Related Posts

Do you have an abuse@ address?

I’ve mentioned multiple times before that I really don’t like using personal contacts until and unless the published or official channels fail. I don’t hold this opinion just about resolving delivery issues, but also use official channels when reporting spam to one of my addresses or spam traps.
My usual complaints contain a plain text copy of the mail, including full headers and a short summary of the email address it was sent to. “This is an address that was part of a leak from…” or “This is an address scraped off my website. It’s been removed from the website since 2004” or “This address isn’t used to sign up for any mail.”
Sadly, there are a number of “legitimate” ESPs that don’t have or don’t monitor their abuse address. In some cases it’s an oversight or a break down of internal mail handling. But in most cases, it’s a sign that the ESP doesn’t actually handle abuse.
It’s frustrating to watch an ESP post long blog posts about “best practices” and “effective delivery” and “not spamming” and yet not be able to actually stop their own customers from spamming. It’s not even that I necessarily want them to disconnect their spamming customers (although that would be nice) but suppressing the address that I’ve told them was a spamtrap seems trivial. And yet, a month after my first complaint and weeks after escalating to a personal contact, I’m still getting spam.
The 5 things every ESP should do to handle spam complaints.

Read More

TWSD: avoid filters

I was cleaning out one of my spamtraps. This is the one that gets a ton of “legitimate” spam. In the last 12 hours it’s gotten spam advertising: T.G.I.Fridays, KFC, Applebees, LendingTree, Lasix Vision Institute, Khols, Burger King, Match.com, and Vistaprint.
The footer of some of the mails are making me laugh, though. It’s clear they’re trying to comply with CAN SPAM, but are having problems with content filtering. Here’s a brief selection of the footers:
Ondemand Research, 1O5 E.[34th]-Street Ste 144, New Y0rk, NY 1OO16
Ondemand Research, 105 E. 34th Street St #144, New York, NY 10016
0ndemand=Research, 1O5/E/./34th Street Ste 144,New Y0rk,NY=1OO16
Poor OnDemand Research, they just can’t catch a break.
EDIT: Just got a spam for Ruby Tuesday’s using a .pw domain.

Read More

DKIM and DomainKeys, Spam and Ham

I’ve been preaching “DKIM is great! DomainKeys is obsolete, get rid of it!” for several years now. I thought I’d take a look at my mailbox and see who was using authentication.
I’ve divided this into “Ham” and “Spam”. Spam is, well, all the spam I’ve received over the past couple of years. Ham is the non-spam mail in my inbox, whether personal, business, bulk or transactional. I’ve excluded most of the discussion mailing lists I’m on (not least because many of them consist of people in the email industry or are email standards development mailing lists, so have email authentication levels that are way outside the norm).

Read More