I see that Atro Tossavainen graphed the spam that we saw in January. Atro and I manage a substantial spamtrap collection together, so I have seen what he posted about. Nothing there surprised me except the hugely disproportionate amount of spam Topica sends to our spamtraps. I’ve blogged twice about Topica, and in the last blog recommended blocking their /22 because of the amounts of spam and probability that little or no non-spam email is sent from them any more. However, I did not realize that we were seeing twice as much spam from Topica as from ExactTarget, which sends several orders of magnitude more email than they do.
Today clothing retailer Coldwater Creek emailed about a dozen spamtraps with a sales announcement. About a third of those spamtraps were probable typos. Several others were repurposed spamtraps, some of them not live for well over a decade. One was a pristine spamtrap at a domain that has never had a legitimate email address. The ESP was the Salesforce Marketing Cloud (SMC), previously known of as ExactTarget.
Hotels.com, a large travel booking web service, has been emailing a few dozen of my spamtraps regularly. I took a closer look this morning at just which spamtraps they are emailing, and found that every single one of them was an obvious typo. The ESP is ExactTarget, a division of marketing giant Salesforce.com.
Today vacation advertiser Vacation Myrtle Beach sent spam advertising one of their properties (“Beach Cove Resort”) to a number of spamtraps. If these spamtraps were ever live, they were closed over ten years ago. One is almost certainly a pristine spamtrap, and not one that was likely created through a typo. (The spamtrap domain belonged to an ISP.) In other words, this sender is sending to a list that might be old and very poorly maintained, but contains indications of having been purchased or email appended. The ESP is ExactTarget, a subsidiary of Salesforce.com.
An organization that I did not see or hear from during the recent U.S. Presidential election campaign, The Tea Party, began sending email a couple of days after the election to a brand new shiny spamtrap at a domain that I have owned for some time. This spamtrap has not previously received email from anybody: I enabled it last week after I reviewed my mail logs and noticed that somebody was trying to send email to it. The IP that sent this email belongs to ESP Sendgrid. The domain that sent this email,
pd25.com, belongs to what I thought was a rival ESP, ExactTarget. The authorized use policies (AUP) of both ESPs decidedly require that bulk email sent through them be sent only to email addresses that opted in.