Last month I got an email from OTTO.de asking me to attend a survey about customer satisfaction and the like. Bad for them: I use mutt and therefore it is obvious if an email is fake. So, what did OTTO.de do? They gave my emacs addresse (and I suspect those of all other customers) to an external "reasearch" comopany. This company then sent the email using the mail service of another company. All of this happened without my consent.
Now, the good news is, that OTTO.de responded quickly to my complaint and ordered both companies to delete my email address, however I cannot be sure, they actually DID delete it though. The other good news is that I always create an email address for every shop, forum or any other login site I use. That way, I can just drop "burned" email addresses and stop using the single service for which I created it.
But most peope do not operate their own mail server and create an alias for every site they use. For such peope a "burned" email address is a disaster. By "burned" I mean the email address is out of your control, you don't know who's using it anymore, you start to receive SPAM to this address. But if this is the only email address you posses and if you use it for everything, you're fucked. Changing an all-purpose email address, deposited on dozens or even hundreds of sites, is a nightmare.
I have this problem at work. One of our vendors, an israeli company, sends us notifications by email. At work I only have one email
address, it's associated with my name and I cannot change it. The israeli company sends those notifications by using the services of a company called Sendgrid. Now, sendgrid no only knows my name, my location, my employer, they also know what kind of job I have and that our company uses the services of this israeli company.
I never allowed them to do this. And I cannot change this, it already happened. My work email address is burned and I have to continue using it. This is more than annoying.
Much more annoying is the fact, that people using such services don't even think about it. I complained with the israeli company and they did not understand. It was as if I am from mars trying to communicate with people from venus. They even nonchalantly closed the case.
What I tried to say to them was that Sendgrid is a SPAM sending service. And it is a US company, operating in a country with almost no privacy protection laws. They didn't get it. I suspect, young people don't even understand what SPAM is these days, I don't know.
The other day I stumbled upon the story about the operatos of vDOS, a DDoS service. It was a criminal enterprise and they used a mail sending service as well: Mailgun. Mailgun does the same as Sendgrid. It's a SPAM sender company. In order to understand the
nature of their business, look at the numbers:
Sending 5.000.000 emails costs 0.00015 Dollars.
How do they make profit, you ask? Well, look at this, which can be found in a job description:
We have a passion for solving hard problems – our services are
responsible for processing billions of messages each month and have to
not only scale, but be highly reliable.
I don't know who else needs to send such impossible amounts of emails than SPAMmers. And if all of their customers operate like OTTO.de or the mentioned israeli company, almost nobody agreed to this.
An email you receive from a sender you don't know, you don't have any relationship to, you don't do business with is SPAM. Period.
The only difference to past times is that earlier operation an email sending venture was an illegal operation while today it is perfectly okay for all parties, including their victims.
I've got to admit they are clearly geniuses. Converting an foul smelling "business" into something you get venture capital for, create APIs get praised by managers AND developers is a coup I need to salute for.
But however much all those hipsters, ruby-on-rail-loosers and java-scriptsters love services like Mailgun or Sendgrid: what they do stinks, it violates peoples privacy without asking (and I didn't even talk about their tracing features!) and in the end burns peoples
productive email addresses.
I can't even imagine how such a company can be a legal business. This is incomprehensible.
Here's another example:
[..] Received: from mailer212.agnitas.de (mailer212.agnitas.de [188.8.131.52]) From: voelkner - direkt günstigerAgnitas.de, yet another SPAM sending venture, sends mails in the name of Voelkner (also known as fake mails) to me. So, Voelkner gave them my email address without my consent.
What the fuck?!
And yet another one:
[..] Received: from m69-130.mailgun.net (m69-130.mailgun.net [184.108.40.206]) From: firstname.lastname@example.org [..]This time, DRAK an aquaristic vendor, uses Mailgun, to send unsolicited SPAM mails to me In this case as well I didn't give my consent. In the case of DRAK, even their TOS claims that they'd not do such things (that is, give customer data to a third party without consent).
... denn Personal kostet Geld, wissen Sie
SAP. Der Horror.
Clouds machen das Web kaputt
Remote Exploit via 192.168.1.1