Mass unsubscribe

Reply
Highlighted
L1 Bithead

Mass unsubscribe

I work for an email marketing company.  We have a sender who sent out 3 separate emails blast to over 1 million contacts.   They had a very high unsubscribe rate.  After our engineering team looked at the logs, we see that all the unsubscribes happened seconds apart but were all different domains.  We noticed that they were coming from these IP's

74.217.90.250 and 10.4.34.203.  After looking up I see that 74.217.90.250 is pointing to Palo Alto Networks.  My question to you is, would your system do a mass unsubscribe if a scan picked up a url in an email as malware?  Thank you.

    

    

Highlighted
L5 Sessionator

Re: Mass unsubscribe

This is possible if your firewall is performing Wildfire inspection of email links.  

 

https://live.paloaltonetworks.com/t5/Threat-Vulnerability-Articles/How-does-WildFire-handle-links-wi...

 

If the Wildfire Cloud receives e-mail links for analysis it will reach out and attempt to analyze the link and the content presented by cicking that link.

Highlighted
L1 Bithead

Re: Mass unsubscribe

Hello,

Would you be able to lookup URLs containing verticalresponse.com, vresp.com, vrmailer3.com to see if they've listed VerticalResponse as a company hosting malicious/phishing content? Or is there a PAN site we can go to and lookup URLs ourselves?  We want to make sure our urls are not blacklisted. 

Highlighted
L5 Sessionator

Re: Mass unsubscribe

You can test URL categorization at the following site/link:

 

https://urlfiltering.paloaltonetworks.com/

Highlighted
L1 Bithead

Re: Mass unsubscribe

Thank you,

 

So I have added both our URL and the sender who is having the mass global unsubscribe issue and I do not see their site or our site being listed with any issues.  I am still at a loss how our customer who sent an email to 1million contacts had over 30k unsubscribe from different domains all around the same time?

Highlighted
L5 Sessionator

Re: Mass unsubscribe

Wildfire can perform e-mail link following for analysis purposes if the firewall is configured to detect e-mail links within SMTP sessions.  If there was an e-mail campaign and Wildfire picked up the links within these e-mails for analysis it may have followed those links (clicked them) thereby resulting in unsubscription.  Without additional data I am only speculating at this point.

Highlighted
L1 Bithead

Re: Mass unsubscribe

What additional information can I provide you with to help figure out this issue?  Would you be able to tell me if you have blacklisted this URL? http://cts.vresp.com this is part of our unsubscribe link and we are seeing it associated with PAN in our log files.  

Highlighted
L5 Sessionator

Re: Mass unsubscribe

We have not blacklisted cts.vresp.com.

 

cts.vresp.com
Business and Economy
Marketing, management, economics, and sites relating to entrepreneurship or running a business.
www.bothsidesofthetable.com/ , www.ogilvy.com , www.geisheker.com/ , www.imageworksstudio.com/ , www.linearcreative.com/

Includes advertising and marketing firms. Should not include corporate websites as they should be categorized with their technology. Also shipping sites, such as fedex.com and ups.com.

 

I suggest opening a support case with our TAC for deeper analysis of your issue.

 

Kind regards.

Highlighted
L6 Presenter

Re: Mass unsubscribe

The problem may not be that it could have been blacklisted, but instead, it hasn't been whitelisted.

It's possible the Palo Alto Networks firewall is extracting the elink and following it to test whether it's a safe link.

The sole fact that it's following the link to test it is causing the unsubs. You should look into whitelisting the domain so that the firewalls' won't automatically follow your unsubs links. You can explore this option with Support.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!