Take #2: B2B Prospecting Spam from IBM

Almost a month after I reported that a salesperson at IBM was sending B2B spam to a scraped or purchased list, the same individual spammed one of those email addresses again. As with this sender’s previous spam, the email was sent from IBM’s corporate mailservers, and specifically from a Lotus Notes system apparently used by their business development team.

Read more…

Snowshoe-like email verification and lead generation services

Many email verification and lead generation services act a lot like snowshoe spammers. They bounce around from host to host, hoping to avoid detection and suspicion caused by their unusual SMTP traffic.

Read more…

Long-term ESP performance in spamtraps

A collaborator inspired me to draw a few more graphs (you know who you are, and thank you very much for the idea).

I had retained the numbers for the ESP blogs ever since May, so it occurred to me that it might be pertinent to do a time series. The graphs are expressed in percentages against the total amount of ESP spam received, so the growth of total volume (for example, as a result of adding more spamtraps) is already accounted for. Since the data points are naturally mostly at the low end of the scale, a logarithmic scale seemed appropriate.

So, please find enclosed three graphs of ESPs appearing in spamtraps, divided into Transactional, SMB Marketing and Enterprise Marketing. The selection of ESPs and their division to these three categories is according to the ideas of the collaborator. NB. We only started tracing Zeta Interactive in August.
Read more…

Government action on spam

It is with delight that I have just read the ICO’s blog on its international work and how the UCENet (formerly London Action Plan) collaborates with MAAWG.

Looking forward to more of the same in San Francisco, Feb 20-23, 2017!

Why have a policy?

Excellent post from Mickey Chandler over on Spamtacular.com, one of the blogs we refer to in the sidebar: https://www.spamtacular.com/2017/01/04/back-to-basics-why-have-a-policy/

If you want to successfully deliver mail into the inboxes of your recipients, you must abide by the mailbox provider’s policy, and the ESP’s opt-in requirement simply exists in order to assist you in complying with the mailbox provider’s policy. In other words the ESP’s policy exists for one simple reason: To help you succeed.

KeyUp / Sivona / DSN / Spam-Sauvola

Please find enclosed a few recordings of harassing telephone calls made from +358-41-3633495, the registered telephone number in keyup.fi, Dysnomia Oy. The voice does not belong to “Katariina”, obviously, so it’s “Niklaus”, and even though their Finnish is not native (rather Estonian-influenced), it clearly isn’t spoken by Kenyans either (w.r.t. the registered owners of Dysnomia Oy) or Arabs (w.r.t. Mohammed Sahran, the registered owner of dsn.fi, one of their spamming domains).

Read more…

New Server (Take #2)

The Mainsleaze Blog has moved to yet another new server, this one running CentOS 7. Everything appears to be working properly, including the pages and links that were broken on the first server. Please review the site, attempt to post comments, etc. If nothing breaks for the next 48 hours, I will declare victory and shut down the old server for good. 🙂

Thank you, everybody, for your patience!

Back on the Old Server

The Mainsleaze blog moved to a new server over the weekend. A number of odd bugs ensured. A day’s research and efforts to fix the problems exposed some serious underlying bugs in the most recent version of the underlying operating system on the server. We reverted to the old server til we can get the new server properly debugged or upgrade to a less buggy OS.

Sorry for the delays! 🙂

M³AAWG 37, Philadelphia

Looking forward to meeting y’all! Atro

Go back to top