Hi, On Mon, Apr 18, 2016 at 2:05 PM, John Hardin <jhar...@impsec.org> wrote: > On Mon, 18 Apr 2016, Alex wrote: > >> I'm curious as to whether you think this email is spam? >> >> http://pastebin.com/bFVSgwnR >> >> It looks like your typical unsolicited "Buyers Guide" junk, but I've >> heard of actonsoftware before, and this email appears to have a >> legitimate unsubscribe link. It also doesn't appear on any blacklists. >> Is it opt-in? > > The mere presence of an unsubscribe link does not indicate legitimacy. And > the sender's definition of "opt-in" may not align with how most people would > define it. > > The company is probably real, ISTR using Acton back when I was monking at > $DAYJOB--, but that doesn't mean the *contact* is legit.
Yes, this I understand. I should have qualified my question and asked if it was a *legit* opt-in, and more generally, what part of this message makes it unsolicited junk. I realize now it's the techproductupdates.com domain that's taken advantage of the actonsoftware bulk mailer. > The only way I'd consider it legit is if someone reported that they had, at > some time, subscribed to that newsletter. Ah, true. > If you're seeing a large portion of your userbase receiving them, and it's > not a well-known website, then it is probably safe to consider it spam. What > proportion of your user base would be technical enough to be interested in > security audit software? We've just had another vendor scan some of our mail, and they did a much better job at bulk-mail detection. > It looks to me like Acton made a bad marketing decision. Yes, I think what I've realized today is that SA doesn't really have any rules or processes for detecting bulk mail and giving the user the option of tightening down on how it's managed. That's a problem. Thanks, Alex
