Pretzel Logic

This blog has been a bit quiet lately, but Pretzel Logic has not. In fact, we're announcing some new e-mail features.

Before I get into the new features, I should explain that to get the most out of Pretzel Logic, you should be accessing your mail through IMAP, and not POP3. IMAP stores your mail on the server and only downloads what it needs to, while POP3 downloads everything to your local inbox then deletes it from the server. Since the mail is now stored only on your computer, it is not accessible from other locations. IMAP keeps the mail on the server and therefore allows you to check your mail from multiple computers, or multiple clients. You can even see your sent items and drafts! In addition, since the mail is still on Pretzel Logic's servers, it can be backed up and restored by Pretzel Logic should the need arise. Another difference is that POP3 only knows about your inbox, so any sorting must be done by your e-mail client. IMAP actually stores the individual folders on the server. This allows Pretzel Logic's servers to do the sorting for you, and allows the first new feature called "plus addressing" to work.

Plus Addressing
Plus addressing allows you to have an infinite number of unique e-mail addresses, and have those addresses be automatically sorted. Here's an example of how I use it:
I log into eBay and change my contact address from John.Ross@pretzel-logic.ca to John.Ross+eBay@pretzel-logic.ca. Then I simply create an eBay folder in my mail program and wait for mail to arrive to that address. When it does, it will be delivered into my eBay folder automatically. Forgot to create your eBay folder? No problem. If the folder doesn't exist, it simply gets delivered to your inbox.

That last point is a powerful feature. If the folder doesn't exist, then mail is sent to your inbox. That means you can just make up addresses on the fly! If a web page is asking you for your e-mail address and you're not sure if they're going to spam you, you can give them a unique address. If you notice that a unique address starts to get unwanted mail, you can tell where the address was harvested from. Don't want their messages in your inbox any more? Simply create a folder named the same as the plussed part of the address, and those messages will be diverted into the new folder.

Keen-eyed observers may have noticed that Pretzel Logic is already using plus addressing when we see a message we think might be spam. Not only do we change the subject of the Message to make it obvious, but we actually send it to your +spam address. Don't want spam in your inbox? Create a folder named spam and any new spam will get filtered for you.

New Mail Administration Tool
Up to this point whenever you wanted to create new e-mail accounts or add aliases, you had to ask us to do it for you. Now you can do all that yourself! There is a new Mail Administration tool that allows you to add and remove e-mail accounts, edit forwarding rules, change passwords, and even set quotas on accounts.

To access this new tool, either select the "Mail Admin" link from the "Support" menu, or go directly to the URL: http://admin.pretzel-logic.ca/mailadmin/. If you're the administrator for your site, you can login with your e-mail address and password. Once you've logged in, you should see all your domains, and can select the domain you wish to make changes to. If you want to allow more administrators to make changes, just let us know. There's no limit to how many people can have access. Of course, keep in mind that any administrator can edit all your e-mail accounts, so for security I recommend keeping that list small.

Of course if you still prefer to have us make the changes, that's fine too. All you ever have to do is ask.

That's it for now, but there's a few other nifty features coming soon. Keep an eye here for further announcements in the coming weeks.

Cheers.

Labels: MailAdmin, New Features, Plus Addressing

SPAM has exploded in recent months. Spammers are clearly winning the battle. One of the reasons is that we spend too much time on the defense and not enough on offence. We're all annoyed by SPAM and have employed filters to keep it out of out inbox, but how many of us are active in making sure SPAM never gets sent in the first place? If we make a little effort to stop SPAM where it originates, we might be able turn the tables on the war.

Here's what you can do to help with the fight:

1. Check your computer for viruses. Most SPAM is being sent from "zombies" - that is computers that have viruses on them and are controlled by someone else. Even if you're already running a virus scanner, it's a good idea to double check since no virus scanner will catch everything. One of the easiest ways to double check is to use a free online service from Trend Micro. They have an application that can check for viruses right from your web browser. Just point your browser to: http://housecall.trendmicro.com/ and follow the instructions. The scan and cleanup will each take an hour or so, but you can let it do it's work in the background. The long wait is worth the piece of mind.
   


2. Don't reply to SPAM; don't click on the links; don't buy any stock advertised in SPAM. SPAM exists because it works. Some types of SPAM get up to a 20% response rate. The stock SPAM that is dominating these days earns the spammers as much as 5% in two days. Yes, its possible you might also make a bit, the spammers are going to make a lot more - and send more SPAM. BTW, the average person who buys stocks advertised in SPAM chalks up a 3% loss - and that's before brokerage fees. As a personal favor, if you know of anyone who has ever bought anything advertised in a spam (even if it was a great deal) give 'em a good slap upside the head. Then tell everyone else to do the same.
   
   
3. Don't even open the message. Even if you don't click on anything sometimes spammers can tell if you've read the message. That's thanks to HTML messages which often load graphics from remote websites. All the spammer needs to do is see who loaded the graphic to know who's reading the messages. They can use this information to test how well different messages are making it past filters. They then use this information to make better SPAM that the filters can't catch.
   


4. Make sure your ISP blocks port 25 from its customers. It's a bit of a pain when ISPs do this, but it helps immensely. SPAM would be almost non existent if all ISPs did this. As I mentioned in the first point, most SPAM comes from zombied computers. There is no reason why your desktop should be connecting to any servers to send mail - other then your ISP's servers of course. The downside is that if you have a laptop you might have to change your settings between the office and home. There are ways to mitigate the pain, however - such as authenticated SMTP on a different port. If ISPs simply blocked all SMTP traffic from their customers to anything other then their servers, they can filter the mail even before it gets out of their network - and then contact the customers who are spamming.


5. Remember what you subscribed to and properly unsubscribe when you decide you no longer want the information. These days many SPAM filters can be trained, but as the saying goes "garbage in, garbage out". Basically, if you sign up for stock information from a legit source, then decide you no longer wish to read the bulletins, don't train your filter to stop them. This just pollutes the filter and makes it more likely that it will block legit e-mail and miss SPAM. On top of that, mail is still being sent to you, and it still takes bandwidth and resources from your provider.
   
   
6. Make sure your ISP publishes and checks SPF and/or DomainKeys records. They're a method to specify which mail servers are authorized to send mail for a given domain. This in itself doesn't stop SPAM, but once we can stop forgeries it will be easier to identify them. I'm sure we've all seen mail claiming to be from Microsoft Support telling us that there's a new virus - and to install the included patch to fix the problem. Would it surprise you to find out Microsoft Support never sends patches out by e-mail? Scams like that would grind to a halt if ISPs checked SPF and DomainKeys records. (Microsoft already publishes SPF records.)
   

These ideas aren't widely used because they don't directly benefit the people who implement them. However, if everyone used them we would have a much easier time in filtering out what does get sent. Then we can finally start treating the problems instead of the symptoms.

Cheers

E-mail recently passed the big three-five. Sometime in late 1971 a geek by the name of Ray Tomlinson sent the first e-mail message.

Ahh... thirty five years. Marketing for penis enlargements has never been the same, and millions have hit the "enter" key with reckless abandon: for thirty five years people have been sending e-mails they wish they hadn't. Yes, I've sent more then a few I wish I could have pulled out of people's inboxes. At least none of my messages made it to the list of top five most embarrassing e-mails.

Not sure how to celebrate this holiday, but something tells me it should involve Viagra, genuine Rolex watches, and penny stocks. I'll leave the implementation to your imagination.

Cheers.

Considering the theme of some of my recent posts, I just couldn't resist sending this link along.

As part of the court cases against the Enron executives, 200,000 e-mails were entered into evidence - and therefore became public domain. Now, a company called Trampoline has made all this e-mail available on-line at: http://enron.trampolinesystems.com.

Check it out. It really paints a fascinating picture of the fall of Enron.

The news is in: ex-Enron CEO Jeff Skilling was sentenced to 24 years in prison - just 6 years shy of the maximum sentance for his charges.

Jeff's sentence is in line with other corner-office convicts. WorldCom's Bernard Ebbers got a 25-year sentence, former Tyco chairman Dennis Kozlowski was sentenced to 8 to 25 years, and John and Timothy Rigas of Adelphia received 15 and 20 year sentences for their shenanigans. Skilling's lawyers said that 30 years was a life sentence to a 52 year old, but I bet a lot of people are happy with that. At the sentencing many people stated how they were sentenced to a lifetime of poverty after dumping all their savings and 401Ks (The US version of RRSPs) into Enron at the suggestion of Jeff Skilling and Ken Lay.

Is this sentence harsh enough? One of the considerations for handing down a sentence for any crime is to deter others, yet fraud is everywhere - even at grad school. In a recent study, 56 percent of graduate business students admitted to cheating in the past year, with many saying they cheated because they believed it was an accepted practice in business. Yes, that's more then half of all business students are already cheating (and those are only the ones who admit it). And why not? They're often rewarded for their unscrupulous activities. Donald Trump himself applauded one team on "The Apprentice" after they fraudulently obtained some megaphones, and likely made the difference between winning and losing the challenge. Is it even possible to compete in markets where everyone else is cheating, or is it true that "nice guys (or gals) finish last"?

Jeff's sentencing is a step in the right direction. His sentence may be harsh, but it's obvious that an example must be made to show business leaders that crime doesn't pay. I'd personally love to see even harsher sentences, or even creative sentencing. Imagine if you could sentence someone to a $30,000-a-year standard of living - that would be a much larger deterrent then the Martha Stewart style day camps that seem to be the norm.

Cheers.