It’s always an honor to be asked to provide quotes and thoughts with experts in the field. Sometimes the day to day gives me tunnel vision, but things like this give me the opportunity to think more globally. Hands down, though, the best part is seeing the final product and hearing what other folks have to say.
Go check out the full infographic.
Late last year we wrote about the many problems with SORBS. One of the results of that series of posts was a discussion between a lot of industry professionals and GFI executives. A number of problems were identified with SORBS, some that we didn’t mention on the blog. There was an open and free discussion about solutions.
A few months ago, there were a bunch of rumors that GFI had divested themselves from SORBS. There were also rumors that SORBS was purchased by Proofpoint. Based on publicly available information many of us suspected that GFI was no longer involved in SORBS. Yet other information suggested that Proofpoint may truly have been the purchaser.
This week those rumors were confirmed.
Over the last year or so we’ve been hearing some concerns about some of the blacklisting policies and decisions at Trend Micro / MAPS.
One common thread is that the ESP customers being listed aren’t the sort of sender who you’d expect to be a significant source of abuse. Real companies, gathering addresses from signup forms on their website. Not spammers who buy lists, or who harvest addresses, or who are generating high levels of complaints – rather legitimate senders who are, at worst, being a bit sloppy with their data management. When Trend blacklist an IP address due to a spamtrap hit from one of these customers the actions they are demanding before delisting seem out of proportion to the actual level of abuse seen – often requiring that the ESP terminate the customer or have the customer reconfirm the entire list.
“Reconfirming” means sending an opt-in challenge to every existing subscriber, and dropping any subscriber who doesn’t click on the confirmation link. It’s a very blunt tool. It will annoy the existing recipients and will usually lead to a lot of otherwise happy, engaged subscribers being removed from the mailing list. While reconfirmation can be a useful tool in cleaning up senders who have serious data integrity problems, it’s an overreaction in the case of a sender who doesn’t have any serious problems. “Proportionate punishment” issues aside, it often won’t do anything to improve the state of the email ecosystem. Rather than staying with their current ESP and doing some data hygiene work to fix their real problems, if any, they’re more likely to just move elsewhere. The ESP loses a customer, the sender keeps sending the same email.
If this were all that was going on, it would just mean that the MAPS blacklists are likely to block mail from senders who are sending mostly wanted email.
It’s worse than that, though.
The other thread is that we’re being told that Trend/MAPS are blocking IP addresses that only send confirmed, closed-loop opt-in email, due to spamtrap hits – and they’re not doing so accidentally, as they’re not removing those listings when told that those addresses only emit COI email. That’s something it’s hard to believe a serious blacklist would do, so we decided to dig down and look at what’s going on.
Trend/MAPS have registered upwards of 5,000 domains for use as spamtraps. Some of them are the sort of “fake” domain that people enter into a web form when they want a fake email address (“fakeaddressforyourlist.com”, “nonofyourbussiness.com”, “noneatall.com”). Some of them are the sort of domains that people will accidentally typo when entering an email address (“netvigattor.com”, “lettterbox.com”, “ahoo.es”). Some of them look like they were created automatically by flaky software or were taken from people obfuscating their email addresses to avoid spam (“notmenetvigator.com”, “nofuckinspamhotmail.com”, “nospamsprintnet.com”). And some are real domains that were used for real websites and email in the past, then acquired by Trend/MAPS (“networkembroidery.com”, “omeganetworking.com”, “sheratonforms.com”). And some are just inscrutable (“5b727e6575b89c827e8c9756076e9163.com” – it’s probably an MD5 hash of something, and is exactly the sort of domain you’d use when you wanted to be able to prove ownership after the fact, by knowing what it’s an MD5 hash of).
Some of these are good traps for detecting mail sent to old lists, but many of them (typos, fake addresses) are good traps for detecting mail sent to email addresses entered into web forms – in other words, for the sort of mail typically sent by opt-in mailers.
How are they listing sources of pure COI email, though? That’s simple – Trend/MAPS are taking email sent to the trap domains they own, then they’re clicking on the confirmation links in the email.
Yes. Really.
So if someone typos their email address in your signup form (“steve@netvigattor.com” instead of “steve@netvigator.com”) you’ll send a confirmation email to that address. Trend/MAPS will get that misdirected email, and may click on the confirmation link, and then you’ll “know” that it’s a legitimate, confirmed signup – because Trend/MAPS did confirm they wanted the email. Then at some later date, you’ll end up being blacklisted for sending that 100% COI email to a “MAPS spamtrap”. Then Trend/MAPS require you to reconfirm your entire list to get removed from their blacklist – despite the fact that it’s already COI email, and risking that Trend/MAPS may click on the confirmation links in that reconfirmation run, and blacklist you again based on the same “spamtrap hit” in the future.
I download a lot of ESP white papers. Not because I’m looking for an ESP, but because I think it’s important to know what’s happening in the industry and what topics people think are important. I understand fully that white papers are a lead generation tool and I can expect followup from sales people at the places I download papers from. This is all well and good.
Generally the emails I get are polite, introduce the company to me, and ask if I have any questions or would like to talk. I tend to respond that I’m not looking for an ESP, and that I appreciate their contact. If I’ve blogged about said white paper, I will mention that and give a link to the post. I don’t want to waste a sales person’s time when said person can be working with potential customers.
Overall, these interactions have been pleasant and cordial. That makes the unpleasant few stand out even more.
There’s one memorable case where the first email from the sales rep had the subject line, “Meeting Time Tomorrow at 10am.” Wait. What? As I was checking email from bed before getting up, that subject line had me dashing out of bed to figure out what I had forgotten and work out how badly my schedule was messed up. Thankfully, my schedule wasn’t messed up, this was just an aggressive sales person optimistically claiming we had a meeting set. The email assured me that said sales person would continue to follow up with me until “we were able to connect.”
There is a place for aggressive selling techniques. This is the kind of sales drive that will work in certain situations. But I’m not sure it’s the appropriate opening when nothing is known about the target. In this case it certainly wasn’t a good opening. A number of companies ask me for ESP recommendations, and I tend to recommend those I know. I don’t think I’ll be recommending the above ESP to any customer. Their sales process was just that off putting.
Not quite the result Mr. Over Eager Sales Person expected.