Did anyone actually look at this email before sending?
I received spam advertising AARP recently. Yes, AARP. Oh, of course they didn’t send me spam, they hired someone who probably hired someone who contracted with an affiliate marketer to send mail.
The affiliates, while capable of bypassing spam filters, are incapable of actually sending readable mail.
That’s actually how the message appeared in my mail client: totally unreadable images. When I looked at the raw source of the message I found pages of hashbusting text in HTML comments.
I’m not surprised. A lot of legitimate and responsible and well-known groups hire spammers. They’ll argue they prohibit spam in contracts with affiliates, but the verbiage in the contract only means anything if they choose to enforce the no-spamming clause. Many of them don’t.
This is why a lot of spam filtering companies and ISP postmasters don’t care that they’re blocking legitimate companies. Why? Because legitimate companies hire spammers to send their mail. This same email address gets spam from any number of nationally branded companies.
Hiring affiliates, or hiring marketing agencies who hire email marketing companies who hire spammers, gives a sender legal cover for spam. It may even give the company plausible deniability. But that doesn’t change the fact that those senders are supporting and encouraging spam.