About Clueless Mailers
Affiliations Are you affiliated with a
CM Motivations Hey,
webmaster what's in it for you?
Linking Can I link to your site?
Donations Can I donate money to help keep
the site up?
Helping Can I help maintain your site's
Blacklist and Spamdemic Map Criteria
Why Listed Why have you listed our
company/domain on your Blacklist?
Just Unsub Why don't you just
give us your email address so we can remove you?
Why confirm Why use a closed-loop
confirmed opt-in system for my mailing list?
Criteria What are your criteria for listing
a company or domain?
Delisting How do we get our
company's name / domain off your Blacklist?
Downloadable / DNSBL Where's the
downloadable plain text/XML/IP address version of the Blacklist?
Not Listed Why isn't example.com
or Example Spammerz, Inc. listed on the Clueless Mailers Blacklist?
Nominations Why don't you accept nominations
of spammers for the Blacklist or the Spamdemic Map?
Doing Email Marketing Right
Managing a Mailing List How do I make sure the addressees on my mailing list have really given their permission?
Finding a Clean List/Mailer/Marketer Why don't you have a list of a "clean" listbrokers/mailers/marketers?
Please Help How
can I filter out spam from...? / Where did the spammer get my address?
Stopping mail from spammers / Stopping mail from CluelessMailers.org
Remove Me! Could you please remove me from the spammers' lists? / Could you please stop spamming me?
Swag Where can I buy a
poster or T-shirt of that amazing SpamdemicSM Map?
Creating The Spamdemic Map
Map Software What software do you use
to create the Spamdemic Map?
Process Time How long did it take
you to create the Spamdemic Map?
Research How do you do your research
/ find all those connections?
Colors Used Why do you use those stupid
colors? I can't tell what's what!
GIF Color Reduction Can't you reduce
the number of colors to two and not antialias the GIF?
File Formats Why not use a different file
format like PNG or SVG?
PNG Tools Why are you using the worst
possible tool to create your PNG?
Blocking Lists and Admins | for
Mailers & Marketers | for
Email Users |
Q: Are you affiliated with a marketing company?
No conflict of interest here. The Clueless Mailers site is all about educating
mailers, marketers and users, in order to help stop the unauthorized spread
of email addresses, and help stop the spam.
Q: Hey, webmaster what's in it for you?
A: Not a
cent, if that's what you mean. All we want is to do is to enlighten mailers,
marketers, advertisers and email users about the best practices for mailing
list management... and the problems that result when permission isn't proven.
Besides, it would also be nice to have an inbox that doesn't get dozens
of spams a day... without having to enter into negotiations with unknown,
untrusted parties. There's a possibility that we may have to sell some merchandise
or sell some ad space to pay for bandwidth, but the CluelessMailers.org
concept is definitely not-for-profit... as painful as that sometimes might
Q: Can I link to your site?
Q: Can I donate money to help keep the site
A: Many thanks,
but at this time, we're not accepting donations. That may change in the
future, though once we gather enough courage to look at our bank balance!
On the other hand, if you'd still like to support us, you might want to
check out The Clueless Mailers
Spamdemic Store, where you can buy a poster of the Spamdemic Map...
and where you'll soon be able to score other Clueless Swag. Just
click here to buy, and help fund our hosting costs!
Q: Can I help maintain your site's pages/database?
always amazed by the generosity of those who understand the issues... and
what it takes to get the word out!
For the moment, the site is being served as static pages created by hand,
but we're hoping to build a database solution soon. After we get the first
rev of that in place, we may be able to use some maintenance help... but
for now, we've just got to muscle it out on our own. Thanks for offering...
keep us in mind!
Blacklist and Spamdemic Map Criteria
Q: Why have you listed our company/domain
on your Blacklist?
A: All references
on the site originate with unsolicited commercial email that's received
at two email accounts that are monitored by the CM webmaster. If you have
spammed us, or you have provided services to someone who's spammed us, and
the abuse continues after repeated abuse reports have been filed, then you
may appear on the Blacklist.
But the fundamental reason why your company or domain is on the Blacklist
is that you or your clients are consistently sending unsolicited commercial
email. Even though your email mail contain a line that says something like
"This email is never sent unsolicited," if the recipient didn't ask for
it, it's UCE. And the only way to know that the recipient is the one who
asked for your email is to use a closed-loop confirmed opt-in subscription
If you're not using closed-loop confirmed
opt-in, your list isn't "permission-based" it's "submission-based."
See also "What are your criteria
for listing a company or domain?"
Q: Why don't you just give us your email
address so we can remove you?
+ The burden of proof of permission rests solely on the shoulders of the
sender... not the recipient. If you can't positively
prove that an address owner asked to be on your list, you don't have
a right to send them email in the first place. Because of this, the only
responsible way to manage a mailing list is closed-loop confirmed opt-in.
+ "Spam Extortion Syndrome": "Either you reveal your email address to us,
or we'll keep spamming you." If you want to make your company look bad,
this is a perfect way to go about it. Again: The burden of proof of permission
rests solely on the shoulders of the sender... not the recipient. Remember,
the recipient has absolutely no obligation and probably no will to surrender
their identity or address to an entity that has already begun to abuse their
trust through the sending of unsolicited email. With complete closed-loop
confirmed opt-in subscription records, you have actual proof of subscription.
No more going round and round with users who don't want to and shouldn't
have to surrender their email address.
+ "Listwashing" doesn't work. Those who file abuse reports against
you are generally the people who know how and where to send abuse reports.
If you remove the "complainers", that leaves an unknown number of spam victims
on your list who may be new to the Internet, and who may have no idea how
to deal with the problem. So, all listwashing does is to cover up the problem...
Not eliminate it. The solution is to make sure that every recipient actually
asked for your email... before you send it. That's simple to do if you use
a closed-loop confirmed opt-in system.
Q: Why should I use a closed-loop confirmed
opt-in system for my mailing list?
A: Lots of
great reasons... Take a look at our page on the Best
Practices for Mailing List Management.
Q: What are
your criteria for listing a company or domain?
Mailers is interested in examining and educating the rapidly-growing number
of spamming mailers and marketers that hide in plain sight... that claim
to be legitimate... some of which even serve some Fortune 100 companies.
These mailers/marketers say they are "permission-based" but they are in
reality "submission-based" since they can provide absolutely no proof
that the spammed recipient actually asked for their email. These companies
are starting to convince larger and larger advertisers that mailing to
"single opt-in" lists is a legitimate marketing tactic (it isn't), and
that all of the addresses on their lists are there with the permission
of the address owners (many aren't). We'd like these companies to know
that in the long term, their policies aren't practical, and aren't definitely
aren't ethical. CM doesn't cover spammers that hijack relays and forge
headers and such. If it's an underground spammer, they're just too small,
and we throw 'em back.
Each of the entities listed on
the Clueless Mailers Blacklist has met one or more of these criteria:
1) The entity markets directly to unconfirmed email
addresses. Regardless of what a list broker may claim, the mere presence
of an email address in a database or on a list proves nothing when it
comes to permission. Only the presence of closed-loop opt-in confirmation
data directly associated with each address can prove that the addressee
truly asked to be placed on a mailing list.
2) The entity provides mailing services to clients
whose lists contain unconfirmed email addresses. Mailing services
that do not fully vet their clients' lists are allowing spam to be sent
through their systems. As mentioned in 1) above, only a closed-loop confirmed
opt-in audit trail provides proof of permission.
3) The entity refuses to terminate repeat senders
of UCE. Some large "legitimate" ISPs, hosts and mailing
services have recently begun allowing senders of unsolicited commercial
email to operate from their systems. In many cases, this is likely due
to the downturn in the economy, and in the Internet sector in particular.
Most of these companies have not acknowledged that they now allow UCE...
instead, they have simply stopped enforcing their abuse policies. A service
that refuses to terminate spammers also often...
4) The entity provides "list-washing"
services to senders of UCE. Instead of terminating those who send
unsolicited commercial email through their services, some ISPs, hosts
and mailing services now demand that the spam victim surrender their email
address in order to stop the abuse. Since the burden of proof of permission
rests solely on the shoulders of the sender, and it is widely known that
ackowledging your email address to a spammer can sometimes increase the
amount of spam received at that address or can even provide a target
for a spammer's retaliatory attacks the spam victim has absolutely
no obligation to surrender their email address. Companies that would have
immediately terminated these clients six months ago are now no longer
enforcing their abuse policies, and are instead providing a service to
the spammer by removing those who understand how to properly report the
abuse. This means that educated recipients are removed from the mailings,
while countless others who are new to the Internet and/or do not know
how to report the abuse continue to be victimized.
And last but not least, every blacklisted company
or domain has been involved in UCE that has been repeatedly sent to one
or more of the email accounts belonging to the owner of this website.
This includes companies that have commissioned the sending of the
spam, have provided mailing lists or list management services to the spammer,
have allowed spam to be sent via their service, or have provided some
other direct support in the sending of or the gathering of responses to
spam sent to the CM webmaster's email accounts. Blacklisted entities may
also include companies which take no apparent action against their "affiliates,"
"partners," "resellers," etc. who repeatedly spam
and advertise the company's goods or services. These companies benefit
directly from spamming, and refuse to terminate relationships with their
After several attempts to enlighten a spam-involved
company are ignored or are rebuffed with refusals to perform due diligence
in the use of closed-loop opt-in subscription systems, and/or refusals
to terminate spamming customers, these domains and companies are added
to the blacklist as a last resort. All this means is that all email originating
from or advertising these companies or domains is routed straight to /dev/null
(oblivion) on the servers administered by the owner of this website.
Each of the entities shown on
the Clueless Mailers Spamdemic Map has met one or more of these criteria:
1) The entity has repeatedly sent unsolicited commercial
email to one or more of the CM webmaster's email accounts. Note
that not every company on the Spamdemic Map has spammed the owner of this
website. Read on for more about this.
2) The entity has done business with or does business
with any company that is already on the Spamdemic Map This
means that there are many entities on the Spamdemic Map that have never
been involved in spam sent to the email accounts of this website's owner.
Why is a company on the Map if they're not spamming?
Because the purpose of the Map is simply to show the widespread interconnectivity
of mailing services and marketing companies, to illustrate the potential
for abuse. Due to the fact that many of these companies accept unconfirmed
addresses into their databases, and the fact that so many companies have
address-sharing "partnership" agreements with so many other
companies, once an unauthorized submittor injects an email address into
this macro-network of companies and their databases, it is fully possible
that the address will never again be free of spam.
The Spamdemic Map hopefully serves as a wake-up call
for email users and list managers alike: know who you're doing business
with, know their policies and practices, and remember that permission
must be granted and documented, not just assumed.
The Spamdemic Map always provides a clear system to differentiate between
companies that have been involved in spam sent to the owner of this site,
and those which have not.
Q: How do we get our company's name / domain
off your Blacklist?
an easy one: stop spamming us or supporting someone who spams us. The way
to do that is to remove all email addresses from your database for which
you do not have closed-loop opt-in confirmation
On the other hand, CluelessMailers.org is totally committed to accurate
reportage. We actively solicit comments from marketers, mailers and others
about the information on the site. So, if there's some information on the
site that you think should be corrected or clarified, please get in touch
Q: Where's the downloadable plain text/XML/IP
address version of the Blacklist?
A: The current
focus of the Clueless Mailers website is education, not punishment.
We mention particular companies to provide accurate criticism and to encourage
these companies to implement the best practices for mailing list management
by adopting a closed-loop confirmed opt-in
subscription system. Sometimes called "double opt-in", this system is
the only due-diligence method for proving and documenting permission. We
encourage UCE recipients and mailing clients alike to make a good-faith
effort to explain to CM-mentioned companies the importance of and the
practical reasons for the decades-old Internet standard prohibiting the
sending of UCE. And to take the time to explain the tenets and simplicity
of using a closed-loop confirmed opt-in subscription system.
Another reason why we don't maintain the list as a DNSBL is that the CM
list isn't "live", plus removal is manual, and is subject to the webmaster's
demanding day-job schedule. Since it's possible that one or more of the
entities listed might start using closed-loop confirmed opt-in, it wouldn't
be fair to those reformed spammers if we encouraged admins to download and
use a somewhat-static list. (We do encourage all concerned to contact us
if any information on the site should be corrected.)
So, to help us maintain our focus, and in the interest of fairness, the
Clueless Mailers Blacklist will for now, at least remain in its present
Q: Why isn't example.com or Example Spammerz,
Inc. listed on the Clueless Mailers Blacklist?
A: That could
be due to any combination of several reasons:
1) All references on the site originate with spam that's received at a very
few email addresses that are monitored by the CM webmaster. In other words,
if they haven't spammed us, and they haven't provided services to someone
who's spammed us, then they won't be on the blacklist. See also Why don't
you accept spammer nominations?
2) If a company or domain that's spammed us deals with spam issues after
abuse reports are filed, and there aren't consistent or numerous recurrances,
they won't be on the Blacklist.
3) If it's an underground spammer, they're just too small, and we throw
'em back. Seriously... CM doesn't cover spammers that hijack relays and
forge headers and such.
4) And since the CM webmaster's addresses get hit with an average of 90
to 120 pieces of spam every day, there's a lot of data and research to deal
with in the webmaster's so-called "spare time" (had to look up that term...
we heard it on TV once).
See also "What are your criteria
for listing a company or domain?"
Q: Why don't you accept nominations of spammers
for the Blacklist or the Spamdemic Map?
the info here isn't meant to be encyclopaedic (but we do love that word).
The site's focus is on the spam received by one person, and the connections
that create a potential for massively-increased abuse. We think that the
fact that all of this abuse and potential abuse is/could be aimed at a single
user in fact, any individual user... well, that makes the case more clearly
and dramatically than if we mixed our experience with others'. Not to mention
the fact that the CM webmaster is already up to his eyeballs in spew to
research. But... we reserve the right to change our minds about nominations
in the future. We're nothing if not flexible.
Doing Email Marketing Right
Q: How do I make sure the addressees on my mailing list have really given their permission?
A: For info how to ensure permission, see our guidelines on Best Practices for List Management.
Q: Why don't you publish a list of a "clean" listbrokers/mailers/marketers?
A: We don't provide any "positive" listings for several reasons:
First is a perceived conflict of interest. Many members of the spam-fighting community would never believe that a legitimate anti-spam website would ever endorse or even positively characterize any email marketer or list broker without having some sort of financial interest at stake.
Second, a list of "white hat" list brokers may well be impossible to compile, since virtually all companies that provide lists that use true confirmed opt-in (sometimes called "double opt-in", or "DOI") also provide lists that are single opt-in ("SOI"). SOI lists are compiled without securing proof of permission, and those lists are often dirty.
In short, it's virtually impossible to find a rentable/buyable SOI mailing list that can be 100% safely and responsibly used. On the other hand, if you can find a high-end company that provides rental of DOI lists, and that company has a very long history and a very clean reputation, you might consider using them. Do your homework. Google a lot. Search the anti-spam discussion groups.
However, the cleaner the list, the more expensive it is, and a small-business person should not expect to find anything eminently affordable.
Remember, though, that there probably does not exist a list broker/marketer that has not been reported for spamming, rightly or wrongly.
List brokers and marketers constantly buy, sell and trade email addresses. Many of those entities are buying and selling addresses for which they have zero proof of permission buyers have simply taken the word of the list seller that everyone on the list wants to get commercial email. These buyers resell those addresses, and so on.
This means that the overall mailing list pool is utterly polluted with unethically gathered addresses. Because of this, we strongly recommend that you re-think your marketing, and find an avenue of contact/promotion that does not include renting or buying mailing lists of any kind.
Remember: the vast majority of businesses in existence and the vast majority of Internet-based businesses do not use direct email marketing that uses rented or purchased address lists. These businesses including some of the most successful anywhere know that the risks are too great.
To illustrate... Clueless Mailers monitors two "catch-all" email accounts at two domains. These accounts receive between 250 and 300 pieces of spam per day, sent to real, harvested addresses and generics like "info@" or "webmaster@". The vast majority of these spams are from so-called "legitimate" sources that have supposedly acquired their addresses via some permission-based process. Some even claim some sort of "verification" of permission. The truth is that these "light-of-day" spammers have bought or rented so-called "single opt-in" mailing lists which are filled with addresses harvested from Web pages, Usenet newsgroups, discussion boards, etc. It's also very possible that many of the addresses were injected into the address pool via "co-registration" schemes in which a scammers buy a "Millions" CD of harvested addresses and submit address after address to the co-reg network, collecting a cash bounty for each one.
The only safe way to acquire addresses is by building the address list yourself, using closed-loop confirmed opt-in, either through submissions via your own website, or by using a unique-token system to confirm any address list you may have gathered via real-world contacts like trade shows, email sent in response to magazine ads, etc.
If, however, you feel that without direct email marketing, your business will collapse, many peoples' financial lives will be ruined and the result will be the end of western civilization... then insist on using a closed-loop confirmed opt-in / DOI list from a list broker with a sterling reputation. Insist on auditing the database for proof of permission... and that means more than just an IP number, a timestamp, and a webform URL.
For more info on closed-loop confirmed opt-in and how to ensure permission, see our guidelines on Best Practices for List Management.
General Spam-Fighting Info
Q: How can I filter out spam from...? /
Where did the spammer get my address? / Etc....
A: The Clueless
Mailers site is focused on a few particular problems, and can't really provide
general support. We do offer some suggestions
for keeping your address out of the hands of spammers, but for general
spam-fighting subjects, there are other sites, message boards and newsgroups
that are more approriate forums for questions (we hope to have some links
soon...). We (I) also don't have the time or resources to answer general
spam-fighting questions... So we apologize for not answering those sorts
of questions submitted to the CM site.
Stopping Mail from Spammers /
Stopping Mail from CluelessMailers.org
Q: Could you please stop the spam?? /
Could you please stop spamming me??
A: We aren't
spamming you, and we can't remove you from anything. CluelessMailers.org is an anti-spam website. Either you found
us after a web search for the name of a spammer, or some spammer has disguised
their spam to make it look as though it came from us. Since we didn't spam
you, we can't remove you fom any mailing list, so please don't send us a
"remove" request. We also strongly recommend that you DO NOT contact a spammer
and ask for removal. For more on that, click
Q: Where can I buy a poster or T-shirt of
that amazing SpamdemicSM
glad you asked! After lots of requests, we've finally produced a poster
version of the Spamdemic Map, and we've made it available at The
Clueless Mailers Spamdemic Store! Just click here to buy.
Unfortunately, T-Shirts of the Spamdemic Map would be impractical, since
the text would be much too small to read. But we're currently developing
T's and other items with various Clueless Mailers / Spamdemic / anti-spam
themes. So stay tuned!
Because the CM site is non-commercial, and traffic to and from it is increasing,
your purchase of Clueless Swag will help us to pay for our hosting and extra
Creating The Spamdemic Map
Q: What software do you use to create the
it's not Visio, it's not output from some exotic visual database... It's
good old Adobe Illustrator, a heck of a lot of anal-retentive fiddling time,
and way too much Dr Pepper.
Q: How long did it take you to create the
A: Oh, who
knows. Way too long. Never tracked the hours. And if we had written them
down somewhere, we'd probably never show them to anyone, lest the friendly
young men in the clean white coats be sent our way.
Q: How do you do your research / find all
A: It all
starts with one piece of unsolicited commercial email... Then another, and
another. Using domains and IP numbers found in the headers, determine the
mailing service. With text from the body of the message, we determine who
the advertisers and/or marketers are who commissioned the mailing; we also
take apart the response links or even click on them (when it's privacy-safe)
to find out who some anonymous advertisers and marketers are. Using the
response links, we connect the advertisers and marketers with with the services
that process responses. After we come up with the companies involved, we
just read each one's website and learn who their partners are. We also love
to Google. There's no proprietary information on the Clueless Mailers website.
All of the info here is from published sources available to the public via
the Web, via traceroute, and via WHOIS... or the information is taken directly
from the spams received at the inboxes that CM monitors. All of this information
is then poured directly into Clueless Mailers' exclusive Spamdemic Cross-Referencing
Unsolicited Nuisance Connection Heuristics Engine Reloader(TM) (SCRUNCHER),
where it is combined with a few hundred Dr Peppers and a lotta love, baby...
Resulting in the frightening circuit-board-like diagram that is the Spamdemic
Q: Why do you use those stupid colors? I
can't tell what's what!
the Map didn't start out to be a monstrous 800+K file with hundreds of names,
and the .GIF format worked great back then. And we wanted to use as few
colors as possible to keep the images size down. Having done information
design for a while, we figured that black should be the most-frequently
used color. Since the entity shapes and their labels make up most of
the Map, and most of those have been involved in UCE, those became black.
Basic connection lines were initially made black to associate them with
UCE activities (and to keep the number of colors down), but the types of
connection lines have increased and changed since then, and they do need
a little differentiation. At the moment, we're kinda painted into a corner
by the scale of the image, so we're going to either have to make a 90-degree
turn into some sort of visual database system, or use Flash and Generator
or something... or just keep using good old Adobe Illustrator. But if we're
going to move an interactive version soon, we're just too lazy to make radical
changes to the Illustrator version if they're going to get trashed. Hey...
even we need a life!
Q: Can't you reduce the number of colors
to two and not antialias the GIF?
us we've tried all sorts of color levels. Reducing the number of colors
to two makes the green ownership lines look like everything else; non-spammers
look just like spammers; and the type is how you say unreadable. (Details,
details.) Plus, future versions of the Map will probably need more colors,
not less, since there will be more types of info presented.
Not to mention the fact that black and white just don't make Spammy the
Clown(TM) look very attractive. (He's a real whiner, so we don't want to
give him any excuses to call his agent.)
Q: Why not use a different file format
like PNG or SVG?
A: PNG? Good
idea! Thanks! We've replaced the 874K GIF with a 684K PNG already. As for
other formats, SVG is a possibility. But we may end up implementing a fully
interactive Flash (or other visual tool) version that's generated from a
live database, with a display that resizes and crops itself at the viewer's
command, and which rearranges itself automatically as the data changes.
Well... in a perfect world, at least.
Thing is, the Map currently only holds a fraction of the information that
it eventually will. It's going to take some novel tactics and a lot of Dr
Peppers to keep it up-to-date and usable at the same time.
In truth, we just figured a few hard-core anti-spammers would wander by
the site once in a while. We never expected to get SlashDotted (or, as CM's
FutureQuest.net admin said when he called us, "Nobody expects the Spanish
Q: Why are you using the worst possible tool to create
A: Photoshop is on our machine, and we use it
every day. Okay, yes, the PNG isn't optimized. Give us a break. It's our
first PNG. We may investigate tools for making the PNG smaller... but it
may be more efficient to implement a totally interactive system based on
something other than bitmapped graphics. Don'tcha think?