December 2020 in Spamtraps: ESPs

ESP Top Ten chart, December 2020
Figure 1. ESP spam in spamtraps, December 2020

Okay, so here’s the last post of 2020, a day or two late.

It really seems as if the SendGrid flood that there was during the autumn is over. There’s still a lot of mail, and some of it is still stuff that no ESP customer should be sending, but the numbers are more or less back to normal, which is nice.

0All others33.9%259 ESPs identified
1Salesforce Marketing Cloud15.6%Marcus & Millichap (3.5%)
2SendGrid13.8%Uber (7.0%)
3Mailchimp8.7%Spamtrap bias showingAkcióbazár (<1%)
4Amazon SES6.3%Netflix (4.9%)
5Oracle Marketing (3.7%)
6Adobe Campaign3.9%Pandora (49%) (10%)
8Epsilon>2.9%DICK’S Sporting Goods (40%)
9CheetahMail<2.9%Talbots (7.7%) (3.3%)
Table 1. Top 10 ESPs in our spamtraps, December 2020,
with their shares of the total and most prominent customers

We’ve done something strange, or spammers have done something strange, I don’t know. The proportion of ESP spam to all spam we’ve seen keeps growing. The numbers remain more or less the same, while the total goes down, so I guess either the botnets are spewing less, or we’re ignoring them better. The percentage of ESP spam to all was a whopping 8.1% this month.

Then there’s the relative badness.

ESP badness, December 2020
Figure 2. Relative badness of ESPs in our spamtraps, December 2020

As always, the “relative badness” figure is obtained by dividing the total number of messages sent to us by an ESP by the apparent number of its customers participating in it.

The biggest customers in the badness chart are DICK’S Sporting Goods for Epsilon (almost 40% of Epsilon’s total catch in our traps); the Republican party (over 70% of what Pulsepoint sent); Costco (over a third of what we got from WhatCounts) and Pandora, which amounted to almost half of the Adobe contribution.

That’s all, folks! Happy New Year, may it be less interesting in the Chinese sense than the one we just left behind.

Sliding window – August to October 2020 in Spamtraps: ESPs

This follows the earlier July to September post – the trends continue to be more important than the spot figures. The percentage of ESP spam of all mail was 9.7% in October.

Figure 1. Percentages of various ESPs of the total catch identified
as having been sent by any ESP, August to October 2020
Read more…

July to September 2020 in Spamtraps: ESPs

Turns out there was a point to being lazy with the monthly reports over the summer. This chart needed to be drawn over a longer period of time to highlight the obvious.

A logarithmic chart of the  contributions of various ESPs in the Koli-Lõks OÜ spamtraps over the period of July to September 2020.
Summer 2020 in Spamtraps: ESPs
Read more…

June 2020 in Spamtraps: ESPs

Figure 1. Top 10 ESPs in our spamtraps, June 2020
Read more…

May 2020 in Spamtraps: ESPs

Figure 1. Top 10 ESPs in our spamtraps, May 2020
Read more…

Join Netflix today

Recently, a friend encouraged me to look into the marketing of Netflix, the video-on-demand platform.

They’re sending from Amazon SES, one of the ESPs we are tracking, so I might have materials to look at.

My notes on ESP spam go back years, so I can easily pull up the data and draw a graph of the percentage of mail related to in the observed output of Amazon SES in our traps.

I’d say somebody has got a little over excited with the remarketing. My favourites are the “Join today!” emails sent to addresses that never existed, where the explanation for why the recipient got it is that they had previously created an account. Why do they need to join in a second time and how were they able to join to begin with, with an email address that has never existed?

2019-11 to 2020-04 in Spamtraps: ESPs

ESP stats in our spamtraps over the past half year
Read more…


Unfortunately we’re not going to be able to attend the #emailexpert Inbox Expo in London in the upcoming March ourselves, but that won’t stop us from giving the summit and its chief protagonist Andrew Bonar some free advertising here on Mainsleaze. We’ve collaborated with him at least since his times at Emailvision and have watched the progress from email service provider abuse desk to deliverability expert to all-around email industry icon with great pleasure and we’re delighted to be able to help spread the word about this event.

  • Wed Mar 18 to Thu Mar 19, 2020
  • London, United Kingdom
  • Science Gallery, London Bridge
  • Tickets £890 (fees included)

I’ll happily wear a tee but I would do this for you, Andrew, even without one 😉 Cheers, Atro

Urmo Mark at it still/again

Urmo just can’t shake his old habits. Here he is again, today or yesterday, spamming with some new domains created in October 2019, predictably proposing spam-for-hire services to Estonian companies. The sending domain is already on Spamhaus DBL and I don’t predict a great lifespan for the OVH IP out of which this was sent.

Read more…

UpCloud – competition is fierce and business prospects dire

Earlier today, the Finnish cloud hosting company UpCloud Ltd (www, biz reg, responsible people) decided they’d start looking for new customers by spamming.

Read more…

Go back to top