ad++ blog

It this really phishing or just an ill-sent email? My mail server just sent me this:

Dear Ladies and Gentlemen,

the mail with the Subject 'Weiterbildung: Initiative zahlt sich aus'
(sent on Mon, 3 Dec 2007 12:35:03 UT) with the sender address
specified as '"monster.de" <feedback@monster.de>' contained a virus
known as 'Phishing.Heuristics.Email.SpoofedDomain'.
Due to this reason the Mail has not been delivered!

Your Inode-Team

Too bad. Weiterbildung zahlt sich nicht aus.

Here are a few links to interesting pages I found today:

• GMapEZ -- Get GoogleMaps on your web page
• Virtual Earth on local.live.com - astonishing, but you have to use IE for that! No Firefox!
• Since everyone is talking about Web 2.0, it´s good to read the original definition by Tim O´Reilly again.
• Wetpaint is a tool, actually a hosting service, to create a Wiki - for free! Weird name though.
• Alexaholic lets you compare Alexa statistics for up to 5 domains at once!
• Shackprices is a nice, Web 2.0 and Google Maps mashup style, real estate search site. All the pretty, yet even already standard interface toys - it´s so good you might getting bored of it. Well, like a selection automatic changes the results (without a page reload). Plus Statistics, RSS, email updates, photos, and neighborhoods information (seems to be much more important in the US than here in Europe).
• Ah, yes, Windermere is much alike, only the map is on the left side of the screen. And they still have an "update results"-button. Buh!
• Homethinking is another strange Web 2.0 real estate search site. It apparently resolved my IP-adressed and shows me a map of Perchtoldsdorf (I´m not in Perchtoldsdorf, but in Vienna). No agent there! Reminds me of the "girls in Perchtoldsdorf" banners on porn sex social communications sites! :-) But for other areas (in the US), it works OK. Noteworthy: customer reviews ("take a quick 5 minute survey of your experience").

There´s a certain geek-ness when, upon receiving a email from friend´s saying "this email account will be stopped tomorrow", I take a look at the message header to find out whether they are still in Japan or not:

Received from xxxxxxxxxxxxxx (xxxxxxxxxxx.kanagawa.ocn.ne.jp [60.45.129.xx])    by ...

Cool? Actually I was right, but only for a day.

Text + HTML (in the same eMail message) equals multipart/alternative subtype. Nothing new, but interesting.

Or, in other words:

Multipart/alternative may be used, for example, to send mail in a    fancy text format in such a way that it can easily be displayed    anywhere.

More information here: email marketing (about.com), document types (wilsonweb.com),  MIME (at Wikipedia).

I sometimes start thinking about technologies at unusual places, like in the underground train: Remember triple play, i.e. voice, internet and tv over one pipe? The incumbents, like Telekom Austria here in Austria, already have voice and DSL service and are preparing TV services like VOD or streaming. Cable operators, on the other hand, started with pushing TV waves through their pipes, then added broadband internet access and conventional telephony. Now digital phones services may bring connect a fourth service - mobile telephony (previously only offered as a bundle at reduced rates, but without any technical connection).

Here UMA comes in: UMA - unlicensed mobile access - promises seemless roaming between GSM and GPRS mobile services over unlicensed spectrum technologies, including Bluetooth and 802.11. Who will offer those services? The mobile phone operators wary to loose their handle over the customer? The incumbents converging their mobile and fixed line telephony services? The cable operators who don´t have that much too loose. This service, of course, won´t take off till GPRS/UMTS data services are offered at flat rate costs including permitting VoIP usage (unlike ePlus). Also cable operators will rely on an attractive data offer from the mobile operators - so that´s an unknown factor.

UMA is also very interesting for corporate customers eager to merge their networks. Also it´s not just voice obviously, but also roaming of data usage between WiFi networks (in company buildings or at hotspots) and mobile networks. Seemless. Oh yeah, I like that word. In a way it would be similar to offers like O2 homezone (address tied to a locale in the fixed line network), the later though without the advantages of a local WIFI network in internet usage. Exciting!

I´m interested in web statistics, so these new services with visitor maps and ip address to latitude/longitude lookup look very exciting. Wish I only had more time to try it out here myself.

Here are the links with more information:  Visitor map (on vowe.net), free hostip lookup, Stefan´s GoogleMaps hack, GVisit visitor map log service.

Worth reading one day (but when????): Google Maps API Documentation. Basis to see what cool apps are done on top of Google Maps.

The CCC has a couple 21C3 videos available for download (with BitTorrent). Hooray broadband!

Note to myself: don´t download everything at once! Just one video, then watch it, then the next. Broadband economics. :-)

Ryan Tamayko explains REST and webservices to his wife, yielding an easy explanation on HTTP basics. Worth reading!

The W3C has released a general purpose document titled Architecture of the World Wide Web, Volume One. Worth reading, even if you know most of it already (like I do). Lots of stuff on URI´s and XML.

Over at Joi Ito´s blog, I comment to his rants on bouncing spam and virus messages. Essentially, the SMTP protocol wasn´t devised to handle spam messages, though the technical setup itself is perfectly OK. Thus non-delivery notifications (NDN´s) thus should be sent, or rather, they must be sent by SMTP servers according to RFC 821 and the newer version RFC 2821. The NDN´s aren´t the problem´s source, spam is.

You will find further information (in German) at this article.

Kris Köhntopp has written - a while ago though - a paper on blocking of material on the internet (Sperrungen im Internet). Nothing new, but interesting anyway.

Over at IT&W (in German) there´s a post and a discussion - with comments from me as well - on newspapers articles about the CERN´s 50th anniversary crediting CERN for the internet´s invention - of course meaning the web instead. Even journalists, which should know it better, think: internet = web. :-)

They should have looked it up on Wikipedia:

The World Wide Web began as a CERN project. On April 30, 1993 CERN announced that the World Wide Web would be free to anyone, with no fees due.

Am CERN wurde auch die Idee des World Wide Web von Tim Berners-Lee auf den Weg gebracht.

Delta encoding in HTTP (RFC 3229) is a solution to solve the bandwidth problem with RSS aka blog clog.

Jo Ito explains how he uses IM, Wikis and free conference calls (german site) and gives a peek at the future of work in a highly-interconnected society. Cool!

Usually, I wake up before my alarm goes off and wake up the computer instead. As soon as my status on my IM clients goes from idle to available, I get a little flurry of requests for contact. "Did you see my email?" "When can we talk?" "Don't forget our conference call coming up." "We're on a conference call right now you might want to join." I queue up these real-time requests like some sort of air traffic controller, put on my headset hooked up to my Vonage phone and get started. Today, I started the morning with an conference call on the fly with a few people on a one of the many free conference call bridges. During the call, I got an IM that I might want to drop into another conference call in progress. After my first call, I joined the second conference call which was already well on its way. I got the URL of the wiki page of the agenda and notes via IM, scanned them, and made a few comments. Then I was off again to my next call which I had queued with someone on IRC.

Ian Fogg of Jupiter Research reports on the effects of Windows XP updates downloading in the background - standard from service pack 2 onwards - on narrowband internet connections:

Unless the user is pretty web savvy, the reason for this slower connection won't be apparent, and they may contact their ISP.

This may create new problems for ISP´s support department. Of course, there´s an easy solution and a great opportunity for ISP too: encourage broadband migration! In other words, the growing size (and number) of Windows (and other) updates with help in moving customers to switch.

Meng Wong, the lead developer of SPF, is being interviewed:

In the coming months I expect industry to start moving. We'll be publishing SPF records and upgrading to SPF-enabled MTAs that can implement SenderID and SPF Classic. Forwarders will need to firm up their plans for SRS. ISPs will need to support SMTP AUTH on 587 and start rate-limiting outbound mail servers

See also my recent post on ASTA and the combined model of SPF and Microsoft´s CallerID anti-spam authentification.

Glenn Fleishman summarizes the model policy document (PDF) put together by several large US ISPs - the Anti-Spam Technical Alliance (ASTA) in the recent Tidbits issue.

The recommendations to reduce spam and spoofing are:

Shut down open relays. Monitor well-known unintentional scripts that forward email to arbitrary recipients. Make sure proxies work in internal networks only. Discover if local machines are compromised and sending spam, and figure out how to remove them from the network through notification or by shutting down the connection. Use authenticated SMTP. Change passwords on customer routers, like DSL modems. Install reasonable limits on inbound and outbound email for standard accounts. Don't allow instant account access for new registrations. Turn off open Web redirectors. Improve complaint reporting and handling.

After an overview on the burden of spam on the internet, the following best practice recommendations are given:

• close all open relays
• monitor formmail.pl and other CGI applications
• configure proxies for internal neetwork use only (= shutdown open proxies to avoid them being abused to send out email and for DDoS attacks)
• detect and quarantine compromised computers
• implement A-SMTP (preferable with SSL/STARTTLS for an encrypted password)
• caps on outgoing email traffic (rate limits; very good idea).

An important rule is:

The Good Neighbor policy requires that ISPs and network providers be responsible for all traffic emanating from their systems on port 25. This is especially important in the case of traffic from a compromised computer since it may include viruses and/or worms that threaten other ISP networks.

Actually, you may think that there´s something else to do for a sunny rainy tuesday afternoon, but I enjoy reading IETF internet drafts such the one on email port access.

Internetnews´s Ryan Naraine reports on the trend of pushing content into IM with the latest versions of ICQ and YIM (Yahoo Instant Messenger). Though the large content explosion won´t happen yet as ICQ isn´t providing only a limited API with the recent introduction of ICQ Xtras - not such an open API as Amazon´s web services, Google web API (SOAP based) or Jabber´s XMPP XML-based IM protocol (to add IM alerts for almost anything).

Surprisingly, all that (and more) is already available in Trillian: RSS client, time synchronisation client, translation plug-in - what ever you want. IM got interesting again.

Seems that big ISPs / online services like to add features to standard protocols that change things sometimes for the better and sometimes for the worse. Now AOL is taking a step back to the technical mainstream and opening their mailservers to other email clients (that their own) with IMAP service - check the unofficial AOL Email FAQ for more information on IMAP and A-SMTP @ AOL´s Open Mail Access Service (also available at AOL Germany and elsewhere).