SmartZip Analytics: Helping a Spamtrap Sell Real Estate

Business intelligence and analysis company SmartZip Analytics wants to help a spamtrap sell real estate. Or maybe they just purchased a list that had one of my spamtraps on it? In any event, SmartZip sent the following bulk email to one of my spamtraps today via ESP Marketo.

Sending IP:

Spam Sample:

Actual Headers:

Received: from em-<xxx> (em-<xxx> [])
        by <xxx> (Postfix) with ESMTP id <xxx>
        for <xxx>; Fri, 14 Oct 2011 11:xx:xx -0500 (CDT)
Received: from ([172.23.11.<xxx>])
        by em-<xxx> (StrongMail Enterprise; 
        Fri, 14 Oct 2011 11:xx:xx -0500
X-VirtualServer: <xxx>
X-VirtualServerGroup: <xxx>
X-MailingID: <xxx>
X-SMHeaderMap: mid="X-MailingID"
X-Destination-ID: <xxx>
X-SMFBL: <xxx>
DomainKey-Signature: <xxx>
DKIM-Signature: <xxx>
Content-Transfer-Encoding: 7bit
Content-Type: multipart/alternative;
X-Report-Abuse: Please report abuse here:
MIME-Version: 1.0
Message-ID: <<xxx>>
Subject: 2011 Inman Technology of the Year Finalist
Date: Fri, 14 Oct 2011 11:xx:xx -0500
To: <xxx>
From: "SmartTargeting Solutions" <>

Readable Email:

From: SmartTargeting Solutions <>
To: <spamtrap>
Subject: 2011 Inman Technology of the Year Finalist

To view this email as a web page, go to the following address:<xxx>


We know who is most likely to list their home in the next 6-12 months, in YOUR farm.ย  Would you like to know too?

Watch our 2 minute video to see how we figured it out:


SmartTargeting, powered by SmartZip Analytics Inc. ย 925-271-6272
“2011 Inman Technology of the Year Finalist”
SmartZip Analytics, Inc. 6230 Stoneridge Mall Road Suite 120, Pleasanton, CA 94588

If you no longer wish to receive these emails, go to the following link to unsubscribe:<xxx>

8 Responses to SmartZip Analytics: Helping a Spamtrap Sell Real Estate

  1. Hello,

    I am a part of the Marketo privacy team. Have you sent this to We take customer spam trap hits seriously, and I would be happy to open an abuse investigation on this matter if you haven’t already contacted our abuse desk.


    Autumn Tyr-Salvia

    • Please feel free to open an investigation. If I’d gotten this spam at a personal email address, I would have sent in a complaint to Marketo. I know who Marketo is; you’re a legitimate ESP. However, this hit a spamtrap, so I can’t just give you the email unredacted. The headers and a visible synopsis of the email were posted, though. I think that should be enough to let you launch an investigation.

      I can also confirm that this was the only spamtrap hit I got for this customer, and I have a large spamtrap collection. If any of the other bloggers saw this, they didn’t tell me about it. Since this was clearly meant for real estate agents, I suspect that your user might have purchased a list, or might simply not have done proper bounce processing for a few years a while back.

      If you need information that I removed that won’t risk exposing the spamtrap or recipient MX, let me know what it is and I can provide it. (I’d want to email it to you — would that be okay?)

      I’d just ask that you respond here with the resolution afterward. One thing that I really hope to see with this blog is the whole cycle of abuse investigation and resolution for these spam reports, not just a pile of reports. A lot of average individuals (not antispammers like me, not ESP abuse desk people like you) don’t know what happens with a real abuse investigation or why they should consider sending in spam complaints to trustworthy companies. You can help show them here. ๐Ÿ™‚

      Thanks for responding!

      • We have an abuse process for dealing with customers who hit spamtraps. We mostly tend to find out about it when someone causes a blacklisting. We have relationships with several blacklists where they provide us redacted headers that allow us to find the customer who caused the issue (we generally need the From:, and appreciate the timestamp and subject lines; every once in a while, we need the xxxxBetacust string from the X-MailingID header because this specifies the exact customer account, which is usually but not always obvious from the From: address).

        We then work with the customer to remove data and change their mailing practices such that they quit emailing any questionable addresses (hopefully including the spamtrap – repeated trap hits cause more drastic actions on our part), and don’t continue the data collection practices that brought the spamtrap into their database in the first place. Depending on the situation, we may request that the data be deleted or marked unsubscribed, or we may allow/request the customer do a permission pass on some or all of their database.

        I appreciate the chance here to find customers who mail spamtraps without dealing with a blacklisting. Inevitably, if someone has hit one of your spamtraps, they’ll probably hit spamtraps belonging to someone else. I’d much rather handle the issue at this stage than deal with a Spamhaus listing later.

        I sent the headers and relevant content from this page (and a link to it) to the rest of the privacy team, and we plan to treat this the way we treat other spamtrap reports (as described above). I’ll keep in touch as this issue progresses.

        I plan to continue to monitor this blog to see if we have other customers who show up here. If you are so inclined, we would really appreciate a heads up if/when you post about one of our customers again. Just send us a link to the blog post to (this is an alias that reaches everyone here who works on this stuff). We’re happy to continue to work with you on these issues through blog comments as you requested, but having a notice would be very helpful so we don’t let something slide if someone’s out of town and doesn’t check for a while.


        Autumn Tyr-Salvia

  2. Excellent. I could send a heads-up email to your notification address for any future spam reports for Marketo clients, but I *think* you can just subscribe to the RSS feed and configure your RSS reader to extract anything that is tagged “Marketo”. Some of the WordPress technology is new to me — maybe another reader could speak up if they know how this works.

    I’ll watch for your report of the resolution. ๐Ÿ™‚

  3. We have contacted them with our data cleanup recommendations. I’ll let you know when they tell us it’s cleaned up, or if they plan to do a permission pass.

  4. Unfortunately they hit the same spamtrap today, so if they’ve done any list cleaning, it hasn’t got rid of my spamtrap yet.

  5. We have received word that they completed their cleanup yesterday. Please let me know if you receive further hits.

  6. Will do. Hopefully I won’t need to be contacting you. ๐Ÿ™‚

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Go back to top