Industry Updates

Google Postmaster Tools Reputation data issues (UPDATE: Appears Resolved)

IP_Reputation_-_Postmaster_ToolsUPDATE: As of this morning (9/12) IP reputation data appears to be displaying correctly and domain reputation data is being provided.

If you’ve checked Google Postmaster Tools lately, don’t freak out just yet about your IP reputation. As first reported by Word to the Wise,  the IP reputation metrics appear to be broken at the moment, displaying a “Bad” reputation for all IP addresses since 9/9. I’ve seen this in my own Postmaster Tools account, along with a lack of data for domain reputation since 9/8. Authentication and Encryption metrics appear to be working correctly for me, but I can’t say for sure whether the Spam Rate, Feedback Loop, or Delivery Errors charts are correct – they all show zero since 9/8, but that’s not uncommon in my experience.

Like Laura, I’ve not seen any delivery problems associated with the change in metrics, with bounce and open rates at Gmail pretty consistent based on a few spot checks.

As of yet there doesn’t appear to be an official confirmation from Gmail, but clearly something is hosed with their data. Is it possible this is tied to the Postmaster Tools updates that were promised a few months back? I’d say it’s unlikely…but a guy can hope, right?

– BG

Industry Updates

Google: TLS auth warnings work, malicious link warnings now more prominent

Today on the Google Security blog, the email giant took a moment to laud the success of their “lock icon” indicating that a sender or recipient of an email doesn’t support TLS encryption. The post indicates Google has seen a 25% increase in the amount of inbound mail authenticated with TLS in just 44 days since the change was implemented.

In light of this success, Google has teamed up with Comcast, Microsoft, Yahoo, and others to draft an IETF spec for “SMTP Strict Transport Security.” This protocol, if implemented, would dictate that all mail is sent using authentication and require any auth failures to be reported to allow for further investigation.

In addition, Google also announced that their potential malicious link warnings, which are currently displayed at the top of the message, will now generate a full-page browser interrupt when one of these links is clicked: Google warning

This behavior will also carry over to the very rare “state-sponsored attack” warnings that are displayed for journalists and activists who may be potential targets for government censorship (or worse).

– BG