Sven Golly Posted February 2, 2021 Share Posted February 2, 2021 It seems I have been seeing more SpamCop reports going to devnull lately. For example, I am getting spam via salesforce.com and those ALL go to devnull. Is this because salesforce.com is not acting? Do they have a behind the scenes deal with CISCO (SpamCop)? Salesforce does have a working abuse@salesforce.com address so it can't be lack of that. Any thoughts? Quote Link to comment Share on other sites More sharing options...
gnarlymarley Posted February 3, 2021 Share Posted February 3, 2021 I don't have an IP or tracking URL so I am not able to duplicate a look up, but my memory remembers that I never got a reply from salesforce spam. It did stop after a while, but maybe they were list washing their single opt-in lists. Quote Link to comment Share on other sites More sharing options...
Sven Golly Posted February 4, 2021 Author Share Posted February 4, 2021 I have a friend who's fairly well respected within Salesforce.com. I shot him a sample of the emails (consistently from The Economist who refuses to honor opt-out requests). I can block them easily but When I have extra time, I prefer to work on the root of the problem. Quote Link to comment Share on other sites More sharing options...
KNERD Posted February 8, 2021 Share Posted February 8, 2021 devnull because of 1 of 3 reasons. 1) Does not want munged reports 2) No abuse address is available to sent reports to 3) Action has reported been taken against abuser, thus no more reports are needed, but you will see such a message in the report. Quote Link to comment Share on other sites More sharing options...
groupboard Posted August 8, 2022 Share Posted August 8, 2022 The problem seems to be that salesforce doesn't do anything about spam. Their abuse address is abuse@salesforce.com, but it is a big black hole. I contacted them on twitter and they said to forward the reports to security@salesforce.com, which I did. They claimed they would look into them, and the spam did seem to stop. However a week ago I got a spam from exacttarget (now owned by salesforce) and I forwarded it to security@salesforce.com. The reply I got was that they had unsubscribed the recipient email address from the mailing list, along with a screenshot of said unsubscribe! I replied saying I didn't want to unsubscribe, but was reporting spam, and asked what they intended to do. I haven't gotten a reply. And now this morning I see a spam from newswatchtv, the same spammer I reported to their security@salesforce.com in November 2020 (after them saying that reporting the spam there would get it resolved). This was from smtp12-ia4-sp1.mta.salesforce.com [13.110.74.235], the main salesforce network (not exacttarget). So, basically they are a huge waste of time, and I don't think I have ever received any legitimate emails via salesforce and am considering blocking their entire network if I can easily figure out their ip ranges. Quote Link to comment Share on other sites More sharing options...
RobiBue Posted August 9, 2022 Share Posted August 9, 2022 the way you explain it, it seems that salesforce doesn't understand spam at all if they think that unsubscribing the recipient from the mailing list would stop any spam... 🤦♂️ Quote Link to comment Share on other sites More sharing options...
petzl Posted August 10, 2022 Share Posted August 10, 2022 (edited) On 8/9/2022 at 1:11 AM, groupboard said: 13.110.74.235 13.110.74.235 abuse address is not salesforce? It is abuse[ AT]c[DOT]exacttarget[DOT]com at least that is what my Wuois comes up with? Edited August 10, 2022 by petzl Quote Link to comment Share on other sites More sharing options...
groupboard Posted August 10, 2022 Share Posted August 10, 2022 20 hours ago, petzl said: 13.110.74.235 abuse address is not salesforce? It is abuse[ AT]c[DOT]exacttarget[DOT]com at least that is what my Wuois comes up with? Exacttarget is owned by salesforce. Monday's newswatchtv spam came from 13.110.74.235 (smtp12-ia4-sp1.mta.salesforce.com), and that spammer was previously reported to abuse@salesforce.com and security@salesforce.com multiple times (due to multiple spams from them) in Nov 2020. Quote Link to comment Share on other sites More sharing options...
petzl Posted August 11, 2022 Share Posted August 11, 2022 10 hours ago, groupboard said: Exacttarget is owned by salesforce. Monday's newswatchtv spam came from 13.110.74.235 (smtp12-ia4-sp1.mta.salesforce.com), and that spammer was previously reported to abuse@salesforce.com and security@salesforce.com multiple times (due to multiple spams from them) in Nov 2020. Can you give a URL for a SpamCop track Before you submit a report it is at top of page. Do they have a unsubscribe link? Not seeing they are Blackhats? Had problems with kindle Amazon giving my credit card (CC) details to Audio books. my kindle don't do audio. but they are pushy/scamy (not first time, always cancel their "free" offer in buying a Kindle book), they then without asking signed me up for a "free" 14 day trail, Then did a zero amount check on my CC the moment they did this. My bank sent a auto SMS Alert, do I recognize "CLIENTCONNECT.AI", I replied no and card is considered compromised so deactivated. A real pain be a long while before I use Amazon again. Sounds like your details have been also passed on maybe? Quote Link to comment Share on other sites More sharing options...
groupboard Posted August 11, 2022 Share Posted August 11, 2022 6 hours ago, petzl said: Can you give a URL for a SpamCop track Before you submit a report it is at top of page. Do they have a unsubscribe link? Not seeing they are Blackhats? Had problems with kindle Amazon giving my credit card (CC) details to Audio books. my kindle don't do audio. but they are pushy/scamy (not first time, always cancel their "free" offer in buying a Kindle book), they then without asking signed me up for a "free" 14 day trail, Then did a zero amount check on my CC the moment they did this. My bank sent a auto SMS Alert, do I recognize "CLIENTCONNECT.AI", I replied no and card is considered compromised so deactivated. A real pain be a long while before I use Amazon again. Sounds like your details have been also passed on maybe? I'm not sure what you're getting at here. The problem is simply that salesforce doesn't do anything about spam reports and they have now confirmed that. The spams have been sent to various email addresses on our network from various spammers. Some have unsubscribe links, others (such as newswatch TV) don't have any unsubscribe links. I won't be reporting any further salesforce spam, as it's a waste of time. The spammers presumably purchase lists of email addresses that have been scraped from websites, or guessed from linkedin and then sold. None of the spammers in question had any contact with us previously. Basically just the same as all other spam. Quote Link to comment Share on other sites More sharing options...
petzl Posted August 12, 2022 Share Posted August 12, 2022 9 hours ago, groupboard said: The spammers presumably purchase lists of email addresses t Can you give a URL for a SpamCop track Before you submit a report it is at top of page.Do they have a unsubscribe link? Not seeing salesforce are Blackhats? abuse[ AT]c[DOT]exacttarget[DOT]com add to next report Quote Link to comment Share on other sites More sharing options...
groupboard Posted August 12, 2022 Share Posted August 12, 2022 19 hours ago, petzl said: Can you give a URL for a SpamCop track Before you submit a report it is at top of page.Do they have a unsubscribe link? Not seeing salesforce are Blackhats? abuse[ AT]c[DOT]exacttarget[DOT]com add to next report You can see two of the spams here: https://pastebin.com/r1kdNGc9 https://pastebin.com/4Yybr1NP One has an unsubscribe, one doesn't. I just noticed the eco.de complaint address, so I've sent a complaint there. Quote Link to comment Share on other sites More sharing options...
RobiBue Posted August 12, 2022 Share Posted August 12, 2022 Just did a quick google lookup on salesforce and exacttarget. Surprising information what salesforce has done in the last decade and a half! surprise: Salesforce bought exacttarget in 2013 for $2.5 billion and having it renamed to Salesforce Marketing Cloud. in other words, whatever you send to exacttarget and "many other bought companies" by salesforce should go to salesforce. I do have the feeling that salesforce is getting away as "innocent" because everybody thinks that the companies they bought during these last 15 or so years are independent, alas they are owned and operated by salesforce! Quote Link to comment Share on other sites More sharing options...
petzl Posted August 12, 2022 Share Posted August 12, 2022 (edited) 13.110.74.235 has the right address for this IP bounces salesforce 13.111.68.15 is abuse[ AT]c[DOT]exacttarget[DOT]com don't take SpamCop reports There are also the US government that address Cyber abuse - central[AT]cisa[DOT]dhs[DOT]gov (AFAIK) Seems to me someone you deal with has given your details to Saleforce as Amazon did to me! Also put your your spam on their Facebook page state they refuse abuse reports, ignore unsubscribe, etc.https://www.facebook.com/SalesforceAPAC/ The best way to do this is send a SpamCop Tracking url top of page before you submit.Here is your TRACKING URL - it may be saved for future reference:https://www.spamcop.net/sc?id=z6770888978zba9c05deea1cc1ab344161b60c8b6fb9z Edited August 12, 2022 by petzl Quote Link to comment Share on other sites More sharing options...
petzl Posted August 12, 2022 Share Posted August 12, 2022 31 minutes ago, RobiBue said: Just did a quick google lookup on salesforce and exacttarget. Surprising information what salesforce has done in the last decade and a half! surprise: Salesforce bought exacttarget in 2013 for $2.5 billion and having it renamed to Salesforce Marketing Cloud. in other words, whatever you send to exacttarget and "many other bought companies" by salesforce should go to salesforce. I do have the feeling that salesforce is getting away as "innocent" because everybody thinks that the companies they bought during these last 15 or so years are independent, alas they are owned and operated by salesforce! Look like a house of cards and panicking Quote Link to comment Share on other sites More sharing options...
groupboard Posted August 13, 2022 Share Posted August 13, 2022 17 hours ago, petzl said: Seems to me someone you deal with has given your details to Saleforce as Amazon did to me! No, salesforce don't have my details, just the spammers using salesforce. Quote Link to comment Share on other sites More sharing options...
groupboard Posted August 18, 2022 Share Posted August 18, 2022 Still getting these newswatchtv spams, but I see the ip in question (smtp13-ia4-sp1.mta.salesforce.com [13.110.74.236]) is on the SORBS spam list. My spam filter does actually check salesforce emails against SORBS spam. (I don't do that for all emails, as it can have quite a few false positives, but for stuff like salesforce that's fine). The reason it got through the spam filter is because I reduce the spam score when our company name is used in the email (which it was for this spam). So I just need to either rethink my heuristics, or else badger salesforce some more. Quote Link to comment Share on other sites More sharing options...
petzl Posted August 19, 2022 Share Posted August 19, 2022 (edited) On 8/19/2022 at 1:49 AM, groupboard said: Still getting these newswatchtv spams, but I see the ip in question (smtp13-ia4-sp1.mta.salesforce.com [13.110.74.236]) is on the SORBS spam list. Unless you effectively report these you will get more and more until you fall over. They provide "cloud space" free 30 day trails" a spammers haven. They also seem ignore abuse reports, even if they shut a free spam account, the offending spam bot just creates a new one Start your free trial. No credit card required, no software to install. With your 30-day trial, you get: Pre-loaded data or upload your own Pre-configured processes, reports, and dashboards Guided experiences for sales reps, leaders, and administrators Online training and live onboarding webinars Edited August 20, 2022 by petzl Quote Link to comment Share on other sites More sharing options...
gnarlymarley Posted August 20, 2022 Share Posted August 20, 2022 On 8/18/2022 at 9:49 AM, groupboard said: My spam filter does actually check salesforce emails against SORBS spam. I added my own blocking list. My spam filter doesn't reject email from any single list. I has to be on multiple lists. (I no longer have seen false positives.) 13 hours ago, petzl said: Unless you effectively report these you will get more and more until you fall over. Also to note that when properly reporting, it feeds spamcop's blocking list. The list can also add to the spam score. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.