Monday, August 31, 2009

Why I Don't "Bounce" Spam Emails

Some spam processors, MailWasher is an example, allow one to "Bounce" spam email back to the source.

I think the idea is to make the originator think that the purchased email address is poorly constructed (somewhat akin to the drug user finding that 30% of the white powder is talcum powder), and remove the email address from the list.

Whether the laundering takes place or not is unknown to us, but let us suppose that it is done.

The spam operates in the millions of addresses, so anything that can be done to increase the effectiveness is a Good Thing for the spammer.

Reducing the proportion of fake email addresses would therefore be a profitable exercise (given the millions of email addresses being processed), and if *I* were spamming people, I'd write an automated task to remove bounced emails from my mailing list.

But I'm smart, smart enough to know about spam filters (such as MailWasher) that bounce spam, so *I* would write an extra piece of code that compares the date-time I receive the bounce to the date-time I issued the spam.

If the difference is a matter of a couple of minutes, then the bounce might be a real bounce, and the email address might be a real fake (I love typing that!).

But if the difference is greater than two minutes, then chances are strong that a Real Live Human Being caused the bounce (e.g. because *I* emitted the email at midnight, but the bounce didn't take place until you sat down at 8 a.m. with your coffee), and so I should NOT purge the address; instead I should mark it as a prime "live" candidate, who sees my email and responds with an action.

If laundering via bounce does NOT take place, then bouncing is a pointless exercise.

If laundering via bounce DOES take place, then bouncing is a pointless exercise, because any spammer worth his/her/its salt is probably going to include a simple "lag time" test in the filtering code and ignore my bounce anyways.

(I am purposely ignoring the cost of bandwidth in bouncing emails)

No comments: