Speaking of The Economist, is anyone else getting a ridiculous amount of third party spam pushing The Economist subscriptions?
I'm getting several a day, typically from domains in the new TLDs, such as .date, .science, .faith, and .review. The domain names match the IP addresses, have SPF records that check out, and they body doesn't have any of the usual things that make it look like spam, and so Spamassassin is marking many of these with a score of around -2.4. They look so non-spammy that even though I keep feeding them to my "train spam" script I'm barely getting the score to move. (Occasionally one does come from an IP that is in a blocklist and so does get marked as spam)
I assumed they were probably phishing attempts, but all the links really do go to The Economist's website, and the ones in the mail that go to ordering pages use https and the certificate checks out.
My current guess is that it is a rogue affiliate, or possibly that The Economist is not doing a good job of policing their affiliates since the rules of their affiliate program [1] (assuming that's what those actually are) says that affiliates can send email to people in their own database, but that these must be approved by the merchant (which would be The Economist) prior to being sent. All the links when they end up at The Economist have a /AFF/DM appended which I'm guessing identifies the affiliate.
I'm absolutely certain that I did not subscribe to their affiliate's list because not only am I getting these at my home address, I am also getting them at my work address, AND I'm getting them at several former co-worker addresses that are forwarded to me (just in case some legacy report or monitor was overlooked when addresses were updated when they left), and I'm also getting them on some work mailing list addresses (e.g., it@my_employer).
Be sure to check the origin/return address before you blame the Economist.
I receive multiple Economist spam emails a day, and none of them are from <>@economist.com, or a marketing firm. The TLDs alone give them away: <>@<>.faith, <>@<>.date, and so on.
The links in the emails also go to the odd TLDs or to clearly bogus domains.
I'm not blaming The Economist. I'm blaming some third party member of their affiliate program. (Do affiliate programs ever not end up with some affiliate spamming?)
The links in the emails go to the odd TLDs, where they then redirect a few times ending up at The Economist with what appears to be affiliate tracking information in the URL, which I presume is so that the spamming affiliate will get paid if I subscribe at that point.
If I can figure out what email address @economist.com to report this to I'll send them a sample of one of the mails and the affiliate tagging information and hopefully they'll kick that affiliate out of their program.
I'm getting several a day, typically from domains in the new TLDs, such as .date, .science, .faith, and .review. The domain names match the IP addresses, have SPF records that check out, and they body doesn't have any of the usual things that make it look like spam, and so Spamassassin is marking many of these with a score of around -2.4. They look so non-spammy that even though I keep feeding them to my "train spam" script I'm barely getting the score to move. (Occasionally one does come from an IP that is in a blocklist and so does get marked as spam)
I assumed they were probably phishing attempts, but all the links really do go to The Economist's website, and the ones in the mail that go to ordering pages use https and the certificate checks out.
My current guess is that it is a rogue affiliate, or possibly that The Economist is not doing a good job of policing their affiliates since the rules of their affiliate program [1] (assuming that's what those actually are) says that affiliates can send email to people in their own database, but that these must be approved by the merchant (which would be The Economist) prior to being sent. All the links when they end up at The Economist have a /AFF/DM appended which I'm guessing identifies the affiliate.
I'm absolutely certain that I did not subscribe to their affiliate's list because not only am I getting these at my home address, I am also getting them at my work address, AND I'm getting them at several former co-worker addresses that are forwarded to me (just in case some legacy report or monitor was overlooked when addresses were updated when they left), and I'm also getting them on some work mailing list addresses (e.g., it@my_employer).
[1] https://subscriptions.economist.com/CE/affilinet_TCs.pdf