Another late night is done. It’s just into the early hours of the morning now, I’ve just come from framing the new office. We’ve got about another 5 -6 days of work ahead of us so it’s going to be jam packed fun.
Recently I received a Delivery Notice in my email from email@example.com, a few days passed and nothing was delivered as promised by the note. Attached to the notice was a PDF that consisted of only one page simply stating “this page is intentionally left blank”.
A call to Canada Post customer service quickly sorted the problem out, the rep informed me that it was a virus going around. Given the spat of PDF embedded viruses that were used to attack Gmail Customers in the high profile Chinese Google hacking case the blank PDF now made perfect sense, thank god I was on a Mac and not a Windows system. How many thousands of calls have they gotten and how many people are now compromised?
Part of what made this virus email look so legitimate was that the sender successfully used the actual canadapost.ca email address. This ability to spoof a domain ( like canadapost.ca ) in email was identified years ago as a hole in email security. To plug that hole the industry introduced a technically simple way for email providers to protect themselves. It’s called SPF, it’s free, and it’s simple and Canada Post is not doing it.
dig txt canadapost.ca
; <<>> DiG 9.6.1-P2 <<>> txt canadapost.ca
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14041
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;canadapost.ca. IN TXT
SPF is simply a list you publish as a DNS records. Using SPF tells the world what mail servers in the world are allowed to send mail from canadapost.ca and what a receiving provider should do if mail saying it’s canadapost.ca comes from server that’s not on that authorized list. Should that mail server reject the mail outright or should it just submit it to more intensive scrutiny, like an invasive virus scan.
Our mail servers here at Green-Light Communications look for an SPF record when receiving email, as many reputable mail provider do. When a domain owner does not publish an SPF we don’t have enough information to know when email coming from that domain is being sent illegally.
CanadaPost.ca, should publish an SPF record to protect its domain and to protect everyday netcitizens. This is a serious matter, canadapost.ca reputation has hijacked and used to help scammers steal peoples life savings. The cost to stop a re-occurrence is practically nil.
You, Canada Post, Government Corporation Extraordinary have a responsibility to act with diligence.
CIO, Green-Light Communications Inc.
Just wanted to give a sneak peak at the space we’re renovating to bring our team under one roof. With studio space as it is in Nelson we’re going to renovating a good basement workshop, adding office space and making room for an open work area.
We’re slated to be fully completed and moved in by May 1st, 2010, before and after pictures will hopefully be posted shortly after.