Jan
21

Cosmetic products for the spamtrap: Estee Lauder

I have no way to identify why any addresses would be on Estee Lauder’s list, but at the very least, it is clear that they are paying zero attention to bounces.  Addresses that have spent a decade dead just shouldn’t be on anybody’s mailing list any more.

The ESP is CheetahMail, who, according to a rDNS lookup of the surrounding /24, handle bulk email for entities such as VistaPrint.  The words “lossless compression” did briefly cross my mind.

Spamming IP:

136.43.7.8.in-addr.arpa. 86400  IN      PTR     mta933.e.esteelauder.com.
137.43.7.8.in-addr.arpa. 86400  IN      PTR     mta934.e.esteelauder.com.
138.43.7.8.in-addr.arpa. 86400  IN      PTR     mta935.e.esteelauder.com.
139.43.7.8.in-addr.arpa. 86400  IN      PTR     mta936.e.esteelauder.com.

Spam headers, redacted:

From bo-x@b.e.clinique.com Sun Jan 20 16:mm:ss 2013
Return-Path: <bo-x@b.e.clinique.com>
Received: from mta93X.e.esteelauder.com (mta93X.e.esteelauder.com [8.7.43.13X])
        by x (Postfix) with ESMTP id x
        for <x>; Sun, 20 Jan 2013 16:mm:ss +0200 (EET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=e.clinique.com;
        s=x; t=x; x=x;
        bh=x; h=From:Reply-To;
        b=x
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
  s=200505; d=e.clinique.com;
  b=x;
 h=Date:Message-ID:List-Unsubscribe:From:To:Subject:MIME-Version:Reply-To:Content-type;
Date: Sun, 20 Jan 2013 14:mm:ss -0000
Message-ID: <x.x.x@mta93X.e.clinique.com>
List-Unsubscribe: <mailto:rm-0x@e.clinique.com>
From: "Clinique Online" <clinique@e.clinique.com>
To: x
Subject: In-store event: FREE de-aging serum
MIME-Version: 1.0
Reply-To: "Clinique Online" <support-x@e.clinique.com>
Content-type: multipart/alternative; boundary="=x"
Content-Length: 10197
Lines: 246

Human-readable spam contents:

Trouble viewing this email? Click here >

http://e.clinique.com/a/x/view?t=x&password=x$-x&RAF_TRACK=&email=x&FNAME=Customer

Make sure you receive our emails!
Add clinique@e.clinique.com to your address book.
****************************************************

A second chance for every skin.

Smooth and refined in 4 weeks – that’s what Repairwear Laser Focus serum
can do for your skin. Now, get a 4-week supply FREE.

It’s simple:
1. Visit a Clinique counter near you by January 29 to pick up your free
2-week supply.
2. Bring your empty bottle back to our Clinique counter and we’ll give
you another free 2-week supply.

FIND A STORE>

http://e.clinique.com/a/x/store

*One offer to a client, please. While supplies last.

****************************************************

You are receiving this email because you signed up with
Clinique Online | Update | Unsubscribe

http://e.clinique.com/a/x/home

http://e.clinique.com/a/x/unsub?t=x&email=x&FNAME=Customer

Clinique Online, 767 5th Avenue, New York, NY 10153

One Response to Cosmetic products for the spamtrap: Estee Lauder

  1. Tom Mortimer
    January 26, 2013 at 12:37 am

    I wish I could just drop the outbounds for many ESPs into my router deny tables. Unfortunately some of what Cheetahmail and other big ESPs send is transactional email. Customers notice when they don’t receive receipts and the like, although few of them seriously care about the occasional blocked marketing email.

    Human shields. They’re not just for Soddam Insane. :/

Leave a Reply

Go back to top