Are you still thinking of purchasing a mailing list?

Last week there was an article published by btobonline promoting the services of a company called Netprospex. Netprospex, as you can probably gather from their company name, is all about the buying and selling of mailing lists. They will sell anyone a list of prospects.
The overall theme of the article is that there is nothing wrong with spam and that if a sender follows a few simple rules spamming will drive business to new heights. Understandably, there are a few people who disagree with the article and the value of the Netprospex lists.
I’ve stayed out of the discussion, mostly because it’s pretty clear to me that article was published solely to promote the Netprospex business, and their point of view is that they make more money when they can convince people to purchase lists from them. Dog bites man isn’t a very compelling news story. Data selling company wants you to buy data from them isn’t either.
They are right, there is nothing illegal about spam. Any sender can purchase a list and then send mail to the addresses on that list and as long as that sender meets the rock bottom standards set out in CAN SPAM. As long as your mail has an opt-out link, a physical postal address and unforged headers that mail is legal. The only other obligation on the sender is to honor any unsubscribe requests within ten days. So, yes, it is legal to send spam.
But legal action isn’t the only consequence of spamming. Today I received the following in an email from a colleague.

I work for an email service provider with many hundreds of clients. I knew when I read that article that this company Netprospex was going to be bad news, and it turns out that I am right.
Today we got a spam complaint from our domain registrar, threatening to take away our domain. We investigated and found that the client responsible had bought a list from Netprospex. At least one person on that list found the mail to be spam and sent a spam complaint that percolated all the way up the food chain to our upstream provider and domain registrar. Now we have to go to the domain registrar with our hat in our hand and beg them not to terminate our primary domain which we have used in hundreds of email campaigns.
Needless to say, we are terminating this client, but the damage is already done and I am dreading that discussion that I have to have about how we allowed somebody to spam through our network.

Unfortunately, the cost related to cleaning up the mess created by Netprospex is not being borne by Netprospex. They make money when their customers buy lists. The customers, and the customers’ ESPs bear all the cost and consequences of the spam that’s being sent.
UPDATE: It seems everyone is getting their 2 cents in on this:
Another Reason Not to Buy Mailing Lists: John Levine
Permission Is the Power Behind Email Marketing: Scott Cohen
Targeted Opt-Out Email: Busting Some Myths: Mark Brownlow
More on Netprospex: Al Iverson

Related Posts

ESPs leaking email addresses

Two of my tagged email addresses started getting identical pharma spam over the weekend. It is annoying me because I am now getting spam in a mailbox that was previously spam free. The spam is overwhelming the real traffic and I am having to make some decisions about what to do with the email addresses and their associated accounts with the companies I gave them to.
One thing I did notice, though, is that both companies use iContact as their ESP. A cursory check of my other mailboxes shows that none of my other tagged addresses are mailed through iContact. I don’t think it’s very likely that these two individual, unrelated companies made deals with the same spammers to sell address lists at the same time. It’s much more likely that there was a compromise somewhere and address lists were stolen.
Edit: Checked my other account and, likewise, I’m getting the same spam to a 3rd address serviced by iContact. I’ve sent mail to all 3 companies involved and we’ll see how they react.
And, as I was thinking about this, iContact just laid off a bunch of staff about the same time they announced their partnership with Goodmail. Based on past history with companies in this situation, it seems possible this is a disgruntled former employee. I’ve also seen reports from other people noticing spam to addresses given to iContact customers.

Read More

TWSD: Run, hide and obfuscate

Spammers and spamming companies have elevated obfuscating their corporate identities to an artform. Some of the more dedicated, but just this side of legal, spammers set up 3 or 4 different front companies: one to sell advertising, one or more to actually send mail, one to get connectivity and one as a backup for when the first three fail. Because they use rotating domain names and IP addresses all hidden behind fake names or “privacy protection services”, the actual spammer can be impossible to track without court documents.
One example of this is Ken Magill’s ongoing series of reports about EmailAppenders.
Aug 5, 2008 Ouch: A List-Purchase Nighmare
Sept 9, 2008 Umm… About EmailAppenders’ NYC Office
Sept 15, 2008 E-mail Appending Plot Thickens
Nov 11, 2008 EmailAppenders Hawking Bogus List, Claims Publisher
Dec 23, 2008 Internet Retailer Sues EmailAppenders
Feb 1, 2009 EmailAppenders Update
Mar 10, 2009 Another Bogus E-mail List Claimed
April 14, 2009 EmailAppenders a Court No-Show, Says Internet Retailer
April 21, 2009 EmailAppenders Gone? New Firm Surfaces
May 5, 2009 EmailAppenders Back with New Web Site, New Name
Their actions, chronicled in his posts, are exactly what I see list providers, list brokers and “affiliate marketers” do every day. They hide, they lie, they cheat and they obfuscate. When someone finally decides to sue, they dissolve one company and start another. Every new article demonstrates what spammers do in order to stay one step ahead of their victims.
While Ken has chronicled one example of this, there are dozens of similar scammers. Many of them don’t have a persistent reporter documenting all the company changes, so normal due diligence searches fail to turn up any of the truth. Companies looking for affiliates or list sources often fall victim to scammers and spammers, and suffer delivery and reputation problems as a result.
Companies that insist on using list sellers, lead generation companies and affilates must protect themselves from these sorts of scammers. Due diligence can be a challenge, because of the many names, domains and businesses these companies hide behind. Those tasked with investigating affiliates, address sources or or mailing partners can use some of the same investigative techniques Ken did to identify potential problems.

Read More

Tagged.com and the courts

I’ve seen multiple reports of Tagged.com and their interactions on various sides of the courtroom aisle.
On the good side, Tagged.com won a judgment against a spammer sending spam to Tagged.com users. (Tagged has a post on their blog about the win, but the direct link to that article doesn’t work).
On the minus side, yet another ruling against tagged.com. They’ve been accused of sending spam, including some mail that looks like a phish. They recently settled in a CA court, agreeing to dispose of certain addresses collected during a 3 month period in 2009.

Read More