The 10 worst …

Spamhaus gave a bunch of us a preview of their new “Top 10 worst” (or should that be bottom 10?) lists at M3AAWG. These lists have now been released to the public.
sh_logo1
The categories they’re measuring are:

Nothing really surprising there, but it’s nice to see the numbers.
I have to wonder if the listing of the top 10 spammers will change the minds of some of the anti-CASL folks. To listen to them all the “real” spammers are criminals hiding over seas. But, according to Spamhaus, 6 of the top 10 spammers are in the US and two of the others are in Canada (albeit with Russian influence). Only two of the top 10 spammers are outside North America.
The other thing that surprised me about the top 10 spammers is that I recognize some of the names from names clients have mentioned to me as legitimate marketing partners and affiliates. These hard core spammers, some of the worst in the world, convince real companies to pay them money to send mail. It’s great for the spammers, they get paid whether or not mail is delivered. In my experience, though, it’s not so great for their customers though. Customers frequently end up dealing with major delivery problems, even for the mail the send directly.
Another thing worth discussing is the list of TLDs. This is TLDs that have the highest ratio of spam domains compared to the total number of domains in the TLD, it’s not a list of TLDs with the most spam domains. I expect that award goes to .com. I do expect this to be a volatile list. Spammers are, at heart, cheap con artists. While they will spend money to try and get their mail through, they’ll also try to find a deal when they can. As TLDs run sales and offer incentives, they’re going to attract more spammers.
I have heard some folks managing the filters saying that the new and non-standard TLDs are treated as guilty until proven innocent. I think until the TLD owners figure out they need to actually pay attention to abuse it’s best to stick with the mainstream TLDs.

Related Posts

Things to read: March 9, 2016

It’s sometimes hard for me to keep up with what other people are saying and discussing about email marketing. I’ve been trying to be more active on LinkedIn, but there are just so many good marketing and delivery blogs out there I can’t keep up with all of them.
talkingforblog
Here are a couple interesting things I’ve read in the last week.
Five Steps to Stay Out of the Spam Folder. Conceptually easy, sometimes hard to pull off in practice, these recommendations mirror many things I say here and tell my clients about delivery. The audience is in charge and your recipients are the best ally you can have when it comes to getting into the inbox.
Which states are the biggest sources of spam?. California and New York top the list, but the next two states are a little surprising. Over on Spamresource, Al points out the two next states have some unique laws that may affect the data. I just remember back in the day there were a lot of spammers in Michigan, I’m surprised there’s still a significant volume from there.
CASL didn’t destroy Canadian email. Despite concerns that CASL would destroy the Canadian email marketing industry, the industry is going strong and expanding. In fact, spending on email marketing in Canada was up more than 14% in 2015 and is on track to be up another 10% this year. Additionally, according to eMarketer lists are performing better because they’re cleaner.
A brief history of email. Part of the Guardian’s tribute to Ray Tomlinson, the person who sent the first email. Ray’s work literally changed lives. I know my life would be significantly different if there wasn’t email. Can you imagine trying to be a deliverability consultant without email? 🙂

Read More

CASL botnet take down

biohazardmailThe CRTC served its first ever warrant as part of an international botnet takedown. The warrant was to take down a C&C (command and control) server for Win32/Dorkbot. International efforts to take down C&C servers take a lot of effort and work and coordination. I’ve only ever heard stories from folks involved but the scale and work that goes into these take downs is amazing.
Bots are still a problem. Even if we manage to block 99% of the botnet mail out there people are still getting infected. Those infections spread and many of the newer bots steal passwords, banking credentials and other confidential information.
This kind of crime is hard to stop, though, because the internet makes it so easy to live in one country, have a business in a third, have a shell corp in a fourth, and have victims in none of those places. Law enforcement across the globe has had to work together and develop new protocols and new processes to make these kinds of takedowns work.
 

Read More

The dark side of email marketing

Everyone I talk to when dealing with issues inevitably has to tell me they are legitimate email marketers. They’re not spammers, they’re just business people. I often find it difficult to fathom why they need to tell me this. It’s not like email marketers are criminals or anything.
Two recent stories reminded me how evil some folks are. While I’ve not had any direct contact (that I know of) with any of the players on this end of things I have zero doubt that if they called me they would tell me that they were legitimate email marketers.
In one case, a members of a spam gang kidnapped the teenage daughter of someone investigating their activities. The gang held her for more than 5 years in horrific conditions. Yesterday Joseph Menn, author of “Fatal System Error” posted on Boing Boing that his friend got his daughter back. It is a heartbreaking story and incredibly sobering.
In another case, the Russian police arrested a man who ran spammit.com, a clearinghouse for viagra sellers to find spammers to send their mail. Reports say that mail volumes dropped by a fifth after the site was taken offline.
There is real evil in the email marketing industry. Sure, they’re spammers and we can all stand up and say they’re not legitimate. But, this is what the ISPs and Spamhaus and law enforcement are dealing with on a regular basis.

Read More