Category Archives: Mail

Gmail 支援第三方軟體掛入了...

以往都是第三方廠商要透過 browser extension 硬掛進去 (當 Gmail 改版的時候又要修),現在 Gmail 直接提供界面讓他們掛進來了:「Do more from your inbox with Gmail Add-ons」。 包括 Gmail 以及 G Suite 都能用 (應該會需要管理員掛進來?): Knock out action items the minute they hit your inbox. G Suite and Gmail users can check … Continue reading

Posted in Cloud, Computer, Mail, Murmuring, Network, Service, WWW|Tagged , , , , , , , , , |Leave a comment

DHS 要求郵件系統都必須使用 STARTTLS、DMARC,並且全面禁用 RC4 與 3DES

在 Twitter 上看到 18F 貼了 DHS 的新規定:「Enhance Email and Web Security」。 Just launched by our friends at DHS! A new federal directive to require DMARC and STARTTLS, and to cut RC4 and 3DES: https://t.co/gp5G7A6LMA pic.twitter.com/6V4UJ9sGIo — 18F (@18F) October 16, … Continue reading

Posted in Computer, Mail, Murmuring, Network, Privacy, Security, Service, WWW|Tagged , , , , , , , , , , , , , , , , , , , , |Leave a comment

Amazon 的 SES 推出 Dedicated IP Pool

Amazon SES 推出了 Dedicated IP Pool:「New – SES Dedicated IP Pools」,也就是發信時可以使用自己專屬的 IP address。 Today we released Dedicated IP Pools for Amazon Simple Email Service (SES). With dedicated IP pools, you can specify which dedicated IP addresses to use for sending … Continue reading

Posted in AWS, Cloud, Computer, Mail, Murmuring, Network, Service|Tagged , , , , , , , , , , , |Leave a comment

Amazon SES 增加開信率與點擊率的功能

Amazon SES 的產品定位不是 transaction mail 嗎?這個功能沒看懂想做什麼 XD:「Amazon SES Introduces Open and Click Metrics for Tracking Customer Engagement」。 Amazon Simple Email Service (Amazon SES) now includes the ability to track open and click events, as well as the ability to publish … Continue reading

Posted in AWS, Cloud, Computer, Mail, Murmuring, Network, Service|Tagged , , , , , , , |Leave a comment

又是 ImageMagick 出包...

ImageMagick 的 information leaking,然後 Yahoo! 很無奈的中獎,所以被稱為 Yahoobleed:「Yahoo! retires! bleeding! ImageMagick! to! kill! 0-day! vulnerability!」。發現問題的作者把問題寫在「*bleed continues: 18 byte file, $14k bounty, for leaking private Yahoo! Mail images」這邊。 作者利用 ImageMagick 的不當處理,取得 uninitialized memory 的資訊,藉以取得可能是上次轉檔的記憶體內容。而這個 jpeg 只有 18bytes (所以作者戲稱每個 byte 價值 USD$778): A … Continue reading

Posted in Computer, Library, Mail, Murmuring, Network, Security, Software|Tagged , , , , , , , , , , , , |Leave a comment

Uber 戰火蔓延到 Unroll

最近 Uber 的 CEO 被 Tim Cook 叫去喝咖啡的事情被報導出來:「Uber’s C.E.O. Plays With Fire」,裡面提到了 Uber 試著要「辨別」使用者的 iPhone,而這違反蘋果的政策: To halt the activity, Uber engineers assigned a persistent identity to iPhones with a small piece of code, a practice called “fingerprinting.” Uber could then … Continue reading

Posted in Computer, Mail, Murmuring, Network, Security, Software|Tagged , , , , , , , |1 Comment

Amazon SES 提供 Dedicated IP Address 的養 IP 機制...

透過混搭本來的 shared IP address (已經對各 ISP 有信用) 與客戶租用的 dedicated IP address 混發,然後一段時間後養起來 (最多 45 days):「Amazon SES Can Now Automatically Warm Up Your Dedicated IP Addresses」。 Amazon SES controls the amount of email that can be sent through an IP address. … Continue reading

Posted in AWS, Cloud, Computer, Mail, Murmuring, Network|Tagged , , , , , , , |2 Comments

Amazon EC2 會對 Port 25 的連線數量限制

起因於一台 ap-northeast-1 的機器 (東京) 會使用 us-west-2 的 SES (美西,奧勒岡),然後發現信延遲的有點嚴重,看 mail log 發現是因為連線 timeout。 查了以後發現在「Amazon SES SMTP Issues」這邊就有提到 EC2 instance 對 port 25 有限制: You are sending to Amazon SES from an Amazon EC2 instance via port 25 and you cannot … Continue reading

Posted in AWS, Cloud, Computer, Mail, Murmuring, Network, Spam|Tagged , , , , , , , |Leave a comment

Gmail 要開始導入 SMTP Strict Transport Security 了

SMTP MTA Strict Transport Security 算是 SMTP STARTTLS 裡的 HSTS 機制,而 Google 的人在 RSA Conference 上提出要開始用了:「SMTP STS Coming Soon to Gmail, Other Webmail Providers」。 Elie Bursztein, the head of Google’s anti-abuse research team, said at RSA Conference that SMTP STS … Continue reading

Posted in Computer, Mail, Murmuring, Network, Security, Spam|Tagged , , , , , , , , , , |Leave a comment