Another three-month look at Spamtraps: ESPs – July, August, September 2018
July to September 2018 in Spamtraps: ESPs
We had an unexpected participant in Hobsons, who traditionally send effectively nothing to us, only just about enough for us to have recognized that they even exist. It appears their network space is shared between the ESP and some other branch of their operations. The servers of the non-ESP operations were misconfigured on April 10 shortly before 8 pm UTC and started spewing out backscatter (bounces of spam to the forged sender addresses). This went on until 9/11 @ 11 am UTC, peaking in July.
With Yesmail, the money mule spammers (subjects: “New offer”, “New vacancies in our company”, “Interesting work”, “Staff Wanted”, “Good day!”, “Hello!”, “Interesting offer”, “Welcome to our company”) started appearing in April, peaked in July, and were effectively out by September. The numbers of this type of spam on any other ESP platform are never measured in more than the single digits.
Worst senders:
- SendGrid: Advisor Perspectives, by a margin of more than 2x to the next contestant, month after month (with a slight nod in the general direction of Airbnb in July)
- SMC/ExactTarget: Kohls (only barely), with Marcus Millichap popping up in September
- MailChimp: Advisor Perspectives (WTH?)
- Oracle: Nordstrom (only barely)
- Mailgun: The Italian affiliate spammers (see previous blogs)
- Yesmail: After the money mule trash, mktgdillards.com
- Amazon SES: jobalert123.com
- CheetahMail: shopbonton.com, loft.com, emailtuesdaymorning.com (all almost below the noise floor)
- Constant Contact: 123dj.com (only barely)
- IBM: tjx.com, renewlife.com
- Mapp: conservativeintel.com
- Epsilon: DICK’S Sporting Goods, Inc.
