam – an automated web crawling tool (I assume) has discovered the “save/send/share” feature of print-bingo.com.  That form lets print-bingo.com users email their custom bingo designs to friends, family, or themselves. This form is now used by a spam bot network to send poor quality spam using our “invite” emails.  I’m currently getting about 10 bounce backs a day and growing – it has to be stopped before my VPS gets blacklisted for spamming.

    I could setup a CAPTCHA, but I hate them – particularly the ticketmaster.com’s.  So, I will try to foil spammers with simple tricks to fool “dumb” automated spam software.

    I’m trying a hidden to humans “fake” email field.  This post Quick tip to fight email form spam is the model.  The basic idea is to create a form field with “email” in the name and hide it with CSS (display:none) so that humans will not see or fill in the field.  Then deny attempts to use the form where the hidden field has been filled in.

    We’ll see how well this works.

    Merry Christmas!

    Tags: , , , ,
    Posted in annoying, email, programming, spam | No Comments »