Inbox Intel: Never standing still

Email Ecosystem Briefing: June 2025

This briefing summarizes key developments and insights from recent articles concerning the email ecosystem, focusing on innovative protocols, major data breaches, and industry partnerships.

Key Themes:

• Innovation in Email Protocols: While traditional email protocols like SMTP and IMAP are deeply entrenched, there's ongoing exploration and experimentation with new approaches, albeit with a playful and often satirical tone.
• Pervasive and Evolving Security Threats: Large-scale data breaches and the proliferation of infostealer malware highlight the persistent and significant security risks associated with email credentials and personal data. Email remains a critical target for cybercriminals.
• Industry Collaboration and Community Building: Organizations are actively seeking to strengthen the email community through partnerships and memberships, emphasizing shared knowledge and resources for addressing challenges like deliverability and security.
• Importance of User and Provider Vigilance: Both end-users and email service providers play crucial roles in mitigating the impact of breaches and adopting enhanced security measures like MFA and passwordless authentication.

Most Important Ideas and Facts:

• SHARP Protocol (Self-Hosted Address Routing Protocol):
• Nature: An experimental, humorous, and satirical project by developer “Outpoot” (FaceDev) that aims to explore new possibilities for email. It is not intended to replace existing protocols like SMTP and IMAP in a traditional sense.
• Core Features (Whimsical yet Functional):JSON-based Communication: Utilizes JSON over TCP, simplifying message formatting compared to complex MIME headers.
• Built-in Anti-Spam with Hashcash: Requires senders to perform computational work (CPU cycles) to deter spam, literally making spammers "pay" for sending.
• IQ-based Vocabulary Limiter: A humorous feature that restricts vocabulary based on an IQ test, critiquing email jargon.
• Global Chat Integration: Blends real-time chat directly into the inbox.
• Practical Innovations: Includes message expiration timers and "bomb" emails that self-destruct after reading.
• Significance: While not a threat to established protocols, SHARP is a "catalyst for fresh thinking about communication protocols we’ve long taken for granted." It can be test-driven at twoblade.com and is open-source on GitHub.
• Free Mobile Data Breach and HIBP Integration:
• Incident: French ISP and major email provider Free Mobile experienced a "catastrophic data breach" in October 2024.
• Impacted Users: Affected nearly 14 million users initially, with the data put up for sale on BreachForums.
• Exposed Data: Included personal information, email addresses, names, physical addresses, phone numbers, genders, dates of birth, and for many, IBAN bank account numbers. While IBANs were deemed "not enough to make a direct debit from a bank," the exposure is serious.
• Email Security Risk: Poses "heightened security risks for millions of @free.fr email users" due to potential for "sophisticated phishing campaigns targeting French users."
• HIBP Inclusion: The breach data was added to Have I Been Pwned (HIBP) on May 27, 2025, over seven months after the initial disclosure. This highlights the time required for breach data verification and processing. HIBP now shows 13.9 million affected accounts from this breach.
• Recommendations: HIBP advises affected users to change Free Mobile passwords (if not updated since 2024), enable two-factor authentication, change passwords on other accounts with the same credentials, and monitor for suspicious activity.
• Massive Credential Leak (180 Million Accounts):
• Discovery: Independent security researcher Jeremiah Fowler discovered an unsecured online database containing approximately 180 million login credentials.
• Data Origin: Believed to be the result of "infostealer malware" harvesting data from infected devices.
• Scope: Included plaintext usernames and passwords for a vast range of services, including Google (Gmail), Facebook, Instagram, Roblox, Discord, Microsoft, Netflix, PayPal, Amazon, Apple, Snapchat, Spotify, Twitter, Yahoo, banking, healthcare, and government portals (.gov domains from at least 29 countries).
• Risk: Poses "significant risks to both individual users and the wider email ecosystem" and is described as a "cybercriminal’s dream working list."
• Company Systems Untouched (Currently): Affected companies have not reported breaches of their internal systems; the credentials were likely obtained from end-user devices or other third-party breaches.
• Response and Recommendations: The database was shut down by World Host Group after notification, but copies may still circulate. Recommendations include enabling MFA, using strong unique passwords (via password managers), changing compromised passwords, and monitoring accounts. Providers should cross-reference leaked emails, enhance suspicious login detection, and advance passwordless authentication options.
• Industry Trend: This leak underscores the move towards "passwordless authentication options like passkeys" by major companies to reduce reliance on passwords.
• GreenArrow Email Joins emailexpert as Charter Enterprise Member:
• Partnership: GreenArrow Email, specializing in high-performance email delivery solutions, has joined emailexpert as its first 2025 Charter Enterprise Member.
• emailexpert Role: Described as a "leading global community for email professionals."
• GreenArrow's Expertise: Brings over two decades of experience in "exceptional deliverability, throughput, and scalability."
• Significance: This membership "enhances the diversity of expertise and reinforces the collaborative spirit that defines the community," highlighting the importance of industry collaboration in the email space.
• Mautic 6.0 Orion Edition Release:
• Product Update: Mautic, an open-source marketing automation platform, released its 6.0 Orion Edition.
• Focus: Aims to provide a "fully sovereign marketing solution that respects user privacy and eliminates vendor lock-in."
• Key Improvements: Features a "completely overhauled interface" for intuitive guidance and enhanced reporting capabilities to achieve "feature parity with proprietary tools."
• Community Contribution: Ruth Cheesley, emailexpert member and Mautic Project Lead, emphasizes the community's focus on accessibility and strengthening the technical foundation.

Overall Picture:

The email landscape is a dynamic environment marked by simultaneous efforts to innovate and address significant security challenges. While experimental protocols like SHARP showcase a desire for new approaches, the fundamental security of email remains paramount, as evidenced by large-scale credential leaks and data breaches. The industry is also actively fostering collaboration and community among professionals and companies to share knowledge and best practices for navigating these complexities. The push towards passwordless authentication and enhanced security measures is a critical response to the evolving threat landscape.