To terse or not to terse

I woke this morning thinking about work emails.

I emailed my lawyer and my therapist this morning.

When I write a work-related email to a client or a vendor or some professional I’m contracting for services, I tend to take a lesson from my experiences when I owned a computer consulting firm back in Tampa. Back then, I strongly, strongly preferred clients who sent me terse emails that got straight to the point in the first two sentences to meandering emails that took three paragraphs to get to the point, because the time I spent reading an email was time I wasn’t making money.

So for example, I really appreciated a client who sent me an email saying something like “We’re adding three new workstations to our network, but the network switch is out of ports, so we’d like you to come in and see about installing a larger switch and maybe get costs to upgrade to a faster network.” One sentence, spells out exactly what they need, boom, done.

I worked for a time as a print liaison for a small company that developed training manuals for businesses; they hired me to act as the go-between with printers and shipping companies, primarily, because at the time I already had a working relationship with most of the printers in the area.

I cc’d the business owner on all my emails with print shops and shipping companies. I remember a phone conversation with her one day where she complained about the brevity of my emails—she believed, strongly, that the emails should be longer, with introductory paragraphs like we really appreciate the work you did for us on the last print job and we’re looking forward to working with you again.” Where I would send a print shop an RFQ that might be two, maybe three paragraphs long, she preferred emails that were eight or ten.

I did it hr way, of course, because she was the client, but since I happened to be thinking about it, I’m curious. For those of you who communicate by email for professional or work-related reasons, what are your preferences?

When unicorns go bad: Salesforce and pump-n-dump scams

About six months ago, I noticed a significant uptick in spam email. But not just any spam, oh no. I found myself flooded with stock pump-n-dump spam, in incredible quantities.

What is pump-n-dump?

A pump-n-dump scam is where a scammer buys a large quantity of a cheap stock, then floods the world with hype to drive up the price of the stock. When it starts to rise, the scammer sells all his shares, the stock collapses, and the scam victims lose their investments.

Occasionally, the companies parasitized in this way can go out of business (small companies will sometimes use their own stock as collateral for loans, with the agreement that if the price of the stock drops below a certain point, the loans come due immediately).

And as I collected examples of this spam, I noticed something interesting: all the pump and dump scam spam originated from Salesforce, the $300 billion American tech giant.

American company Salesforce supports stock pump and dump scammers

So what does Salesforce have to do with penny stock scams, and why on earth would Salesforce be supporting pump-n-dump stock scammers? Hang on, let’s go down the rabbit hole.

When I say I’ve been getting stock scam spam in incredible quantities, I mean it. I’ve received 1,794 examples of stock pump-n-dump scam emails between March 17, when I first started collecting them, and October 30. That’s 1,794 scam emails in 227 days, or an average of about eight a day.

Salesforce stock pump and dump spam emails

There are a lot of them. They come from multiple From addresses and claim to be from various “investment” companies, but they all have some characteristics in common:

  • They all originate from IP addresses owned by Salesforce subsidiary Exact Target
  • They all advertise URLs hosted by Salesforce subsidiary Exact Target
  • While they come from different email addresses, they use similar graphics, language, and promote the same sets of stocks

How many different companies do they claim to come from? Lots. Every time I see an example of one of these spam emails, I build a rule in my mail reader app to route future examples to the Salesforce scam spam folder. Between March and October, here’s a list of the From addresses used in these scam emails:

Salesforce stock pump and dump email rules

Each From address will be used to send anywhere from three to twenty or so scam emails before it’s abandoned and the scammers move on to the next.

What does Salesforce make of all this?

On paper, Salesforce/ExactTarget’s spam policies seem good enough. In practice…

In practice, Spamcop has disabled reporting to Salesforce, because Salesforce (a) doesn’t pay any attention to abuse reports and (b) doesn’t follow spam best practices, specifically by not requiring double-opt-in and not honoring remove requests.

Spamcop disables abuse reports to Salesforce for email spam

This isn’t a new problem, either. Spamcop stopped sending abuse reports to Salesforce/ExactTarget at least as far back as 2011, and maybe earlier.

Unsurprisingly, manual emails to Salesforce and ExactTarget abuse addresses do nothing.

So what’s all this about? What does Salesforce gain by assisting stock pump and dump scammers?


Pump and dump scams require broad reach. They are also extremely profitable when they work. So it’s worth spending money to make sure you can reach as many marks as possible; profit varies directly with the number of gullible dupes you can con into buying the hyped stock.

And Salesforce/ExactTarget isn’t cheap:

Salesforce/ExactTarget pricing for spam

Note those prices are (a) billed annually up front and (b) are per organization. So even the cheapest plan is $4,800 out of pocket at the start, and the spammers are using multiple phony organizations in their spam.

This is, I’ll warrant, a nontrivial source of Salesforce revenue.

So Salesforce has a positive financial incentive to aid and abet these scammers, and thousands of folding, spendable reasons to disregard abuse reports.