McColo goes offline

Last week a major player in the botnet arena was taken offline when they were shutdown by their upstream provider.  With the demise of McColo, there has been a 30 – 50% drop in the amount of spam as measured by any number of different techniques. The CBL team has posted an article about their view of the McColo disconnection, which includes links to press articles about the shutdown. Spamhaus has their own take on the shutdown and another collection of links to articles about the shutdown.
In my own mailbox, I have noticed a drastic decrease in the amount of spam over the last week. I am too jaded to expect that the change is permanent, but it is nice while it lasts.

Related Posts

Email and the Obama Campaign

Late in the summer there were people talking about the spam coming from Senator Obama’s presidential campaign. At that time, most of the discussion was focused on the open subscription form on their website and that there were some individuals who had been fraudulently signed up and were now receiving email from the campaign.
Last week, the Senator’s campaign again became a topic of discussion among some anti-spam groups. The maintainer of one of the more respected public blocklists and members of his family received mail from Senator Obama’s presidential campaign at their personal addresses. Because the mail was unsolicited and met the qualifications for listing, the sending IP addresses were listed on the blocklist. In response, the campaign’s ESP started moving the Senator’s mail to other IP addresses, resulting in those IPs also being listed on the blocklist as well.
I talked with the blocklist maintainer and I believe that his address, and those of his family members, were added to the Senator’s mailing list as the result of an email append. All of them are registered Democrats and they all live in a battleground state.
This may have made for good campaign strategy, not being an expert I cannot comment on that. It is, however, very poor email marketing strategy.
First, the campaign decided to appropriate permission to send email. There is not ever permission associated with an email append. Just because you have a name and a street address does not mean that you have permission to send email. In very, very limited circumstances, an opt-in append (click here to continue receiving email) may be acceptable. However, that is not how appending is normally done.
There is no pretense of permission to send email. Just because someone is registered to a particular party does not mean they want to receive email from that party.
Second, when the campaign started seeing delivery problems they started sending off different IP addresses. Moving IPs around is out and out spammer behavior, no questions asked.
Now, I know this is a very hotly contested election and I know that some people believe that any method of getting the word out is good. I also expect that there may have been some positive reaction from recipients. The overall reaction, based on the IPs changing, may not have been so positive.
Do I really believe that Senator Obama is a evil and willful spammer? No, not really. But that does not change the fact that the Obama campaign seems to be sending email without the permission of the recipient and seem to be attempting to evade blocks by moving IP addresses.
From a marketing perspective, the campaign may be using email effectively and doing everything right. But from an email delivery perspective, they are getting many, many of the basics wrong and are looking like spammers in the process.
Other news and blogs that talk about spam from the Obama campaign:

Read More

McCain Campaign Spamming

As I mentioned in my post on spam from the Obama campaign, there have been reports of spam coming from the McCain campaign. However, the McCain campaign does not seem to be sending the volume of mail that the Obama campaign is, and so they are not as visible.
A recent post over at Denialism Blog shows that the McCain campaign has some of the same problems as the Obama campaign. Chris talks about the unsubscribe options he is presented when trying to stop the spam he is receiving. He suggests the campaign adds another option:

Read More

News snapshot

  • The judge in e360 v. Spamhaus has denied Spamhaus’ motion for dismissal. However, the judge also ordered that the 16 new witnesses be stricken and capped damages at the original $11.7M. Mickey has the order.
  • Tuesday the FTC announced it had shut down a major spamming operation. I am not sure the results are visible yet, yesterday there were 2041 spams in one of my mailboxes yesterday versus 2635 a week ago.
  • The FBI announced today it had infiltrated and shut down a international carding ring. While not directly spam related the phishers and carders work together and some of them use spam.
  • Rumor has it that many mailers are seeing problems delivering to AOL the last few days. It seems that AOL is making adjustments to their filtering system. As when any ISP changes filter rules and weights, some of the people just skirting by see delivery problems. What people are hearing is that if they are seeing delivery problems at AOL they need to improve their reputation.
  • Last week Yahoo had another online workshop with the mail folks. They have published a transcript of the talk. I was at the talk and there were only a couple spam related questions.

donhburger: Why does Yahoo sell our email addresses to spammers?
YMailRyan: We absolutely don’t sell your addresses to spammers. No IFs, ANDs, or BUTs about it.
imintrouble: My mom keeps emailing em but I never get it and usually it ends up in my spam box. Why? How do I make this stop? She’s getting pissed that I’m not replying.
YMailTeam: Oh no! Be sure your Mom is on your contact list– this should help keep mom out of spam box and put her back into your inbox.
buergej: Just why do I keep receiving the same kind of spam from a series of what appear to be women day after day after day?
YMailCarl: Spam is, unfortunately a constant problem for anyone using email. The reason you are receiving these emails is because spammers have somehow gotten a hold of your email address and are mailing you their lovely messages. There are several things you can do to assist with this. First, continue to report these messages as “Spam” by clicking the button at the top of the email labled “Spam”. Note that you don’t need to actually look at the message to do this. When you report items as spam it lets Yahoo! know that messages originating from that person are likely spam. This not only helps you, but helps other Yahoo! users as well.
YMailCarl: Second, if the emails are from similar names, you can set up filters in your email account to block those names and send them to your trash or spam folder.
YMailCarl: Obviously these messages you are receiving are not from women trying to sell you products personally – the messages are typically generated by a script which will try to forge or “spoof” the originating address.
YMailCarl: We agree that Spam is a serious issue and have many resources dedicated to fighting this problem.
YMailCarl: You can find some additional information about fighting spam here: http://help.yahoo.com/l/us/yahoo/mail/original/abuse/index.html
donhburger: Why when I mark Emails as Spam do I continue to get emils from the same persons?
YMailMaryn: When you mark a message as “spam” from within your Inbox that moves the message to your Spam Folder. And all subsequent messages that are sent from that particular sender will not be delivered to your Inbox, but will be delivered to your Spam Folder.

Read More