Suped

Which platforms are most commonly used for sending spam emails?

11 Marketer opinions6 Expert opinions5 Technical articles4 Resources

Summary

Spam originates from diverse sources, often used in conjunction to mask sender identity and evade filters. Core sources include botnets, compromised accounts, and exploited servers. Techniques like dynamic IPs and bulletproof hosting aid in evasion. Some Cloud providers like Amazon SES, Gmail, and Outlook struggle with policing spam, especially in B2B environments, partly due to ineffective compliance and lacking incentives for removal. Open relays, rented lists, smaller ESPs with weak security, and purchasing old domains are also used. The rise of stricter filters and decreased false positive tolerance also shape the landscape.

Key findings

  • Core Spam Sources: Botnets, compromised accounts, and exploited servers are main platforms for spam.
  • Evasion Techniques: Spammers use dynamic IP addresses, bulletproof hosting, open proxies and VPNs to hide their origin.
  • Cloud Provider Challenges: Cloud providers, specifically in B2B, have difficulties in spam policing and lack strong compliance.
  • ESPs and Hosting: Smaller ESPs with weak security, rented lists, and purchased domains contribute to spam.
  • Stricter Filtering: Email filters are becoming more selective and less forgiving of false positives.

Key considerations

  • Enhanced Security: Implement strong network and account security measures to prevent compromise and botnet inclusion.
  • Email Authentication: Utilize SPF, DKIM, and DMARC for email authentication to verify email authenticity and reduce spam.
  • Monitoring & Reporting: Monitor network traffic for unusual activity, and report spam to assist in identification and removal of sources.
  • Choosing Platforms: Carefully vet ESPs and hosting providers, prioritizing those with robust anti-spam policies.
  • Evolving Tactics Awareness: Stay updated on evolving spam tactics to adapt and implement necessary preventative measures.

What email marketers say
11Marketer opinions

Spam originates from a variety of sources and platforms, often used in combination to obfuscate the sender's identity and bypass spam filters. Common sources include: botnets (networks of infected computers), compromised email accounts, rented servers, smaller email marketing services with lax policies, open mail relays, bulletproof hosting services, web hosting providers that ignore spam complaints, SMTP servers on residential ISPs, and purchased old domains. Some ESPs may be exploited due to poor monitoring, and some providers turn a blind eye to spam due to the profit generated. Spammers also utilize techniques to mask their locations, such as using public Wi-Fi networks, VPNs, and proxies. Amazon SES, Gmail, and Outlook have been mentioned as platforms used to send spam.

Key opinions

  • Multiple Sources: Spam originates from a variety of sources including botnets, compromised accounts, rented servers, and smaller ESPs with lax policies.
  • Compromised Accounts: Compromised email accounts are frequently used to send spam, often without the account owner's knowledge.
  • Botnets: Botnets, networks of infected computers, are a significant source of spam.
  • Masking Techniques: Spammers use various techniques to hide their true IP addresses and locations, including public Wi-Fi, VPNs, and proxies.
  • Platform Exploitation: Some legitimate ESPs and hosting providers may be exploited due to poor monitoring or lax policies.

Key considerations

  • Platform Security: Consider the security policies and monitoring practices of any email marketing service or hosting provider you use.
  • Email Authentication: Implement email authentication protocols (SPF, DKIM, DMARC) to help prevent your emails from being flagged as spam.
  • Network Security: Ensure your network and devices are secure to prevent them from becoming part of a botnet.
  • Reporting: Report spam to help mitigate the problem and support efforts to identify and shut down spam sources.
  • Evolving Tactics: Spammers are constantly evolving their tactics, so it's important to stay informed about the latest techniques and trends.
Marketer view

Email marketer from Quora explains that spammers often use a combination of techniques including compromised email accounts, open relays and bulletproof hosting, making attribution difficult. They also note that some legitimate ESPs may be exploited due to poor monitoring.

July 2022 - Quora
Marketer view

Email marketer from Reddit shares that spam is sent from botnets, compromised accounts, and some smaller email marketing platforms with weaker security. Spammers also use public Wi-Fi networks to mask their locations.

April 2022 - Reddit
Marketer view

Email marketer from Reddit notes that spammers exploit open mail relays, compromised servers, and bulletproof hosting services to run their spam campaigns. They also use VPNs and proxies to hide their true IP addresses.

January 2025 - Reddit
Marketer view

Email marketer from Reddit explains that many spammers use compromised email accounts, botnets, and rented servers to send spam. They also mention that some email marketing services with lax policies are used to send spam campaigns.

October 2023 - Reddit
Marketer view

Email marketer from Email Marketing Forum shares that a significant portion of spam originates from botnets, which are networks of infected computers controlled by spammers. They also mention that some spammers use compromised email accounts and free email services.

July 2023 - Email Marketing Forum
Marketer view

Email Marketer from Email Geeks shares that there is a lot of spammer use of AmazonSES these days and seemingly on the increase (possibly because more networks are blocking/throttling AWS IPs than they used to?). Still not as much as comes out of Gmail which still isn't as much as comes out of Outlook.

August 2023 - Email Geeks
Marketer view

Email marketer from Email Marketing Forum explains that spam comes from compromised accounts, botnets, and email service providers with lax policies. Some providers turn a blind eye because of the profit generated. They recommend reporting spam to help mitigate it.

October 2021 - Email Marketing Forum
Marketer view

Email marketer from SendPulse shares that spammers often use botnets, rented email lists, and compromised servers to send large volumes of spam. They also emphasize the importance of following email marketing best practices to avoid being flagged as a spammer.

December 2021 - SendPulse
Marketer view

Email marketer from Hubspot explains that spam originates from multiple sources including compromised email accounts, rented email lists and malicious servers. They note that some smaller ESPs may have less stringent filtering systems therefore being more susceptible for spammers to use.

December 2023 - Hubspot
Marketer view

Email marketer from Mailjet answers explains that spam can originate from various sources including compromised email accounts, shared hosting environments, and even poorly configured email marketing platforms. They highlight the importance of email authentication to combat spam.

September 2024 - Mailjet
Marketer view

Email marketer from Reddit details a variety of approaches used by spammers. These approaches include using web hosting providers that ignore spam complaints, SMTP servers on residential ISPs, and purchasing old domains with established reputations to bypass spam filters.

October 2021 - Reddit

What the experts say
6Expert opinions

Spam originates from various sources, including botnets, compromised servers, hijacked email accounts, and bulletproof hosting providers. Cloud providers struggle with policing spam, particularly in B2B environments, due to ineffective compliance teams and a lack of incentive to remove bad actors. Gmail and Microsoft are identified as significant sources of B2B spam. Filters are becoming stricter and less forgiving of false positives, leading to a less marketer-friendly environment.

Key opinions

  • Multiple Sources: Spam originates from a variety of sources, including botnets, compromised servers, and hijacked email accounts.
  • Cloud Provider Challenges: Cloud providers face difficulties in policing spam, especially in B2B environments.
  • Gmail & Microsoft: Gmail and Microsoft are significant sources of B2B spam.
  • Stricter Filters: Email filters are becoming stricter and less forgiving of false positives.
  • Bulletproof Hosting: Bulletproof hosting providers facilitate spam campaigns due to minimal oversight.

Key considerations

  • Source Monitoring: Monitor spam sources to identify and address potential issues.
  • B2B Spam Focus: Pay special attention to B2B spam, as it is prevalent and often difficult to detect.
  • Filter Adaptation: Adapt marketing strategies to accommodate stricter email filters and reduced tolerance for false positives.
  • Compliance Improvement: ESPs need to invest in innovative thinking and resources to improve compliance and effectively stop spam.
  • Bulletproof Hosting Risk: Avoid bulletproof hosting, as this increases the risk of deliverability problems.
Expert view

Expert from Email Geeks explains that all the cloud providers are pretty messy and it’s very, very hard to police sending particularly in a B2B environment. So many ESPs built their compliance teams based on things like GPT and FBLs and … they simply don’t work in a B2B environment.

May 2021 - Email Geeks
Expert view

Expert from Email Geeks shares that compliance is going to get worse before it gets better and it’s going to take some innovative thinking and resource investment to actually have the ESPs stopping spam more effectively. She adds that she is not sure they have any real incentive to do so because filters are more selective and a bad customer only hurts themselves. There’s just not the incentive to throw off bad customers that there used to be and compliance desks are expensive. They think we’re going to see spam get worse and more and more ESPs just not having the ability to deal with it.

September 2024 - Email Geeks
Expert view

Expert from Email Geeks thinks filters are going to get more selective and stricter and they’re going to care less and less about false positives. The pendulum is swinging in a way marketers are going to like (less ‘you can’t do that’ from their ESPs) and going to hate (filters and mail clients are going to be less and less marketer friendly - apple mpp is only the tip of the iceberg here).

November 2023 - Email Geeks
Expert view

Expert from Email Geeks explains that Gmail and Microsoft are two of the absolute worst in terms of filthy spammers, and it’s all B2B spam, prettied up as “customized and carefully chosen outreach mail” — and so much of it is just out and out spam.

February 2024 - Email Geeks
Expert view

Expert from SpamResource.com explains that spam frequently originates from botnets, compromised servers, and hijacked email accounts. These sources enable spammers to send high volumes of unsolicited emails while masking their true identities and locations.

April 2022 - SpamResource.com
Expert view

Expert from Word to the Wise shares that bulletproof hosting providers are often used to facilitate spam campaigns. These providers allow spammers to operate with minimal oversight and often ignore abuse complaints, making it easier to send large volumes of unsolicited email.

April 2023 - Word to the Wise

What the documentation says
5Technical articles

Spam is predominantly sent through botnets (networks of compromised computers), compromised email accounts, and exploited servers. These platforms allow spammers to send large volumes of unsolicited emails while masking their true identities. Dynamic IP addresses, open proxies and bulletproof hosting are also used to evade detection. Network security and email authentication protocols like SPF, DKIM, and DMARC are crucial in mitigating spam attacks.

Key findings

  • Botnets: Botnets are a primary source of spam, enabling the sending of large volumes of unsolicited emails.
  • Compromised Accounts: Spammers frequently use compromised email accounts to send spam.
  • Exploited Servers: Spammers exploit compromised and unsecure servers to distribute spam.
  • Evasion Techniques: Spammers utilize dynamic IP addresses and bulletproof hosting to evade detection.
  • Authentication Importance: Email authentication protocols (SPF, DKIM, DMARC) are effective tools for identifying and mitigating spam.

Key considerations

  • Network Security: Implement robust network security measures to prevent servers from being compromised and used for spam.
  • Account Security: Implement email account security measures to reduce the risk of account compromise.
  • Email Authentication: Utilize email authentication protocols (SPF, DKIM, DMARC) to verify the authenticity of emails and reduce spam.
  • Botnet Monitoring: Monitor network traffic for signs of botnet activity and take steps to mitigate any detected infections.
  • Secure Hosting: Avoid bulletproof hosting providers and choose reputable hosting services with strong anti-spam policies.
Technical article

Documentation from Cisco identifies that botnets, hijacked accounts, and compromised servers are frequently used by spammers. Cisco outlines the importance of network security and email authentication to mitigate spam attacks.

September 2021 - Cisco
Technical article

Documentation from Cloudflare describes that malicious actors leverage botnets, compromised email accounts and unsecure servers to send spam. They highlight the use of email authentication protocols like SPF, DKIM and DMARC as effective tools in identifying spam.

July 2024 - Cloudflare
Technical article

Documentation from Spamhaus explains that botnets are a primary source of spam. These networks of compromised computers are used to send large volumes of unsolicited email, often without the computer owner's knowledge.

May 2023 - Spamhaus.org
Technical article

Documentation from Microsoft answers explains that spammers frequently use botnets, compromised accounts, and open proxies to send unsolicited emails. Microsoft actively works to block these sources and prevent spam from reaching its users.

October 2023 - Microsoft
Technical article

Documentation from Talos Intelligence details that spammers exploit various platforms, including compromised servers, bulletproof hosting providers, and vulnerable websites, to send spam. They also mention the use of dynamic IP addresses to evade detection.

July 2023 - Talos Intelligence

Related resources
4Resources

What Is an Email Blacklist? (And How To Avoid Ending Up on One)
What Is an Email Blacklist? (And How To Avoid Ending Up on One)

Has your email deliverability taken a dive? You might be on an email blacklist. Find out what a blocklist is, how to avoid them, and how to remove your omain.

SendLayer - Reliable Email Deliverability Made Easy
The Latest Phishing Statistics (updated January 2025) | AAG IT ...
The Latest Phishing Statistics (updated January 2025) | AAG IT ...

As the most common form of cyber crime, phishing affects both individuals and businesses. Find out how attack vectors and trends are developing with the latest phishing statistics.

AAG IT Services
Choosing an SMTP Port: Ports 25, 465, and 587 Explained | Mailgun
Choosing an SMTP Port: Ports 25, 465, and 587 Explained | Mailgun

Learn about SMTP ports and their numbers: port 25 for relays, 587 for mail submission, and 465 for secure TLS. Explore our comprehensive SMTP port guide.

Mailgun
Send Mail Node sends SPAM mails - Questions - n8n Community
Send Mail Node sends SPAM mails - Questions - n8n Community

Hey, We set up a mailing system with send mail node for my client and it works properly but sometimes my client cannot send the mail and a message returns and mail involves SPAM: My client tried to send it through the mail clients’ own page -IONOS- and he says this message can be send from there and they say when they send out through Send Mail Node, it sends this as a SPAM. What might be the problem in here? Is this about Send Mail Node? Information on your n8n setup n8n version:Versio...

n8n Community

Related questions