Pobox Blog

See something? Say something!

2010-08-04T14:15:00.006-04:00

When we make major site changes, we keep access to the old pages available, in case there's some unusual situation that causes the new pages to fail for someone. But minor changes can sometimes bite just as hard.

Site changes are tested in IE, Firefox and Safari before they go out in public. But differences between versions and setups, and the fact that our testers reload style sheets religiously means that, sometimes, what you see is not what we see. Here's an example I got just the other day:

We removed the Login text boxes from the top of www.pobox.com. (This change was the result of changes to Internet Explorer 8's security settings, which said that page was insecure because it was loading the blog headlines.) Looks fine, right?

But the next day, questions started coming in about the login box being "missing". We thought people wanted to know where the text boxes to put in their username and password went, and we told them about the reason for the change, the security alerts in Internet Explorer, etc. After almost a week, someone sent me the following:

Ouch! That was all it took to realize that all those messages about the "missing login" were not about missing text inputs ... people couldn't see the button! (Thank you again, Debbie.) Most people told us, "I assumed you knew, and you just hadn't gotten around to fixing it."

That's why we love to ask for screen shots when people report a problem. It's amazing how many questions/debugging sessions can be short-circuited by simply seeing what you're seeing.

So, if you're seeing a persistent display problem with the site, please let us know! The grass may actually be greener on our side of the fence, and we just don't know about the issue you're seeing.

All About Spam: Phish Food for Thought

2010-07-08T18:44:00.006-04:00

All About Spam is a series of blog posts about common spammer techniques. Have a question about a type of spam that you'd like to see in a future blog post? Leave a comment, or send an email to pobox@pobox.com!

A phish is a type of spam designed to gain access your secure information, like login/password combinations, credit card numbers or Social Security numbers. Phishers use social engineering to get you to reveal this information -- rather than using computers to hack their way into the data store, they use tricks of human nature to get you to give it to them.

Unlike most spam, which is just annoying, phishing has a real threat. Though estimates of the final total vary, everyone agrees millions of dollars are lost by consumers each year due to phishing attacks. So, how can you protect yourself?

1. Question unsolicited emails. Obviously, if you go to your bank's website, and click the "Forgot password?" link, you should expect an email shortly. If you get an email from your bank (or Amazon, or any other organization) out of the blue, asking you to log in to your account, view it with a critical eye.

2. View links with suspicion. The number 1 method for phishers is a link that directs you to a page that looks legitimate, but isn't. The easiest way to get around this method? If your bank emails you and asks you to log in, type in the URL you know is good (or Google for it, if you don't know it), rather than using the link in the email.

3. Look for personalized information. This method isn't foolproof ("spear phishing" refers to more focused messages, attempting to get information from more specific groups -- which allows for more customized messages), but it's a good starting place. For instance, most banks will include your name when sending you a message, plus some portion of your account number. Transactional emails, like receipts, are also generally safe bets -- you can recognize, "is this something I ordered?"

4. Keep a close eye on details. Many phishing messages have somewhat obvious problems. Misspellings, poor grammar, bad addresses, colors that are slightly off, formatting that doesn't quite match the usual messages you see ... all of these should be tip-offs that something not quite right is afoot.

5. Never enter your financial information on an insecure web page. Credit card numbers, bank login credentials, account numbers and any other secure data should only be entered on secured web pages. Look for https:// URLS and a lock icon on your browser.

The most important thing to remember is, just because a message looks like it's from a legitimate organization, doesn't mean it is. The first phishing schemes revolved around a few large organizations -- AOL, Wells Fargo, Bank of America. It was easy to detect these as fakes, if you didn't have an account at one of these places. Using the same level of suspicion when dealing with emails from organizations where you do have an account could protect you from a very painful error.

Lock it down: Good (and bad) security questions!

2010-07-01T14:17:00.013-04:00

In order to retrieve your Pobox password, we ask you to answer (among other things) the security question you set up when you created your account. But are you using a good question? Your account is only as secure as your security question.

Pobox lets you specify the question yourself, so you don't have to use the classic "What is your mother's maiden name?" Fully 10% of Pobox customers use some variant on this question -- but research indicates it's not a very safe way to secure your account. (Neither is "What is my pet's name?", if you ever talk about or post pictures of your pet online.)

Your security question and answer can be updated at any time, so go take a look at what yours is. If you can use any question, though, how do you pick a good one?

1. The answer should be hard for someone else to find out. This is a security question, and knowing the answer to it provides access to your account. Like a good password, that means it should be hard for someone else to figure out. So, "What is my high school's mascot?" is not secure at all. "What was on the cover of my sticker book?" is much better (though using it would probably would still have let my sisters break into my account.)

2. The answer should be hard to guess. Any question where the answer is a month, a color, a day of the week, a number under 10 or basically any other limited list of answers is a bad question. "What month did I get married?" only has 12 possible answers. Same with "What color is my bedroom?" Unless you know you'll always remember the paint was called "Deep Sea Diving", guessing "blue" would only take 5 or 6 tries, max.

3. The answer shouldn't change over time. The Pobox default security question is, "What is your favorite book?" This is great for me -- my favorite book has been the same for 15 years, or as long as I've been using that as my security question! But, if your favorite book changes every few years, this might not be a good choice for you. Per question 2, "The Bible" would also be a bad answer to this question, because so many people use it. If the Bible is your favorite book, consider a different security question, or using your second favorite.

We have also had more than a few uncomfortable customer service situations over questions like, "Who is my lover?", with respondents having to go back to girlfriends 5 or 6 back to come up with the correct answer.

Another problem is that many, many customers find it difficult to answer their security question correctly. Also consider these factors when writing your question.

4. Write the question so it's easy to always give the same answer. So, "Who was my kindergarten teacher?" could be Susan Jones, Ms. Jones, or Miss Jones. "What was my kindergarten teacher's last name?" only has one answer -- Jones.

5. Give a real answer. Some customers will tell us, "Security questions aren't secure, so I just put in random letters and numbers as my answer!" That's great, if you're writing them down and keeping track of them, or using a password crypt like 1Password. But, if you just hit whatever random keys you like, and don't keep track of them, we have no way to confirm you are who you say you are. If you forget/lose your password, and need to gain access to your account, you have basically made it impossible for us to grant it to you.

So, what are some questions that are hard to find out, hard to guess, unlikely to change over time, but easy to always type the same? A good list of questions is different for everyone, but try one of these real questions on for size!


Who was your first crush? (unless the answer is "my spouse")
Who knit your baby blanket? (unless the answer is "my mom")
What was your childhood stuffed animal's name?

Another good choice is something that wouldn't mean something to someone else, but makes sense to you. So, for instance, I have a piece of furniture in my house. It's not a cabinet, it's not a table, it's not a buffet or a curio cabinet. It's something in between. So, I call it Joe. For me, "What is the furniture with a name called?" would be a good question, though you probably shouldn't use it yourself. One of the best security questions I ever saw was "Who has skinny feet?" I'm sure the person who used it could answer that question in a second, but it would be very difficult to guess if you weren't them.

Even if you're 100% positive you used an awesome security question when you created your account, go look at yours now, and make sure you know the answer. If you are using an insecure security question, change yours today. Though no one likes to believe that someone would want to crack their account, it can and does happen. Be your own best first line of defense, and make sure your security questions and passwords are strong and secure.

Welcome, Aliencamel! Which Pobox account is right for you?

2010-05-24T16:07:00.008-04:00

Pobox offers a warm welcome to Aliencamel customers! You may have recently received an email detailing your migration options. Let me tell you a little bit more about Pobox.

All accounts include email forwarding, spam filtering, and vacation autoreplies. If you already have another place you want to read your email, then a Pobox Basic account will let you forward your aliencamel.com mail to the email address of your choice for USD$20/year.

Want to add email filters? Pobox Plus accounts include email filters that let you redirect, block, send autoreplies, send a condensed version to your mobile phone, or tag the subject of your message. Plus accounts are USD$35/year, and include all the Basic features, as well.

And if you're looking for a new home for your aliencamel.com address, Mailstore accounts support IMAP and POP for nearly all current email clients, plus webmail! It's 10GB of storage, plus all the features of Basic and Plus, for USD$50/year.

Once you've selected an account type and signed up, there are two other things you'll want to do: add your aliencamel.com address, and import your whitelists (some of you have 10,000 and counting!) You should already have your code and URL to add your aliencamel.com address -- just remember, you can't add it if you're using aliencamel.com as your forwarding address. So remove that as a forwarding address first, then use the URL to add it as an alias. To import your whitelists, just send an email to pobox@pobox.com, including your pobox or aliencamel address, and your whitelist attached as a file, and we'll import it for you!

With 15 years and counting, we hope that Pobox can be your email home for a long, long time. If you have any questions about the service, please contact Customer Support; we'd be happy to tell you more about ourselves and the best option for you!

Please don't email your credit card number!

2010-05-13T18:23:00.002-04:00

When someone is hatching a secret plan in a movie, you might see them ask, "Is this a secure line???" The average telephone call is transmitted as-is, which means, as it travels through the many lines and machines necessary to tranmit the call around the world or down the street, someone with the right equipment could listen in.

Email works the same way.

You might have the impression, given how fast email works, when you send an email that it just goes from your computer to the recipient's mailbox. In fact, even simple setups usually pass your email through 4 or more computers.

Email is like a postcard; for the most part, people aren't interested enough in what you're saying to bother looking at it. But credit card numbers are an obviously-identifiable string, making them easy to look for in a stream of content going by.

How do you prevent your credit card number from being picked up? Encryption. That's why you're never supposed to type in your password or credit card number to a web browser that doesn't show a secured lock or key. That lock indicates that your data is scrambled while in transmission; the website then has the information necessary to unscramble it on the other end.

Ok, then, why don't we just encrypt email, too? Well, it's not that simple. Companies pay a security provider for that encryption service. The security provider generates the information, and verifies that it's accurate, and provides the key to you that's necessary to scramble your data. And, over the years, the security provider has made sure that all the web browsers out there work with their service, so you never have to think about it.

For email, you would need a similar scrambling key for everyone who emails you, and you'd need to distribute your key to everyone you email. And you need a secure way to do that. And most people don't want that way to cost a lot of money. There are ways, and they work, and they've been around for a long time. They just aren't used by most people.

Think of email as a conversation you might have walking down the street. Generally, no one would bother to listen in. But if you started saying your credit card number repeatedly, well... it only takes one nasty person to cause a problem. So, please don't email your credit card number.

15 Years of Pobox: The Wired article that got it all started!

2010-04-14T15:31:00.001-04:00

Do you recognize this magazine cover?

If so, you might be one of our very first customers! The May 1995 issue of Wired magazine included the following sidebar in first page of the Scans section:

Email Trail

A new service called pobox.com offers an easy-to-remember e-mail address that you can use for the rest of your life (or the life of the company, anyway.) For example, any mail sent to mengwong@pobox.com is forwarded to pobox.com founder Meng Weng Wong's CompuServe account (71552.1674@compuserve.com). This way, if you switch online services, you don't need to message everyone you know informing them of your new e-mail address -- just e-mail your new information to pobox.com. --Mark Frauenfelder Price information: pobox@pobox.com, http://pobox.com/pobox/signup.cgi

Well, Meng's CompuServe address is long gone, but you can still email him at mengwong@pobox.com. And for those of you who took the chance that "the life of the company" was going to be a timespan that was useful to you, a very hearty thank you.

15 Years of Pobox: Memorable Customer Service Requests

2010-04-05T17:10:00.011-04:00

Not to toot my own horn, but I think Pobox Customer Service is great. I'm so proud to be able to work at a place where, by and large, we can actually help people resolve the issues they're having, not just give them canned responses or read off a script.

We think customer service is so important that virtually every staffer, no matter what job they've been hired to do, spends their first week doing email customer service. It helps new staffers get an idea of who you guys are, what you think is important, problems that people are worried about, areas of the service that need improvement, and the kinds of areas people are interested in us spending more time on.

That being said, because so many of you use your Pobox address (or URL!) for your own businesses, we get more than a few customer service questions or complaints about services we have NOTHING to do with, like the time we were asked for a refund for our guinea pigs. We've been told our kittens were insufficiently cute (I forwarded that one to the kitten cuteness complaint department), and our muesli lacks the requisite number of sultanas. We've been asked for help rescheduling people's travel plans, and for processing returns of products too varied to mention.

It's not all complaints, though! We've also gotten requests to join our band, from piano players in the Ukraine. He may have actually been looking for this band, but it did spur many a discussion about what instruments we would all play. Thankfully, Rock Band came out, and only our friends and loved ones have been subjected to the stylings of the Pobox house band.

There are many support emails that have stood the test of time, but one in particular is frequently cited in tales of Pobox CS history. I have reprinted it below.

logmeoutofthisaccountbecausesomeoneisusingmynameillegallyibelieveitis
venuswilliamsthetennisproandhergangongtheirtourstalkingmeongalveston
islandintexastheyareinvisibleasholographs,abusingassualtingmeandmywife
thatsaholographto.tiamowerythedisneystaranactorofsistertosisterthey
arethreatinghernottogetoutoftheholographtheywillkillherandmethatswhy
theyaremessingovermyemailandstealinginfothatimightgetwithinaemail
accountanytimeeventhoughihavebeenemailingthepresidentfromtimetotime
abouttheieractivityeverydayfollowingmesunupsundownevenwhileisleepstill
filmingthemselvesabusingmeandfilmingpronoabuseofandontheassualtofmy
wifealways.pleasereporttrhisimportantoftheiractivityasapthisis
importantwhereeverigetfreeemailwithinanacountstatusvenuswilliamsand
gangathreattoeveryonesystemwithintheinternetsystem.theyarerealslick,
getyourlawyersonthem.okiamtypinginrosenberglibrarygalveston,texasand
theinvisiblearewatchingmetypethisrightnowthatshowmuchathreattheyare
tomedamsomeonejusthitmewiththierfistandifeelthatpunchinvisiblepunch
thatsallisignbackuptommorrowok

So, remember, if you're on Galveston Island, beware the invisible punch!

15 Years of Pobox: The day of the generator

2010-03-22T18:36:00.009-04:00

Can you believe that Pobox has been around for 15 years already? It seems like just yesterday the website was only one or two pages, and we were still trying to figure out how to keep track of the checks people were mailing us.

How quickly times changed! And yet, there were still plenty of ups and downs ahead. In commemoration of 15 years of Pobox, I asked current and past staffers if there were any stories they'd particularly like to see on the blog. Mark asked to hear the story of the water main break, after he found a CNet article on it.

On Friday customers of POBox.com, an email forwarding service, were baffled by an outage in what they say has otherwise been a highly reliable service. It turned out that the eight-hour shutdown--in which no email was lost--was not caused by a faulty router or programming error, but by the kind of a common building problem that faces "brick and mortar" companies every day: a water main break.

I asked Helen Horstmann, our CEO, if she would tell us about that day, way back in September 1998.

I refer to it as "the day of the generator." Back then, we had a T1 in the office, and virtually all of the important servers were there. I walked up to the building, where a small crowd of people was hanging around, waiting to be told they could go in. A water main had broken under the street. The basement was flooded. The elevators weren't running, because the power was out. WAIT. "The power is out?!"

We waited for about 30 minutes before panicking. Maybe it was a little water main break. Maybe we everything would be fine in just a few minutes. But more and more PECO workers kept showing up, and finally, one of them announced, "You all might as well go home -- the power's going to be out all day."

I was floored. I ran over to him, and said, "All day? What does that mean? Like, 3 or 4 hours?" He said, "Maybe. Maybe 12 hours. It will definitely be fixed by tomorrow morning, though."

I asked if the building was still open, and the desk guy told us we were welcome to walk up, but the building's emergency generator only powered the Exit signs, so the stairwell would not be lit. Using our cell phones as flashlights, we hiked up the nine flights of stairs to the office, where our battery backups were beeping madly. Two people started shutting down the non-critical servers, to reserve as much power as possible for the important ones.

We needed a plan, and fast. We needed our own emergency generator.

I asked if it was possible, any way, any how, name your price, to piggyback off the building generator. But they hadn't had an outage in years, and hadn't been keeping the tank full of gasoline. They figured they had no more than 6 hours of power, and they needed it all for the emergency workers.

The building had sealed windows, so running a generator in the office was also a non-starter... but we had to have power! What if we were down for 12 hours? What if we were down LONGER?!

I found an equipment rental company 30 minutes away that had a generator they were willing to rent for 24 hours. We were all early twentysomething city dwellers, so the only staffer with access to a vehicle was a customer service agent who was also in a band. He and I headed over to his apartment to grab the band van. No drums to schlep today -- we're schlepping a generator!

In the meantime, someone else was getting access to the roof, and estimating the distance from the roof to our office with ethernet cable. Even after we got the generator, we were going to need a 47 foot, 220 volt extension cord (or 15 meters, for our metric friends).

Luckily, the generator guy referred us to an electrical supply company that was on our way back. The cable was on a 3 foot wooden spool (which we later used as a stand-in coffee table, in commemoration of the event). We rolled it out of the store and into the band van.

When we got back to the office, the desk guy took pity on us, and used a fireman's key to turn on the elevator -- I don't even want to think about having to carry those things up 15 flights of stairs! We carried it the last flight to the roof, and started unspooling the power cable.

Did I mention the windows of that office didn't open? We had to drill a hole in the window frame to get the power cable in. Thankfully, we realized that before we attached the plug head to the cable -- drilling the first hole took almost 20 minutes; making it twice as big could have eaten up nearly an hour.

By now, the batteries had long since died, and all the machines were off. It was quieter than the office had been for years. We wired up the power cable, plugged in our main UPS, called up to have the guys on the roof start the generator and ....

Nothing happened.

The battery wasn't charging. We checked everything we could think of. The power inversion on the generator. The cable. The plugs. The UPS. Nothing. Nothing worked. This may have been the point where I went into the stairwell and shouted obscenities.

We started calling electricians. One after another told us they couldn't come until tomorrow. (At this point, it was nearly 3 in the afternoon.) We started calling friends who knew anything about electricity. We knew we were at the end of the line.

How many times did I walk up and down those 9 flights of stairs? How many times did I bug the PECO guys for a new estimate? I know someone tore me away from the building at some point to eat. There was nothing left to do but hope that the power would be back on shortly.

Around 6 PM, we were sitting on the floor when the overhead lights flickered on. Everyone jumped up and started turning computers on. Within 20 minutes, everything and everyone was running -- watching logs to make sure everything was moving as quickly as possible, answering the piles of customer service mail that was coming in.

That was back in the day when Pobox cost $15/year. So, if you're wondering what that extra $5/year is buying you, well, you could say that it's a low cost for a lot of extra peace of mind. :)

Nowadays, of course, Pobox has redundant datacenters in world-class facilities, running on enterprise-grade hardware. Things can still go wrong, but now we're counting on our vendors and partners to solve the problem, not the local electrical supply store. Thanks for sharing that story, Helen!

Do you have a story to share about Pobox? Drop me a line at nessie@pobox.com, and it just might end up on the blog!

How to ask questions to strangers, part 3

2010-03-12T18:05:00.006-05:00

Mark Dominus concludes his series of articles on how to send email to strangers asking for help. Read his previous entries about picking the right expert and using an informative subject.

In the past couple of articles, I covered the two most important rules of asking a stranger for help. There are also several minor-seeming mistakes you can make that will sink your chances of getting a reply.

Use correct spelling and grammar.

Yes, this is boring and tedious. And yes, I know you have heard it before. And yes, I know that only fussy old people care. But some of those people you are asking for help are as old and as fussy as I am. And some of those fussy old people will throw your message in the trash if it starts with:

i hope that u would be able to help me.

or ends with:

You wouldnt by any chance have any info on B+ & B* Trees would u ???

Maybe in another twenty years we'll write everything in SMS abbreviations. Until then, the fussy old folks like me will still be alive, and the writer of a line like these will appear to be either:
illiterate,

too lazy to press the three extra keys required to get it right, or

A GODDAMN JACKASS.

Excuse me, lost my patience there.

Related to this is that you should have your real name in the "From" line of the message, or at least a name that is not obviously a fake name. Seeing "Smoove B" in the header of a message is not going to help convince a stranger that you are worth emailing.

Don't make the recipient do any work.

Of course, to answer a question, the recipient will have to do the work of answering the question. But your aim is to make them do as little work as possible. For example, I once got a message with the subject "your article" asking me "What is meant by 'forkish'?" Huh? What article? Did I say "forkish"? How should I know what I meant?

I eventually dug up the article, which I had written several years earlier. If I had been a little busier that day, the question would have gone straight to the trash bin.
It would have been a big help if my correspondent had written something like this:

In your article "..." at URL http://... you said "Blah blah blah forkish." What did you mean by "forkish"?

Then I would have known right away what I had meant, or at least I would have been able to look at the article easily.

Experts are busy people. The more work you ask them to do, the less likely you are to get a response. Try to provide all the relevant information that you can. Don't ask them to look stuff up for you in books; say "I didn't understand this thing I looked up in a book. Does it mean X or Y?"

Don't appear impatient

I don't know about other people, but when I get a message that says something like one of these:

Please respond ASAP!

I need the answer right away!

This is very important.

I want to unleash a torrent of sarcasm. "Gosh, I'll be sure to clear my schedule to work on this important project for you!" You're asking a stranger to do a favor for you, so it's not appropriate for you to put conditions on when or how they do it. Here's that "forkish" example in full:

what does forkish mean? this is very important. thank you. please respond.

"This is very important" spoils the effect of "please" and "thank you". It says "please", but it doesn't mean "please". Some time ago, I tried rewriting that message in a form I would have liked better, and came up with:
Could you take a moment to explain what you meant by 'forkish' here?
I didn't notice until after I had written it that I had eliminated "please". But the rewrite communicated "please" anyway, whereas the original one didn't.
That's all the advice I have. Good luck writing to strangers!

Thanks, Mark! I recently took his advice, and wrote to some experts on one of my favorite topics... Pobox! I asked them for tips and tricks that they use that they would like to share with other Pobox customers. If you've got something that you think other customers would be interested in, just drop me an email to pobox@pobox.com with the subject "blog tip".

Pobox Best Practices: Changing ISPs

2010-02-26T16:33:00.008-05:00

We want you to get as much value as you can out of your Pobox account. Pobox Best Practices will share our methods for using Pobox features for common problems, tips and tricks from other customers, and the ways Pobox staffers use their accounts to manage their own email.

One of the most frequent tickets we see at Pobox Customer Service is, "Help! I just changed my email address, and now I can't log in to Pobox!" Ouch. But the bigger problem, as we see it when we're helping you, is that your Pobox account didn't make that seamless.

One of the best features of a Pobox address is the ability to change your forwarding address, whenever you want, without having to tell all your friends and contacts about your new address. Most people change where they read their mail every 2 years. (If you're sick of your current provider, you can always keep your mail at Pobox by upgrading to a Mailstore account.)

It's no big deal if you're switching between Yahoo and Gmail (or back again), because both addresses will stay open. But, if you're switching from Comcast to Verizon, your access to your Comcast mailbox gets cut off with your last bill. So, how can Pobox help smooth the transition, and make sure you don't lose any mail?

First, as soon as you get your new address, log in to Pobox, and add it as one of your forwarding addresses. (All Pobox accounts can forward mail to up to 5 places.) Don't wait until your current forwarding address goes away. In fact, don't even remove your current forwarding address from your Pobox account just yet.

Now, your mail is going to two places. Why? We know your email is important to you, so you'll want to makes sure your mail is actually arriving at your new address. You may not have the address you thought you did. (I once had a support agent over the phone set up my address as vanessa.canon@example.com, instead of vanessa.cannon... took 2 calls for them to figure out what was wrong.) Your password may be wrong, and so even though the mail is getting there, you can't log in to read it. No matter what the reason, losing access to email has been known to cause irritability, headaches, bloating and irrational behavior.

So, go ahead and send a test message, from your old account to your Pobox address. It should show up in both of your mailboxes. If it doesn't show up in the new address (and it isn't in a spam or junk mail folder), let us know. But this way, you still have access to your email while we work out any problems with your new address.

Also, if you keep old mail, like most people do, you'll probably want to move it to your new address. This is really easy if you're using an email program like Outlook or Mac Mail. Just set up a second account for your new address. Then, when both accounts are set up, just drag and drop the files from your old account, to your new one. Your email program will move everything for you in the background! If you have a lot of mail, don't shut down your computer. It could take a while for everything to get moved.

Once you know you have access to all your existing mail at your new address, kill that old account! Log in to Pobox and remove it as a forwarding address. Send a nasty cancellation letter. Go and leave a bag of your shredded old bills on their doorstep. They were hoping to lock you in with your email address, and they would have gotten away with it, too... if not for your meddling Pobox address!

How to ask questions to strangers, part 2

2010-02-19T16:40:00.001-05:00

Mark Dominus continues his series of articles on how to send email to strangers asking for help. Read the previous entry.

Last week, I told you the one big rule of asking email questions to strangers. This week, I'll discuss a smaller rule:

Use an informative Subject

We all get a lot of junk mail. We all throw away most of it. If the a message doesn't have an eye-catching subject, we may throw it away without opening it. And "eye-catching" here means "does not look like spam". Spammers are very stupid, and they have a very stupid idea of what sort of subjects will be eye-catching:
Please reply ASAP
Seeking your expertise
Help me!
READ THIS!!!!!!
You must be cleverer than a spammer. Just adding more exclamation marks is not clever enough. Good subjects in messages I have received and replied to are:
Question about apache module
Length of day question
how to optimize for speed
The key property here is that each subject contains something specific that makes clear what the message is actually about, and that it is something that might reasonably be directed to me, rather than to someone else, or to one million someone elses. Do you remember the important rule from last week? Experts want to be consulted in the area of their expertise. They do not want to be consulted about random garbage. If you can make clear in the subject line that you sought them out for specific knowledge that only they can provide, the expert is much more likely to read your message.

Here the subjects of some messages that I have sent to famous people that have received prompt and detailed replies:
Computing with lattices: An application of type classes
Hegelian Taco
Octopus anatomy
Each of these is good because it instantly tells the recipient two things. First, it tells them what the message will be about. "Hegelian Taco" may not mean anything to you, but it does mean something to the author of the paper about the Hegelian taco that I was asking for. And second, it tells the recipient that the message was intended for them, and for them alone. Anyone else might throw away a message titled "Hegelian taco" in puzzlement, but the author of the Hegelian taco paper is certain to read it, and that's all you care about.

Similarly, the "Computing with lattices" message was sent to the author of a paper with that title, asking for a copy of the paper, and "octopus anatomy" was sent to an octopus expert.

Once you've gotten the recipient to open and read your message, you still have to get them to answer it. I'll return in three weeks with an article about how to keep the expert from throwing away your message in disgust.

How to ask questions to strangers

2010-02-11T15:22:00.009-05:00

Pobox is proud to have several very active members of the open source community as staff or alumni, which means they get many questions about how their software works (and not just from me!) Today, Mark Jason Dominus, Perl expert, noted author and Pobox staffer, offers his thoughts on how to ask a good question.

I once emailed Dr. Mark Norman, one of the world's foremost experts on octopuses, to ask some questions about octopus anatomy. I once wrote to a well-known writer of computer programming books asking for advice on how to choose a publisher for my own book. I once bugged one of the inventors of the Unix operating system for information about the early technical details of Unix. Last month I wrote to a famous mathematician to ask for a copy of a paper he had written that was too old to be available on the web.

Maybe you're not interested in octopus anatomy or in digging up copies of obscure mathematics papers. But I know some of you are interested in emailing some sort of questions to well-known experts on something, because I'm a well-known expert on computer programing, I get email from strangers all the time, and I know I can't be the only one who does. Someone must be sending those messages. Maybe it was you.

Sometimes I'm really happy to get the messages, and I answer quickly and at length. Other times, I snort and throw the message away, or save it to chuckle over with my friends — or worse, I save it to ridicule in a blog post years later. Here are some easy rules to follow if you want to know how to send the first kind of email, the kind that gets a reply, and not the second.

The rules are pretty simple. Probably the biggest one is:

Pick the right expert for your question.

Only ask the expert questions about an area in which they actually have expertise. If you write to the octopus expert with a question about advanced mathematics, or to the mathematician for advice about octopus behavior, you'll look like a fool, a lunatic, or both. And even if the mathematician is feeling indulgent and is willing to help you, she can't, because she doesn't know the answer to your question anyway.

Does that seem obvious? About ten years ago I received this awesome specimen:

I am a student of Romance and Germanic philology faculty,
I am getting my Master's degree, so I have to write a thesis.
The theme I have chosen is "Lexico-grammatical peculiarities of
the language of constitution" I have to compare the UK(magna
karta)and US Constitution. . ... Will you provide me with the
information, or give a hint about those sources where I can read
about my topic?

I didn't bother replying to this message. I'm a computer programmer. What do I know about lexico-grammatical peculiarities?

But really, there was nothing wrong with the request itself; the only problem was that it was sent to the wrong person. Somewhere out there is a professor of linguistics who specializes in the study of legal documents. That professor would probably have been delighted to offer this poor schmuck some pointers.

People I meet often worry that the expert will be annoyed that a member of the general public is taking up their time. But if you observe this rule, you won't have to worry. I promise you that the expert on the history of knitting would love to get your email inquiring about the origin of the slip stitch. The education expert who wrote about penmanship education in last week's local paper will be thrilled to hear from you. People become experts because they are interested in their topics. Getting email from another interested person brightens their day. People write papers and articles because they want other people to read them attentively. Their great fear is that nobody is listening. Hearing from someone who not only read their article but who cared enough to follow up is a shining joy.

But even if you send your question to the right person, there are still a few ways to go wrong. Next week, I'll discuss some of the other mistakes people have made in asking me for help.

The Wonderful World of Emailed Reports

2010-02-05T19:53:00.002-05:00

I love Pobox spam protection, and I think it's wonderfully accurate. Still, I do identify with Ronald Reagan. Trust, but verify. And getting an emailed spam report every day makes that really easy.

The emailed report provides a list of all the messages the spam filters have picked up for my account since the last report 24 hours ago (approximately). You can get a report that includes both the messages we've held for you, and the sending addresses of everyone who's been bounced. But I use the Aggressive pre-set, so the only messages that are bounced are the ones that we're really confident were spam. So, I set my report to only include the held messages, which makes it easier to review (read: shorter.) The emailed report also has a "Mark This Report Reviewed" button, which lets you delete all the messages in that report, right from your Inbox!

Unfortunately for some users, if your ISP uses content filters (like Comcast), you may end up finding your emailed report in your Spam or Junk Mail folder. That makes sense -- it is a report full of the email addresses and subjects of spam! While having a list is great, some people also just like having a daily reminder to go have a look at the spam we've picked up. So, we're testing out an emailed summary report. It doesn't have a list of all the messages, just a note about how many messages we've picked up, and a button to go check it out on the web. If you'd like to be part of our tester group, just contact Customer Support, and tell us that you want to switch your emailed reports to the summary version!

If you want to keep an up-to-the-minute eye on your spam, you can also get an RSS feed of your messages! That's customized per-person, so I can't give you a link, but head over to the Spam section if you want to grab one. The feeds are customized per view, so you can subscribe to just the view you want to see.

And, of course, some people are happy just knowing the Spam section is there if they need it, but don't need to be reminded just how many people in the world want to sell them a degree. (Only 10 this month, thank you!) If that's you, you can turn off your emailed reports at any time. Please don't report them as spam. That can cause your ISP to think they are spam, and other Pobox customers who do want them may not see them.

Signing off from snowy Philadelphia -- I hope all of you East Coast residents stay warm!

It's time to say goodbye to IE6.

2010-01-29T17:21:00.005-05:00

It can be hard to say goodbye to something familiar. A favorite toy, an old coat, a well-used picnic blanket... they all hold fond memories. But if Internet Eplorer 6 were an old coat, it would be a flammable polyester one infested with bugs, that was secretly giving you a rash every time you wore it. It's time to say goodbye to IE6.

The security breach at Google, amongst other locations, targeted computers that have IE6 installed, because they have so many security vulnerablities. IE6 is notoriously HTML non-compliant, so web pages can look substantially different on IE6 than they do on modern web browsers. (Test your browser, to see how standards compliant it is!) Because of its non-compliance and limitations, more and more companies are refusing to support IE6 browsers, including Google Apps, and more and more organizations are pushing people to upgrade, like the German Government.

IE8 is not perfect, and still has security vulnerabilities that are being discovered. But it is light years better. Like most modern browsers, it will warn you about phishing attempts, which protects not only from computer viruses, but also identity theft, and even the possibility of giving hackers access to your bank account.

If you have a custom application that requires the use of IE6, it may not be possible for you to upgrade your version of IE. If that's the case, please download Firefox, and use it whenever you are not using the custom application. The security holes in IE6 may mean that you are compromising all the data on your computer, or that spammers are using your computer (and your Pobox account!) to send spam and viruses, if you continue to use it for your daily browsing.

Nearly 90% of Pobox customers have already made the switch. We hope that you guys will spread the good word to friends and family members you might see using IE6, or even do them a favor, and help them upgrade their computer! For the last 10%, it's time to make the switch.

Yes, Jenn, I'm talking to you.

New Feature: Spam to Report folder

2010-01-22T17:35:00.004-05:00

Mailstore customers have an easy new tool for reporting spam directly from their email program!

We've added a "Spam to Report" folder to all Mailstore accounts. (If you don't see it, you may need to resynchronize your account, or quit your email program, then reopen it.) To report a message as spam, just drag or save it to that folder. Our spam reporter checks those folders for spam regularly. When it finds a message, it is sent to Cloudmark as a spam report, and deleted from your account.

Cloudmark analyzes the message content, to find elements that may have come from different email addresses or locations, but that have all been reported as spam. All Pobox accounts run the Cloudmark spam filter, unless you're an old custom user who hasn't upgraded to Pobox Recommendations. So, submissions to Cloudmark work to improve filters that are automatically applied to your account!

Webmail users have been able to report messages as spam for some time, and we are very pleased to be able to extend this feature to all Mailstore customers, regardless of where they are reading their messages.

In order to take advantage of "Spam to Report", your Mailstore account must be using IMAP. That's because only IMAP synchronizes changes you make on your computer with our server. POP3 accounts could put mail in the Spam to Report folder, but we would never see those messages when the reporter ran, because they would only be on your computer. If you need to switch your account to IMAP, you can find instructions in the Help section.

Where in the World is Carmen Spamdiego?

2010-01-14T18:52:00.005-05:00

Spam comes from all over the world. But, like the future, it's not evenly distributed. According to a 2009 security report by Cisco (pdf), the top geographic producers of spam, in trillions of messages per year, are:

Brazil: 7.7
USA: 6.6
India: 3.6
South Korea: 3.1
Turkey: 2.6
Vietnam: 2.5
China: 2.4
Poland: 2.4
Russia: 2.3
Argentina: 1.5

Tired of getting spam that's traveled around the world to reach you? Pobox offers geographic-based filters that lets you block mail from specific countries, or whole continents! They will block all mail from that country or continent, so don't block mail from Europe if you've got a pen pal in Poland or a grandma in Germany. But if your only encounter with South America is eating brazil nuts, you might take a big bite out of your spam by blocking that mail.

"Where's Nigeria?" you might ask, examining this list. Nigeria and other places are the source of many, many email scams, which have been going on much longer than you might suspect. Sometimes known as 419 scams, these are the messages you receive promising you untold millions for a small measure of assistance. There's actually a human being at the other end of these messages, as a story of trickster vs. trickster on This American Life showed. So, the volume tends to be smaller than the bot and zombie-driven traffic of other countries.

Do you represent part of the 6.6 trillion messages coming out of the US this year? OK, you don't if you live anywhere else, but are you part of your country's spam output? Infected PCs are one of the major sources of spam worldwide. Running up-to-date anti-virus software (or avoiding a virus in the first place) is the best way to make sure you're not part of the problem. "But, Vanessa, anti-virus software is so expensive!" Not so, my friends. Immunet is now offering free anti-virus software, so go download it today.

Security Changes at Pobox

2009-11-16T10:10:00.001-05:00

We are rolling out some new security procedures here at Pobox, to help protect you from unauthorized access, but also to alert you if it should happen.

This week's changes are in 3 areas. First, we have added email alerts. Updates to your forwarding addresses, password or security question will all trigger an email notification. In the case of forwarding address changes, the notification will be sent to all old forwarding addresses, as well as the ones that have been added.

Should someone make changes to these elements of your account, for any reason, we'll send an email "receipt" of the action. This can be for innocuous reasons (if you and your spouse share a computer, they may simply not realize that you are logged in to your account, and make updates) or by malicious intent. Either way, the sooner you become aware of a change made to your account, the faster it can be fixed.

The second change is designed to make it harder for an unauthorized person to "verify" themselves with Pobox Customer Service. We have switched from a series of questions, to a multi-point security confirmation. Questions must be answered correctly in multiple categories to receive a password reset URL at a new address. (Password reset requests will always be sent to the current forwarding address as well.)

We encourage you to go update your contact information immediately. We rarely use your contact information (and we never give any other companies or groups access to it), but it is used as one of the elements in our new multi-point verification process. Plus, in a worst case scenario, we can use it to contact you immediately for an emergency with your account.

Please also check and update your security question. Your security question should be something that is hard to guess or find out, but something that doesn't change. "Who was my favorite teacher in elementary school?" is a good question. "What was my first concert?" is a good question. "How many licks does it take to get to the center of a Tootsie Pop?" is a bad question because you could guess the answer. "My nickname" is a bad question (unless no one really uses it) because anyone who knew you would know it.

Finally, we are making changes to the way your Pobox login sessions work. This may mean that you will be prompted to enter your password somewhat more frequently than you have been in the past.

These changes are being made for the security and protection of your accounts. We appreciate your understanding about the changes, and we hope that you will find them to be valuable improvements to your account!

How and Why Downtimes are Scheduled at Pobox

2009-10-30T18:13:00.003-04:00

Very early next Tuesday morning (or late Monday night for you night owls), Pobox has a Mailstore downtime scheduled from midnight to 4 AM (which is a really long outage for us!) I asked our Operations Head, Bryan Allen, to explain a little bit about downtimes, including the many, many changes that don't require downtimes, as well as what kinds of changes do.

Here at Pobox we try to minimize outages. In fact, we kind of have a thing about it. We keep the spice flowing, and we try to ensure you can access your mail. Periodically, we generate planned outages for software or hardware upgrades.

The vast majority of the Pobox service infrastructure is redundant and to an extent, self-healing; it requires no human interaction when badness occurs. The rest is replicated but requires manual intervention for failover. The core databases are an example of that: We have failover replicas, and we can fail over to any one of them within minutes with a minimum of service impact and no performance degradation once the failover has finished.

Our software upgrades are relatively benign these days. We push new Perl code to production several times a week, and we patch our operating systems regularly (thanks to the magic of Solaris LiveUpgrade, this would create an outage of a few minutes if most services weren't already redundant), and so on. We very, very rarely have service outages that are caused by core software.

On rare occasion (especially in the last several years), we'll hit an unplanned outage on a unique service. Those are Big Fires, and there's only one goal there: To fix the problem and restore service. Hardware outages, simply due to intrinsic orneriness, are harder to both plan for and recover from. Sometimes bugs can generate an outage: Recently a bug in the Mailstore authentication code made it so new clients could not authenticate and access their mail. That was a regression, and the fix was trivial.

Conversely, a planned outage is a declaration of intent: It says we are going to create an interruption of service some some specific, defined reason. At times, the intention is to avoid an unplanned outage (a fire) at some point in the future. Usually, it's to improve the service in some way.

Tuesday's outage is for a relatively major hardware upgrade.

The X4100 M2s running the Mailstore storage are somewhat older dual-core Opterons. We haven't quite hit the wall for their CPU running Mailstore, but we can see the dust on the horizon. Very early Tuesday morning, we're going to be swapping the X4100s out for X4150s (dual quad-core Xeons). That change alone will see us through for quite a long time. In addition to faster CPU and bus, however, the X4150s can take double the RAM (doubling the filesystem cache) and have 8 SAS bays (four free, currently, per-system). This will let us a build a Hybrid Storage Pool, redirecting the filesystem journal writes to an write-optmized SDD, and building an L2 filesystem cache on a read-optimized SSD. To put it very mildly: Zoom. In the future we'll want a way to upgrade the storage head nodes without taking the service offline, but currently the architecture doesn't allow for it.

In addition to snapshots (which we utilize for data recovery and streaming replication), ZFS comes with built-in compression. The bottleneck for disk access, is well, spinning rust. Regardless of the speed of the disks you use, and the size of the your filesystem cache (which is currently 16GB for Mailstore), you still have to retrieve bits from a platter. And that's slow. So why is compression a good thing? Won't compressing files consume CPU? Isn't CPU still a valuable resource? It is, but these days your fileservers CPUs are likely to be sitting relatively idle, while their disks are thrashing. If you compress the bits you write to disk, you have less to read and write, and get far more I/O per second, basically for free.

(Back when we first refactored the discards storage system, it was taking forever to write the user indexes to disk. Enabling compression increased performance by at least threefold.)

For this upgrade, the vast majority of work can be done before the maintenance window even starts. We use Puppet from Reductive Labs to manage our systems, and we encapsulate services in Solaris Zones. Put that together, and you have the ability to quickly provision services on new hardware without actually doing any work. So the new zones are all already running and configured, just waiting for the storage pools to be mounted. It really is as easy as it sounds.

Regardless of how easy it sounds, for every outage you want a pullback plan. If your upgrade totally fails for some reason, you want the ability to just put things back the way they were. In this case, the plan is: Plug the hardware into the old box.

We scheduled this window for four hours because I'm paranoid. You'll see this a lot when any business is updating a core piece of infrastructure. When our datacenters are updating their routers, they announce a six hour window where connectivity may flap. You may have noticed that our connectivity does not actually flap regularly, because they're pushing out updates they've tested in their labs already, and are reasonably sure everything will be full of joy. Badness does occur, though, and when it does it has a very bad habit of avalanching. So you want a defined window to try to resolve the problem and still complete your task, before you have to give up, put the old pieces back into place, and try again another day.

To recap the services that will be affected by this downtime, Mailstore customers will not be able to access webmail, their Mailstore folders or receive new mail to their Mailstore Inbox during the outage window. If you are a Mailstore customer, and also forward your mail to another address, your forwarded copy will be delivered throughout the outage without delay. You will also be able to send mail. If you are an IMAP user, and keep a local copy of your mail on your computer, you will be able to read your local copies, and any changes you make (deleting, moving messages, etc.) will be synced to Mailstore when the downtime ends.

We apologize for any inconvenience this may cause, and Bryan did ask me to tell you that, if everything goes smoothly, the downtime will be much shorter than the scheduled window. He just doesn't like to bank on that.

Sharing Files: Alternatives to Attachments

2009-10-15T17:33:00.004-04:00

Fun fact: email is not a file transfer protocol. When you use it to send files around, weird (and sometimes bad) stuff happens. Attachments can contain viruses. They take a lot of bandwidth to send (especially if you're CCing them to a lot of people), and that means that everything is slow, and that makes admins suspicious. (Sure, they're a suspicious lot by nature, but they make the Internet go, so we try not to make them mad as a rule.)

But, for a lot of people, attaching a file to an email is the only way they know to send a file to someone else. How else can you get a file to someone besides email?

The very best way to transfer a file is to open a connection directly from the computer that has it, to the computer that wants it. That way, only the two computers that need to handle it do, by talking directly to each other. (When you email a file, three, four or maybe more different computers will handle that message.)

If you're talking to someone on IM, you may not realize it, but you're already using one of the easiest file transfer mechanisms around! Just drop the file you want to share into your chat, and you'll immediately prompt them to start downloading the file from you. It works for pictures, music, Word documents, even short movies. Drag-and-drop!

But, what if you aren't both online at the same time? Well, there are still plenty of options out there.

As digital cameras become more and more sophisticated, even emailing pictures can generate huge messages. Using one of the photo sharing services or social networking sites, like Flickr, Picasa, Kodak Gallery, Snapfish or Facebook, means you get access to their handy tools (like ordering prints!) It also means that the people who you're sharing photos with have an easy place to see all your pictures over time (so that adorable picture from last Thanksgiving can be looked at again when you email them a link to this year's pumpkin pictures.) With an extensive range of privacy options, it's also really easy to make sure people have to log in with a password to see your pictures.

Just want to share some regular old files? Apple's iDisk or Joyent's BingoDisk let you share files publicly or privately (and provide an off-site backup, should your computer fail.) A third option, Dropbox, even provides 2GB of free storage to anyone who sets up an account -- plenty for any basic file-sharing you may need to do.

There are other benefits to sharing this way, too. It's easier to make changes, and know that someone is looking at or downloading your most up-to-date version. Some sites will provide you with statistics, so you can see how often a file is being looked at.

Know other easy, non-email ways to share files? Leave a comment!

Email Etiquette: a background picture is worth a thousand groans

2009-09-25T14:13:00.005-04:00

Email Etiquette is a series of blog posts that was nearly titled "Things you've tried to tell your family a million times, and have gotten tired of repeating." Have an email pet peeve that you'd like to see in a future blog post? Send an email to pobox@pobox.com or leave a comment!

Once upon a time, my mother got an email program that had clip art built in. For a period of several months, no message was too large or small to go unembellished with clip art. Failing to find any clip art in her collection that would suit her message content, she could always just fall back to a picture of a cannon.

By and large, email is still a medium that values content over style, at least when you hear from a human and not a company. But, from time to time, we still get that message with pink text on a paisley tiled image background. So, here are Pobox's tips for maximum email enjoyment for all.

Sending images in your messages is great. Grandparents the world over love receiving pictures of their grandbabies. Images are less great the more people you send them to, though. (If you want to spread pictures far and wide, put them on Flickr.) Background pictures, by virtue of going out on every email you send, are thus the worst offenders of the email world. Save background images for your web pages.

When considering your email text, think of it this way. Every email you send is asking someone for something, even if it is only, "Please read this message." When you ask someone for a favor, you want to make it easy for them to do it. So, choose a clear, easy-to-read font, preferably at least 12 pixels large (10 is ok for print, but too small for the screen.) Black text is the easiest to read in a variety of formats. If you need to add color, it should be an accent, like in your signature, not for the whole message text.

What are your email formatting pet peeves?

Keeping Tabs on Released Messages

2009-09-21T13:24:00.000-04:00

Since we began holding messages we caught as spam (many, many years ago now!), a frequent question has been, "Where is the message I released?" To help answer this question, we have added Delivery Status to the Released Messages page. We hope this will help give a little insight about what's happening behind the scenes!

To view Delivery Status, just click "Edit Columns on the Released Messages page, and check "Delivery Status". There are 3 possible states we display: Bounced, Queued or Sent.

If a message is marked Bounced, we tried to deliver it to the address you selected, and it was rejected by your ISP. This could be due to an overfull mailbox, or a problem with your account. If your release bounced, other messages may also be bouncing, so we recommend adding another forwarding address where we can send your messages, and then re-releasing the message. If your other mail is not bouncing, it's possible that the message you're releasing is actually a phishing attempt or virus, and your ISP is rejecting that message, to protect you from a dangerous email.

If a message is marked Queued, it means that Pobox has it flagged for release, but the release hasn't been processed yet. In order to keep the Spam system running smoothly, releases are processed in a batch. But if you have a message that's been marked Queued for more than 20 minutes, please email Customer Support and let us know, and we'll do what we can to get it released, pronto!

A message marked Sent means that your message is being sent. This is what you should nearly always see. However, this is actually the most common "missing" group!

In most cases, the message characteristics that caused us to think the message was spam also caused your ISP to think the message is spam. Usually, these messages can be found in your ISP's Junk Mail or Spam folder. If they aren't, we recommend emailing your ISP and asking them to locate the missing message. If you also add the "Released Time" column to your Released Messages page, you can see what time we sent you the message.

Another reason why a message marked Sent might go missing is if you have multiple forwarding addresses on your account, and you released the message to one other than the one you're checking. In that case, the simplest thing to do is just release the message again.

Released mail is usually delivered immediately, because there's such a small number of messages sent out from those servers. However, from time to time, mail has been backed up by someone releasing a large amount of spam. In those cases, we have seen messages to other users at that ISP get deferred (or temporarily rejected, with a request to retry delivery later.) This is the major reason that we monitor releases; releasing spam can cause other people's legitimate mail to be delayed.

We hope that you'll find this additional little piece of information about Released Messages useful!

Zombies walk the Internet: Today's Pobox mail delay

2009-09-04T16:53:00.003-04:00

This morning, Pobox mail saw processing and forwarding delays. Most messages were delayed no more than 10 or 20 minutes, but we did get reports of a few messages taking an hour or more to be delivered to their final destination. In general, we try to keep delays for your mail to under 5 minutes; most messages are handled within seconds.

Today's delay was caused by a huge surge in traffic, that we've actually been dealing with for over a week, from a botnet. Botnets are massive numbers of computers (also known as zombies), typically people's virus-infected home computers, controlled by remote software for nefarious purposes. Some estimates say as many as one in 4 personal computers connected to the Internet are running botnet software.

This software can be used for different purposes. In our case, the botnet is being used to send spam. They are also commonly used for denial-of-service attacks, where huge amounts of traffic are targeted at servers or a company, with the goal of effectively blocking all legitimate traffic; or behind phishing attacks, where credit card or bank information is collected.

We are making a number of network and security changes to deal with this ongoing attack. There will be a series of brief outages this evening for the website, webmail, outbound SMTP and POP3/IMAP services, as we make upgrades and networking changes to prevent further delays.

Running a PC at home? Make sure that you have up-to-date anti-virus software, and run it regularly. Using a home firewall is also a good preventative step from keeping your computer from being used as part of a botnet. If you're running a Mac, you're probably safe. Thus far, there seems to have only been one Mac botnet, and it came from people downloading "shared" copies of iWork '09 and Photoshop CS4.

What your email sign-off says about you

2009-08-11T18:13:00.006-04:00

An email sign-off can be seen as warm, affectionate (or overly affectionate!), cold, a brush-off, or just plain odd.

In July, the Edelman public relations firm's in-house research team conducted an online survey where people could write their own responses to the following questions:

Thinking about business e-mails that you write, which one closing do you typically use before signing your name?

Sincerely: 25 percent
Thank you/Thank you for your time: 20 percent
No sign-off: 17 percent
Thanks/Thanks again/Many thanks: 7 percent
Regards (or some variant): 5 percent
Name/E-mail/Job Title: 3 percent

Thinking about personal e-mails that you write, which one closing do you typically use before signing your name?

Love you/Love & hugs/Hugs: 25 percent
No sign-off: 18 percent
Thanks/Thanks again/Many thanks: 8 percent
Name/E-mail/Job title: 7 percent
Sincerely: 5 percent
Thank you/Thank you for your time: 4 percent

The Washington Post article (reprinted in the Monterey Herald) interviewed many celebrities about their sign-offs. But, even better, the author did an online chat where she addressed reader questions about sign-offs!

Since 1995, Pobox Customer Service has used "Cheers" as its salutation, and many of us have ended up using it on our personal mail, too. Founder (and Commonwealth citizen) Meng Weng Wong was also the company's very first customer service agent, and that little briticism has stuck with us since those days. Here's what she had to say to the readers who inquired about "Cheers":

Portland, Oregon: I think that it was my time living in London, but for me I generally sign off with "Cheers." It tends to bring a chuckle/smile and is appropriate to a colleage and to a friend. Minimizes the likelihood of screwing up. :-)

Cheers! Portland, Oregon

Ruth McCann: Craig Brownstein (PR guy quoted in the article) said "Cheers!" has been rebuffed by some of his clients as being "Too PR-y," so keep that in mind. But otherwise, by virtue of its--well--cheeriness, it's a sterling choice! (Unless you're afraid of being read as an over-eager anglophile. But I mean really, why must we read into everything? Jane Austen, and indeed Lizzy Bennett, would do well here...)

_______________________

Signing off: I like "Thanks," but I sometimes use "Cheers," if there's nothing in the e-mail that needs thanking. Am I pretentious?

Ruth McCann: When I have a correspondent who's a "Cheers" user, I always wait on my little tenterhooks to see if that person actually says "Cheers" in person. And sometimes... they do! So I know it's genuine. But man, "Cheers" is an awkward word to say in person. I mean, it just sounds odd. Try it. Someone hands you a sandwich, and you say "Cheers!" Just like... Ron Weasley!

If it's at all comforting, none of my myriad sources said they found "Cheers!" pretentious. So sleep easy.

How do you sign your emails? What does your sign-off say to your correspondents? Does Pobox Customer Service remind you of Ron Weasley when you correspond with them?

Pobox: In love with logos since 1995!

2009-07-08T17:57:00.036-04:00

After the last few posts talking about the modern times of email, I got a little nostalgic for the old days, and I took a walk down Pobox's own memory lane of logos. I also roped Louis Clotman, our graphic designer, into commenting on each logo with a professional's eye.

The original Pobox logo! I remember the thrill I got when I saw this appear in Wired magazine's May 1995 issue. The logo that was born with the service would stay in use until 1998, and was created by Pobox founder Meng Weng Wong.

Louis said: Nice job, Meng. Simple and to the point.

From 1998 to 2004, we asked, "why chase your email, when it can chase you?" From the time when frames were the cutting edge of web design, to the time when the use of frames marked your website as badly in need of an update, this was the Pobox logo (and the jumping-off point for our sister service, Listbox.com, logo redesign, too.)

Louis said: Many email services combine the mailbox metaphor with a computer screen in their logo. I actually like this one. We had dropped the www from our logotype at this point, and the use of yellow added some much-needed color.

As we approached our 10 year anniversary, we changed our tagline to better show our devotion to all things email, and also to highlight our longevity. What's the point of a lifetime email address if the service you're using is only 9 months old? This era did have a "logo" of sorts, but the heart became emblematic of all things Pobox.

Louis said: Trajan was our logo typeface, which contrasted nicely with the sans serif on the rest of our homepage. If I had to select a logo from the past to refresh and reintroduce, it would probably be this one. It's simple and classy.

And finally, the modern logo, which took that heart, and stamped it onto the icy world of email. It has stood through 2 different eras: the age of bicycles, and the age of philately.

Louis said: This was the first logo I got to design, and it took weeks of trial and error to get it right. We distilled the heart down to a frosty block and simultaneously arrived at "Pobox Blue" as our signature color, which you'll recognize from the webmail user interface and the color of some of our links. Avenir has become our house typeface, and it combines with the logo to create a nice, clean effect.

This logo is also great for situational tweaks. So, for your amusement, some variants of the Pobox logo: the technical staff in-house logo (designed by friend of Pobox Dan Hinder), the "zombie" logo and the greenscreen logo (for various email-related talks given by Pobox staffers.)

As one of the first pre-launch testers, my pobox.com email address is turning 15 this fall, and I remember the endless discussions that preceded each one of these logo changes. But one thing hasn't changed over all those years -- our true-blue love for all things email!

Modern Times: Reload Relief with RSS

2009-06-19T17:28:00.003-04:00

Back in the day, if you liked a site, and you wanted to make sure you saw all their articles, you would add it to your Bookmarks, or maybe even make it your Home page in your browser, and check back regularly. Today, you would just add it to your RSS reader instead. (In fact, most web browsers will even double as RSS readers for you.)

RSS (Really Simple Syndication) is part of almost every major website. You'll see it denoted with the icon The idea is like a magazine subscription. Instead of going to the newstand (website) to get your content, the content is sent to your mailbox (RSS reader) whenever it is updated.

This is this handy for the obvious places, like news websites like CNN or the New York Times. It's fantastic for things like friends' blogs, which don't necessarily get updated all the time. And, once you start using it, you'll notice that it's integrated into lots of sites. Flickr lets you add your friends' photo streams, so you'll get new entries every time they post pictures. Farecast (aka Bing Travel, apparently) lets you use it to track airline fares. Google will update your feed every time it scans a page with your name on it (or any other piece of text you're tracking.) Can't remember when your favorite webcomic updates? You can get a feed. And, of course, Pobox will give you a feed of all your spam (or just the results of one of your views, if you prefer.)

It's easy to get started, too! There are desktop programs like Feed Demon and NetNewsWire. I prefer web-based programs like Google Reader or Bloglines, because then they're up-to-date on any computer (or iPhone) I use. Most programs will let you paste in the URL of a site you like, and then they'll scan the site for feeds. Other sites will just present buttons that automatically add their feeds to common feed readers.

It seems at first, that you're just replacing one website with another. But as you add more and more feeds into your reader, and you stop losing track of blogs, pictures, news and sites that you enjoy, you'll wonder how you ever lived without RSS. With RSS, rather than chasing content across the Internet, let it come to you.