At 11:05 AM -0700 3/10/03, Vernon Schryver wrote:
(but certainly not all) spammers care very much about receiving
"bounces" and "removes." Many spammers honestly think that letting
their targets opt-out is the right thing to do. That's why you often
seen pleas in spam that you not ask ISPs to cancel "remove" drop-boxes.
Alternatively they are lying through their teeth.
What I do know is that my bounce rate is doubling every year. My
correspondence with some ISPs indicates that theirs is also
drastically increasing. I can get numbers from one if you like.
So, we know the number of messages sent to never-existent and
non-existent accounts is increasing. This could of course, just be
an indication that the number of spammers is increasing. (Note,
that's number of spammers, not amount of spam. If you are correct,
then old spammers would stop targeting addresses after bounces.)
As I've mentioned before, somewhere.com is a weird case. But if I
look at the top 30% of my bouncers by IP address, they seem pretty
stable. That is the amount of bounces they are sending doesn't
change much over time. But that could be different spammers using
the same IPs (and some aren't spammers, just idiots--if anyone has a
contact at dvr1.suomen4g.fi please let me know--half a million
bounces is ridiculous).
Other spammers know that their target lists tend to fill with garbage
as addresses are abandoned and as target address harvesting mechanisms
get confused (e.g. by message-IDs). They know that some major ISPs
by rumor including AOL automatically blacklist STMP clients by IP
address after too many bad target addresses. This provides a strong
incentive for spammers to clean their target lists. To do that, they
need drop-boxes get delivery failure notifications.
So long as their is a plentiful list of open relays, open proxies,
and spam friendly relays, why bother with the hassle of setting up a
drop box that will be closed in just a few hours? The number of
bounces you'll get before it's closed is a tiny portion of the total.
On top of it. We've heard from many people (and again, I've gotten
this direct from ISPs) that blocking by IP address based on bounces
does not have a significant impact on spam delivery--there are too
many senders.
Finally. I know for a fact that many major commercial mailers
consider cleaning their lists too much of a hassle. If they don't
bother, why would the spammers?
Why do you think Yahoo or Hotmail (I've forgotten which) has deployed
mechanisms to prevent robots from creating free drop boxes? Who do
you think might needs to create so many free drop boxes that they'd
use software?
Because you aren't completely wrong. BCC spam is definitely on the
rise, especially with the Spanish Prisoner scams (give the Nigerian's
a break, that's what it originally was). In fact any significantly
illegal scam needs an electronic drop box. But they also need a much
smaller response rate, so they can afford to get just a few responses
before they are shut down.
But the fact that this is on the rise does not necessarily mean that
the percentage of forged from addresses (and I mean "forged" as in
never existed, or belonged to someone else) is significantly dropping.
--
Kee Hinckley
http://www.puremessaging.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg