Olamide Omolola and Tobias Fiebig are studying the degree to which email systems are configured securely. And they need your help: they want to receive emails from as many different mail providers around the world as possible.
Even though it is over 40 years old, email remains one of the most important communication tools on the Internet. Since those early days, email has been a difficult infrastructure to get right. This has gotten harder over the past decades, with the widespread rise of spam and other unsolicited messages, and a multitude of technologies to combat this (SPF, DMARC, DKIM, and for all of that, DNSSEC). Also, with IPv4 address exhaustion, IPv6 support has become a major concern. Getting all of this working together is not easy, especially on email infrastructure that might have grown over decades.
How can you help?
We are conducting a measurement study to understand how ‘well’ email is configured, i.e., how compliant to this multitude of standards and technologies email senders around the world are. As we want to understand email sending, we need your help to receive emails from as many email systems and providers as possible. While it is easy to get messages from the major players (outlook.com, Gmail, Yahoo, GMX), there are countless smaller operators of email infrastructures, individual companies, regional and national ISPs, and mail providers only common in a single country.
Furthermore, studies as this one are often dominated by providers from the global north (Europe, North America, Australia). However, we would like to understand the global picture. So, if you are from the APNIC, AFRINIC, or LACNIC regions, we especially need your help.
Go to https://www.email-security-scans.org/ to find out how you can help us, or directly send an email to the following addresses (one email, with all addresses in the To: field):
If your mail provider does not accept some of these due to individual addresses being undeliverable, please feel free to remove those addresses from the To: header.
For more information on the study, including what data we are collecting and how long we will store it, check out the project website. The study will run for the coming 1-2 months. Once we have completed our study and analysed the data, we will share the results in a follow-up blog post, so stay tuned!
Contact: In case you want to get a summary of how your mail-setup has been doing, or just get into contact with the researchers, please send an e-mail to firstname.lastname@example.org
Olamide Omolola: I am a researcher analysing and improving existing security protocols and services, currently pursuing my PhD in this field at the Institute of Applied Information Processing and Communications, TU Graz. (Olamide's Personal Website)
Tobias Fiebig: Dr.-Ing. Tobias Fiebig is an assistant professor in the Information and Communication Technology section at the faculty of Technology, Policy and Management of TU Delft