August 14, 2010
A pleasant discovery, thanks to spammers

No, spammers haven't suddenly started sending emails I want to receive.

As mentioned below, I got a load of backscatter spam in the last few days, because spammers used several of my email addresses in the "from" line of their spams. That means that email sent to nonexistent addresses or to overflowing inboxes bounced to me.

Spammers pass around an email list of known antispammers. It's not just a list of people they don't like; it's a list of people they know can cause real trouble for them, people who know how to report their spam and websites, people who can get their illegal sites shut down. Anyway, they periodically send us little tokens of their affection.

One of my colleagues mentioned receiving a complaint from a recipient of the backscatter -- not because my colleague's address was in the "from," but because it was in the "reply-to." Ah, so the spammers are putting us in both fields, trying to give us the flame emails from angry recipients who hit "reply" without realizing the spammer's email address isn't actually in the headers anywhere.

So I took a look at the "reply-to" lines in the original headers of some of the spam nondelivery messages. A lot were .ru addresses and may have been the real addresses of the spam sponsors. (A large percentage of sponsors of Russian spam don't have websites, and they will provide a phone number for people interested in their products and services. It's possible some also accept email replies to their spam.)

But other addresses did look like they might be fellow anti-spammers, my compatriots on the spammers' joe-job mailing list. I've been looking up a few to see who they might be. I tracked one via its domain registration to an interesting website, Word to the Wise.

Word to the Wise is an email deliverability consultation firm. They help make sure commercial email messages don't get blocked by spam filters.

Isn't that what spammers are trying to do, when they misspell words like "v1@gra" and add blocks of text out of novels at the end of their messages? Sort of. But this is about legitimate companies with interested customers who want to use email to communicate. It's not spam if the recipient wants to receive it. Those companies and recipients are frustrated when a desired email ends up in the spam folder. And there's no use filtering spam if you have to dig through the whole list anyway to find mail that was improperly blocked.

The first lesson in preventing the emails you send from being blocked as spam is to have your emails not be spam. Deliverability consultants make sure there is a distinct demarcation between what is socially acceptable commercial email and what is not. They're just doing their part to prevent the decay of modern civilization.

Word to the Wise has a blog explaining their principles, and they post regularly. Some excerpts:

They also have a Twitter page @wise_laura

Email marketing can be done well. It has significant advantages over snail mail in some (but not all) ways.

But it's important to understand that because email can be done cheaply in huge quantities, sending a high volume has stopped being the point. Any spammer can send quantity. If you're a legitimate company that plans to stay in business a while, you want to increase your brand recognition and reputation, and you want to develop a relationship with your clients that will lead to increased revenues over the long term. In email marketing, that depends on quality, not quantity. The marketing company that sells its services mainly in terms of how many emails will be sent on your behalf or how many affiliates will be promoting your website probably doesn't get it.

Congratulations to whoever it is at Word to the Wise who made the A-list of people spammers don't like. I'm glad the spammers led me to their website. (I don't imagine the spammers are, though.)

August 12, 2010
Spammers spoofing antispammers' email addresses

If you start reporting spam, one of the first things you learn is that the "from" address is meaningless. You can put anything you want there. It's not even considered deceptive. After all, you probably get lots of legitimate newsletters that put "do_not_reply@" addresses in the from field. It's to let recipients know that if they just hit "reply," no one will get their message. And if you check your work email from home, you probably send mail using your work email address in the "from" instead of your home address, to make sure the subsequent replies go to the right address.

Yesterday, some spammers took their trusty list of collected antispammer email addresses and started using them as the "from" address in a large run of spam sent to Russian recipients. That meant that any spam sent to invalid addresses or over-quota inboxes bounced to whichever address was in the "from." It also led to at least one angry spam recipient complaining about the spam to the antispammer whose address was spoofed.

The same crew has been pulling similar stunts for over a year now. The typical ones were spams "advertising" their enemies' websites, sent to addresses of people they expected to report the spam.

The forum at inboxrevenge.com has been posting these as they arrive, so that the recipients can judge what type of action is appropriate. Obviously, if a spammer is going out of his way to try to get his spam reported, you want to be sure to report it in such a way as to hurt him, and not his target. The members-only section of the site has more detailed discussion of the appropriate action in each case.

It's not clear what the spammers think they're going to accomplish trying the same stuff over and over, when they clearly aren't fooling us. We get thousands of their regular spams; getting a few more isn't exactly intimidating.

What they are accomplishing is prompting the inboxrevenge.com forum members to drop by and see what's going on each time one of these starts arriving. It's a nice time to hear from people who may have been too busy to drop by regularly. If you visited this website because you got spam with an "@spamtrackers.org" or "@spamtrackers.eu" email address in the "from" field, please take the opportunity to piss off a spammer and drop by the forum yourself. There's lots of information about spam and the criminal activities it's advertising, and how to effectively fight them.