July to September 2020 in Spamtraps: ESPs

Turns out there was a point to being lazy with the monthly reports over the summer. This chart needed to be drawn over a longer period of time to highlight the obvious.

A logarithmic chart of the  contributions of various ESPs in the Koli-Lõks OÜ spamtraps over the period of July to September 2020.
Summer 2020 in Spamtraps: ESPs
Read more…

June 2020 in Spamtraps: ESPs

Figure 1. Top 10 ESPs in our spamtraps, June 2020
Read more…

May 2020 in Spamtraps: ESPs

Figure 1. Top 10 ESPs in our spamtraps, May 2020
Read more…

Join Netflix today

Recently, a friend encouraged me to look into the marketing of Netflix, the video-on-demand platform.

They’re sending from Amazon SES, one of the ESPs we are tracking, so I might have materials to look at.

My notes on ESP spam go back years, so I can easily pull up the data and draw a graph of the percentage of mail related to netflix.com in the observed output of Amazon SES in our traps.

I’d say somebody has got a little over excited with the remarketing. My favourites are the “Join today!” emails sent to addresses that never existed, where the explanation for why the recipient got it is that they had previously created an account. Why do they need to join in a second time and how were they able to join to begin with, with an email address that has never existed?

2019-11 to 2020-04 in Spamtraps: ESPs

ESP stats in our spamtraps over the past half year
Read more…

(PROMOTIONAL) Inbox Expo

Unfortunately we’re not going to be able to attend the #emailexpert Inbox Expo in London in the upcoming March ourselves, but that won’t stop us from giving the summit and its chief protagonist Andrew Bonar some free advertising here on Mainsleaze. We’ve collaborated with him at least since his times at Emailvision and have watched the progress from email service provider abuse desk to deliverability expert to all-around email industry icon with great pleasure and we’re delighted to be able to help spread the word about this event.

  • Wed Mar 18 to Thu Mar 19, 2020
  • London, United Kingdom
  • Science Gallery, London Bridge
  • Tickets £890 (fees included)

I’ll happily wear a tee but I would do this for you, Andrew, even without one 😉 Cheers, Atro

Urmo Mark at it still/again

Urmo just can’t shake his old habits. Here he is again, today or yesterday, spamming with some new domains created in October 2019, predictably proposing spam-for-hire services to Estonian companies. The sending domain is already on Spamhaus DBL and I don’t predict a great lifespan for the OVH IP out of which this was sent.

Read more…

UpCloud – competition is fierce and business prospects dire

Earlier today, the Finnish cloud hosting company UpCloud Ltd (www, biz reg, responsible people) decided they’d start looking for new customers by spamming.

Read more…

Q4/2018+1 in Spamtraps: ESPs

October 2018 to January 2019

Another case of “didn’t get a round tuit for some time”

ESP spam seen in spamtraps, October 2018 to January 2019

Another couple of months have passed by so quickly and I only just found I had even completed the October report but forgotten to release it…

The percentages of ESP spam in the traps were, respectively, 3.0%, 3.4%, 3.0% and 2.8% during this period.

Ediware disappeared back into the void it had come from after the Oct 24 disaster. All other operations on the list are household names.

Salesforce keep increasing their lead over the competition.

I am pleased to see that SendGrid made Advisor Perspectives disappear after the very beginning of November. Nobody could guess what explains the simultaneous rise in Zeta Interactive’s spam output, from relative obscurity (#28 in October) to #11 in November and the Top Ten in December-January.

Looking forward to seeing you all in San Francisco in a few weeks!


October 2018 in Spamtraps: ESPs

Blast from the recent past

(This is what happens when you forget to click Publish)

ESP spam seen in spamtraps, October 2018

The percentage of ESP spam was 3.0%, down from 3.2% in September. The total amount of mail in this trap collection was up 16% from September.

There’s a new player on the list again. Ediware is a French email service provider that has been around since 2001. This is the first time ever they have made this list in any capacity, and it’s straight to the top 10. During October 24 from 5 pm to 8 pm CEST they had a malware/botnet/whatever infestation spamming “fix your wifi”, “desktop microscope”, “heating gadget” etc. To their credit, they got on top of it quite quickly, in four hours the problem was completely curbed, but while it was going on, the volume was huge. Any other stuff from them amounted to 0.4% of the total – no wonder we don’t usually see them.

Salesforce is so much ahead of SendGrid this month I would have expected to see something unusual from them. But no, it’s the same old players, none of whom are sending anything out of the ordinary.

SendGrid really need to get rid of Advisor Perspectives. Like, really. And so do MailChimp, for that matter.

Bubbling under this month: Mapp Digital (2.1%), Adobe Campaign (2.0%).

RATINGPARTICIPANTPERCENTAGENOTESMOST PROMINENT CUSTOMER
0All others34.7%
1Salesforce Marketing Cloud14.2%ExactTargetKohls (4.5%)
2SendGrid11.8%Advisor Perspectives (11%)
3MailChimp8.9%Boston Globe (0.8%)
4Oracle Marketing Cloud5.7%Nordstrom (6.9%)
(Nordstrom and Nordstrom Rack are also Salesforce’s #7 most spamming customer with 1.6% of SMC total)
5Amazon SES5.0%Netflix (3.8%)
6CheetahMail4.2%Eddie Bauer (5.8%)
7Mailgun4.0%The Italian affiliate spammers (at least 35%)
8Ediware3.9%Botnet flood on October 24 (>99%)
9IBM Marketing Cloud3.1%renewlife.com (nearly 30%)
10Constant Contact2.5%123dj.com (2.4%)
Go back to top