When Users Really DO NOT Want Your Email….

As I was looking through today’s crop of ESP-sent, mostly mainsleaze spam, I kept stumbling across spam sent to some of my most amusing spamtraps. These spamtraps are not typotraps so much as obvious forgeries, the sort of thing that users type when they are asked for an email address, do not want to refuse, and yet do not want to receive email from you either. Any company might have one of these on their list, but I found several companies and a number of ESPs sending to several of these obvious forgeries. Today. In the past 24 hours.

Among the companies that sent spam to at least two of these obviously forged spamtraps in the past 24 hours were:

ESPs that sent spam to at least two of these spamtraps in the past 24 hours included a roster of most of the largest, most reputable companies in this line of business:

Several of these ESPs have strong proactive antispam policies that include scanning customer lists for obvious bad email addresses. Spam to obviously forged email addresses still managed to get through.

As funny as this whole situation is, it has a serious side. Some of those obviously forged email addresses belong to me, so other than a public lampooning, very little harm was done. How many other, similar email addresses are also spamtraps, though, and belong to Spamhaus, another blacklist, ReturnPath, Symantec, or another company that makes spam filtering appliances or offers spam filtering services? Worse, how many non-obviously forged email addresses are also spamtraps? Worst of all, how many non-obviously forged email addresses are real email addresses that belong to somebody other than the person who provided them to you, somebody who did not ask for your email?

Companies that persistently request or require email addresses to access content that users want, or in cases when users are unwilling to say “no”, and then send email without first confirming those subscriptions, spam innocent third parties. Because these companies also spam spamtraps, they are also taking serious risks with their reputation and deliverability.

I won’t overload WordPress with a sample of each listed company’s spam, but below is a sample of the email that three of my spamtraps received from the U.S. Small Business Administration today.

Sending IP:

Spam Sample:

Actual Headers:

Received: from mailer16.service.govdelivery.com (mailer16.service.govdelivery.com [])
        by <xxx> (Postfix) with ESMTP id <xxx>
        for <xxx>; Thu,  5 Feb 2015 13:##:## +0000 (UTC)
X-VirtualServer: <xxx>, mailer16.service.govdelivery.com, <xxx>
X-VirtualServerGroup: <xxx>
X-MailingID: <xxx>
X-SMHeaderMap: mid="X-MailingID"
X-Destination-ID: <xxx>
X-SMFBL: <xxx>
Content-Transfer-Encoding: 7bit
Content-Type: multipart/alternative;
x-subscriber2: <xxx>
x-subscriber: <xxx>
X-Accountcode: USSBA
Errors-To: <xxx>@service.govdelivery.com
Reply-To: news@updates.sba.gov
MIME-Version: 1.0
Message-ID: <<xxx>@updates.sba.gov>
X-ReportingKey: <xxx>
Subject: =?US-ASCII?Q?Funding_Options_for_Small_Biz_Energy_Eff?= =?US-ASCII?Q?iciency_Investment_Webinar_TUES_FEB_10th?=
Date: Thu, 05 Feb 2015 07:##:## -0600
To: <xxx>
From: "=?US-ASCII?Q?Small_Business_Administration?=" <news@updates.sba.gov>

Readable Email:

From: Small Business Administration <news@updates.sba.gov>
To: <spamtrap>
Subject: Funding Options for Small Biz Energy Efficiency Investment Webinar
         TUES FEB 10th

SBA Region VIII Office

“Green is Good for Small Business Profits Webinar III”
Funding for Small Business Energy Efficiency & Sustainability Investments

  • Doug Priest, U.S. Bank representative and liaison through Xcel Energy
    alliance; funding the Green Industry since 2000
  • Tom Green, United Power community affairs and key accounts representative

Dial-in instructions below


This email was sent to <xxx> by Small Business Administration (SBA) · 409 3rd St, SW · Washington DC 20416 · 1-800-827-5722
Powered by GovDelivery [ http://www.govdelivery.com/portals/powered-by ]

3 Responses to When Users Really DO NOT Want Your Email….

  1. It was only a few months ago that I pointed out the lack of handling NXDOMAIN on an anti-spam mailing list. Several of the above responded on list or off-list, indicating that their bounce processing logic hadn’t even considered the possibility of domains going AWOL. It’s too bad for them; the spamtraps are no longer AWOL, but happily gobbling up all that is offered to them.

  2. Certainly. I think that the most interesting takeaway for companies and ESPs, though, is that the risks that they probably thought were theoretical — aren’t. Almost 100 spams were sent to this little group of my spamtraps today. That tells me (and should tell them) several things:

    1. Users forge subscriptions quite frequently.
    2. Users forge subscriptions to avoid saying “no” when you pressure them.
    3. Users who do this put spamtraps AND real email addresses that didn’t ask for your email on your lists.
    4. If you pressure users to give their email addresses to you, then email those email addresses without confirming them, you’re likely to hit spamtraps.
    5. If a few of those spamtraps belong to Spamhaus or Spamcop or SURBL, you’re screwed.

    Marketers need to think about this.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Go back to top