The spam arms-race - from snowshoe to whaling 

The next (two) pairs of shoes belonged to ISPs and Mail Security Providers. Under the heading “Building up trust with ISPs and Mail Security Providers ̶ today's attacks and SPAM”, Cisco Systems’ Senior Technical Leader Don Owens and Sven Krohlas, Mail Security Specialist at 1&1, talked the audience through the arms-race between a spammer building his business and mail security systems. With much humor, they introduced the different types of spam attacks; snowshoe (using a botnet to send just a few emails per IP address), hailstorm (send as many messages as you can in a short period of time), phishing (fake emails that look like emails from authentic trusted companies), spear phishing (more detailed phishing emails including more personal details to smaller, more specific groups), whaling (very focused phishing attacks using social engineering to get big money from targeted individuals). 

Senders, who are you really? Prove it!

Owens and Krohlas talked through the measures senders can take to increase trust, by e.g. using a real public host name for HELO, using SPF, DKIM and DMARC, including unsubscribe links and headers, and using mail servers only for emailing (not for Minecraft). 

Don’t do, don’t do it, just don’t do it - don’t wash, don’t buy, be transparent. 

Don’t hide domains with domain privacy services. Warm up new IPs and domains. Require double opt-in. Include your brand name in the sender address, e.g. not update@..., but acme-updates@... Avoid using URL shorteners. List washing leads straight to the blacklist and totally destroys trust. Similarly, do not buy or rent lists. Owens and Krohlas both agreed; “your reputation is automatically boosted by being on the CSA white list, because we know you’re trying to do the right thing.