Why is comodo paying affiliates to send spam marketing comodo products?

Hello,

Why is comodo paying affiliates to send unsolicited spam?

We frequently receive piles of unsolicited commercial email from “affiliates” marketing comodo. Why is that, and, would the comodo AntiSpam actually BLOCK spam from comodo?

Let’s dig deeper to substantiate this claim:

Here’s the body of the spam, of which we received about 75 today:

http://img819.imageshack.us/img819/7010/commodo1.jpg

Yes, that’s the Comodo logo including “creating trust online” - literally attached to unsolicited spam… but let’s look closer still

The headers:
Received: from mx1.secure-online-back-up.com (199.30.65.98)
by a.b.com (172.16.1.70) with Microsoft SMTP Server id 14.1.355.2;
Sun, 5 Aug 2012 19:42:21 -0400
Subject: Complimentary cloud storage
From: IT Solutions itsolutions@secure-online-back-up.com
To: x@y.com
Reply-To: IT Solutions itsolutions@secure-online-back-up.com
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=“----=_NeRtPart_164_48C5_13R8CP21.M400SX2”
Message-ID: 6d2f5d7a-2195-400a-9a2f-ca3c91d562cd@a.b.com
Return-Path: itsolutions@secure-online-back-up.com
Date: Sun, 5 Aug 2012 19:42:21 -0400
X-MS-Exchange-Organization-AuthSource: a.b.com
X-MS-Exchange-Organization-AuthAs: Anonymous

Obviously they’re coming from 199.30.65.98.

Who owns that?
Fork Networking, LLC in Portland, OR.
Seemingly unrelated, so let’s look at the url’s being spamvertised:

http://secure-online-back-up.com/1e8642546c448fd7681b7016ddd101C
which redirects to:
https://securespecialty.com/cc5/?utm_type=click

http://img717.imageshack.us/img717/7991/comodo2.jpg

Seems generic enough - but who owns it?

Both the redirect and the destination are tagged to:
Mountain Peak Solutions
John Henderson (mountainpeaksolutions@gmail.com)
+1.8774964314
123 Town Square Pl
STE 175
Jersey City, NJ 07310

Which is oddly close to comodo themselves:
Paul Lee
1400 Newport Tower 525 Washington Boulevard
Jersey City, NJ 07310

In fact they are practically neighbors:

http://img839.imageshack.us/img839/5885/comodo3.jpg

Let’s look at who they sent FROM and how many we received… notice all of the MADE UP ‘FROM’ ADDRESSES (violation of the CAN-SPAM act)… and notice they are sending to ENTIRE CITY distro groups at our company. Obviously no user would sign up with their entire city distro address on our internal server:

http://img528.imageshack.us/img528/2043/comodo4.jpg

So, I restate my original question: Why is comodo paying affiliates to send unsolicited spam?

You are literally paying people to RUIN YOUR BRAND IMAGE.

Now, I associate “comodo” not with “creating trust online” but with SPAMMERS.

Did you ever give your email address to Comodo when installing a Comodo product?

Hello EricJH, and thank you for your reply

To my knowledge, our company has never purchased or used a comodo product.

Further, the email addresses we’re receiving these spam emails at are distribution groups for entire cities. For example, charlotte@ourcompany.com might go to 50 users.

As rare as it would be for any one user to sign up for comodo emails using that email address, it’s exponentially more rare that several city addresses would have been used as opt-in addresses by users. These are users we’re talking about, probably not even aware that those distribution addresses even exist.

More common and hopefully obvious would be that the addresses were garnered from our corporate website by way of a spider or other bot. Not opted in, but “taken”.

Obviously since the sender has to fake the “from” address using made-up domain names, they have something to hide. Why? Probably because they’re barraging emails which were not opt-in to begin with.

I wanted to add some further detail.

We’re not talking about “my” email address, or even “an” email address… but a list of them, oddly identical to the text on our corporate “contact us” page.

Since these are being sent to about 20 email addresses at our domain (half of which are city distribution lists), and each campaign uses a different “publisher” - I find that the unsubscribe links are a waste of time. Even though we’ve never subscribed to the emails in the first place, I can’t unsubscribe 20 addresses for each campaign at each “publisher” and expect things to stop.

On 5 June 2012 at 11:50am EDT, I sent a detailed email to enterprisesolutions@comodo.com and sales@comodo.com (the only email addresses easily found at the time). They were successfully delivered to the comodo.com mail server, but nobody replied.

On 6 June 2010 at 15:54 EDT, I sent another email, also including backupsupport@comodo.com (randomly found) with even more samples of what I’m complaining about.

Both emails requested/demanded that our company domains be removed from the spam list, nobody replied, but we still continue to get the campaign emails to this day.

I’m sure comodo is able to take our domains off of the spam list - but that doesn’t change the fact that they are causing spam to be SENT in the first place, to the rest of the world.

I for one would be happy and go away if we never received another comodo email… but i can’t speak for everyone else they’re sending UCE to.

Hello byronh,

First and foremost, we apologize for the inconvenience. We have looked into the issue and it is being dealt with. We have contracts in place with affiliates that explicitly state that we do not condone spam. If they are in violation of our terms, we terminate the relationship. If this problem persists after tomorrow, please PM me more information so that we may take the appropriate action against the offending affiliate(s).

Hello ASGHero, thank you for replying.

I appreciate your efforts and will follow up after a few days/weeks, hopefully to report that we haven’t received any more. But if we do, I will PM you with specifics

Thanks again for dropping into this thread

Thank you for the quick response ASGHero.

Reporting back after 2 days - we received just one today at 331pm today (gmt-5)

from: itsolutions@secureonlinerescue.com (really guys? why not be yourselves and stop forging domains)

http://img708.imageshack.us/img708/1888/8812v.jpg

http://img854.imageshack.us/img854/4516/8812b.jpg

It’s really sad that comodo has to resort to spamming people to try to sell their products - which includes a spam filter. People HATE spammers - why would you ever want your logo on that?

If you’ll read again what ASGHero wrote, Comodo isn’t doing the spamming, and they ask affiliates not to spam in their contract.

You’re right - comodo isn’t physically sending the spam - i meant “cause spam to be sent”

Weather it’s by direct payment for services, pay per click, pay per install, or whatever… Mountain Peak Solutions doesn’t do it for free.

Incidentally, we received another at 523pm (gmt-5) in between replies here, this time from itsolutions@mypersonalit.net

They aren’t causing it to be sent either. As ASGHero mentioned, they explicitly state that they do not condone spam in their contract with affiliates. Sending out spam is something the affiliate is doing on their own.

Hopefully Comodo will deal with this quickly. Have you sent a PM to ASGHero with the details as he has asked?

I have sent a PM to ASGHero with our domains to be (hopefully) removed, I look forward to any replies PM or otherwise

Thank you for attending this thread and offering your comments so far

Thank you for providing more details in the PM. I have replied back acknowledging the actions that have been taken thus far. As mentioned before, we do not condone spam. We opened an investigation with the offending affiliate. If they are unable to provide sufficient evidence (e.g. proof of opt-in, timestamp, source, ip, etc.), we will terminate the relationship and the offending affiliate forfeits any revenue made.

I think that is very fair, and we appreciate you following thru with this issue.

If we get more, I’ll let you know… and on the other hand, if your affiliate claims any of these addresses opted in, I’d be happy to refute their evidence with more details and router logs from our side.