OnlyMyEmail Spam-Blog

We have received a fair number of customer and client comments and complaints regarding delivery problems to Verizon email addresses. After deciding to roll up our sleeves and dig through the details more than a few times, we’ve come to the conclusion that Verizon’s inbound email spam filtering practices are questionable at best, and are potentially dangerous to the responsible citizens of the Internet.

Verizon’s Problems:

1. They don’t appear have very good spam filtering,
2. They seem desperate enough to try just about anything,
3. They don’t seem to have a “normal” level of concern regarding reliable email delivery to their clients.

The above has already been demonstrated by they’re previous habit of IP blocking of entire countries (without telling their clients) and the resulting class action lawsuit.

Reference: http://www.google.com/search?q=Verizon+IP+Block+Class+action+lawsuit

Another Borderline Insane Tactic:

In keeping with the problems above, Verizon is actively using Sender Callout Verification (aka, callout, callback, sender verification) as an anti-spam tactic. This has been going on for quite some time, but is creating more and more problems for users and admins all over the Internet.

Read the rest of this entry »

Automated harvesting of openly exposed email addresses is widely regarded as the leading spam generating vulnerability today. Such exposed addresses are very easy to collect and are practically guaranteed to be valid and working addresses.

Furthermore, addresses harvested in this manner they are easily sorted by industry classification (based on the Web sites from which they are taken) for sales within targeted email marketing lists.

To help combat this problem and enable Webmasters and site owners to easily close this widely-exploited vulnerability, the OnlyMyEmail Encoder will generate JavaScript code that can be used to replace email addresses and the ‘mailto:’ links that contain them.

JavaScript enabled browsers will render the address so that any web site visitors will see a normal looking text address or ‘mailto:’ link, but address harvesting bots will not.

The OnlyMyEmail Encoder can be accessed and used by anyone, free of charge, through our collection of DNS Tools found at:

http://www.onlymyemail.com/services/dns_tools/

Yet another company that can’t seem to honor their “do not send promotional email” opt-out policies.

Makes us wonder, what’s the purpose of offering users the an opt-out option if you’re actually going to opt them in regardless?

The coffee isn’t bad, but the Spammy aftertaste is a bit hard to get rid of. Unless you happen to work for a spam filtering company that is.

As an example of just how far some will go to avoid Spam filters, this one just caught my eye:

The better and most powerful product to enlarge your weenie available on the market!

So it’s come to Weenie? Really?

Who knows, maybe the laugh factor helps sales?

For their sake I hope so because it certainly isn’t going to provide any magical “cloak of invisibility” when it comes to evading a decent filter.

We’re used to (and actually expect) the vast amounts of spam coming through Verizon, ATT, Earthlink and MSN but really had hoped that Google would run a better network.

At least with the other ISP’s the zombies still tend to connect from their own IP addresses, making it easier to identify, block and/or filter mail from the infected machines.

Google on the other hand isn’t an ISP but they do allow SMTP access; and spammers are taking great advantage of this opportunity.
As a result, when a Spammer uses Google, the delivery will come from a legitimate Google mail server. For instance, this spam came from:

Received: from ug-out-1314.google.com ([66.249.92.170])
by server.onlymyemail.com with esmtp
(envelope-from )
id 1GppU0-0008PR-fG for user@onlymyemail.com;
Thu, 30 Nov 2006 12:14:17 -0500

The problem, of course, is that the connecting server is not just sending spam, but, in all likelihood carries a great deal of legitimate mail as well.

Read the rest of this entry »

It seems that it only takes a second to “opt-in” to direct marketing, whether you want to or not.

We recently noticed a lot of complaints about Costco.com sending spam so we tested their opt-in mechanism.

When creating an account on their web site the form does include the option to “opt out” of promotional emails:

Costco.com periodically sends special offers and hot buys via email.
Check here if you do not want to receive these exclusive emails.

Even though you have to check the box to “opt-out” of mailings, you would still think that represents an indication that they have some interest in not Spamming.

Read the rest of this entry »

Everyone talks about the zombie spam-bots as if they were the inevitable demise of successful spam filtering.

Truth is, most send nonsense that’s not too difficult to filter. What do we see most of in the real world of zombie-mail?

Subject: Y*joung 18yo TEE*VNS Shows T*ciny T*rits & Tight P*cussy
From: “Meghan”

You don’t really need much skill to filter that foolishness, and if you can’t, the content isn’t much more difficult:

Read the rest of this entry »

In a futile effort to avoid anti-spam filters (like ours) many Spammers are now obscuring their subject lines completely beyond comprehension… and then trashing their own links to the point of requiring real effort on the part of the recipient just to even have access to the product pitch!

Take this random selection for instance:

Subject: vigilante seam emotion
From: “Ola Refugio “

What is the target supposed to think is actually for sale here, and how is this type of subject line going to entice anyone to even open the email?
Then, even if you do open the message you’re presented with what?

Read the rest of this entry »

When EmployeeRightsNewsletter@loveistheanswertoallquestionstoday.com emails the Employee Rights Newsletter to ask:

Do You Know YOUR Rights?

• Are you paid for all of your overtime?
• Are you paid for the time you spend driving from work site to work site or from appointment to appointment?
• Are You paid for the time you spend putting on and taking off your uniform?
• Are you paid for time spent preparing for your shift, safety meetings and supervisor meetings?
• Do you know the legal definition of harrassment?

What else can they be doing with this information other than selling it to a law firm that has paid for potential client referrals?

It was bad enough when only travel, auto, lending and gaming industries hired third-party Spammers to generate leads. What’s next, the local donut shop?

Why does Spam still exist some ask? It’s not because of the “Top Ten” Spammers or the kitchen table wannabees that think they too can strike it rich. No, it’s just one of the unintended consequences of capitalism.

Not that we’re complaining……

When return@paid-product1.com sends their spam, it’s a nice touch to always promise a “Voucher” from Walmart or other well know retailer.

Not only does this likely enable better delivery and readership, but the real trick here is the beginning of the email, which says:

To view the full content of this and future message:
Click the “Not Spam” button above and the “Show HTML Graphics” at the bottom of this message

It’s not just amusing that the sender presumes many email systems will quarantine such mail. More importantly, like it or not, you can bet money that some desperate recipients will do just this. And, since there’s very little legitimate email (as a percentage) flying through the net nowadays, just a few “Not Spam” clicks no doubt lowers their spam ratings within many filtering systems.

This is one of the many reasons OnlyMyEmail doesn’t provide such a Not Spam reporting link. Between the spammers who actively mark their own emails in this manner, and the compliance of just a few foolish (if legitimate) who will be duped, such reporting links are a major Achilles heal to be avoided.