| |
I hate spam. Absolutely loathe it. Of spam I am no fan. No fan, I am,
of spam. But I shouldn't make a Dr. Seuss poem out of it, because it's really
not funny. I get about 300-400 spam e-mails a day.
Therefore I am proposing the following measure that I would like to see all
mail administrators and operators of mail servers implement immediately. The way
mail servers are currently set up, when a person (or spammer, for whom the title
"person" doesn't really fit) sends an e-mail to an e-mail account that doesn't exist,
the mail server will bounce the e-mail back to the sender, saying something along the
lines of "this e-mail address is invalid." This process can (and is) automated, so that
a spammer can automatically track which e-mail addresses on his/her e-mail list are
valid and which are invalid, and prune the invalid ones automatically. This is crucial
information for the spammer because otherwise he/she would be very inefficient, sending
out tons of spam and not knowing even what percentage of that spam is arriving
at a valid e-mail address.
Now it's true that individuals who receive spam can block
individual spammer e-mail addresses. But this is time consuming, and most people won't take
the time to do this, and more importantly, there are too many spammers and the
spammers are always changing their "send from" addresses, so this can never be truly
effective, and spammers know this. Spammers count on their being xx% of their e-mails being
blocked, and I think the actual number is low. It's also true that the spam filters have
been getting better, and so they can count on maybe 85-90% of their e-mails going into the
"spam" folder of the recipient, which is very different from being outright "blocked" and
automatically deleted upon receipt. Why? Because the spam filters are not perfect (that's
a very important detail), and so people like myself must manually peruse every message
in our "spam" folders to detect the rare (but frequent enough) occurrence of an important
message getting marked as spam. To the spammer, this means that people are still reading
the "from" and "subject" lines of his/her spam e-mail, and out of all those that read it,
a small but important, foolish minority will actually click on the spam, and a still smaller
but even more foolish minority will actually act on the spam e-mail and end up putting
"clicks" (and money) in the spammer's coffers. Spammers know these ratios and know they can
count on getting XX dollars or XX clicks for every 1000-10000 e-mails they send out.
Now here's where it gets fun. The spammer's system only works if they know how many valid
e-mails they're reaching. They know how much money they'll make after spamming xxxxx valid
e-mail accounts. But what if they didn't know whether or not the e-mail addresses on their
list were valid? Then they'd be pretty screwed. Now, I know that what I'm asking is a lot to
some people: what I'm asking is that we no longer notify anyone of bounced e-mails. But
that's fine. Think about it: If you send an e-mail to somebody, and that e-mail or that somebody
is important, then after a few days you'll send another e-mail and eventually either call them
or get their new info by doing a search, etc. You can do that because you know the
person or company and that particular person or company is very important to you. Spammers,
on the other hand, cannot do this. They don't know the people they're spamming, and there are
too many addressees for the spammer to personally contact them all. I think that giving up
"bounced e-mail notification" is a small price to pay to stop, or put a significant dent in,
spammer activity.
How would eliminating bounce notification help the spamming problem? There are several ways:
Spammers wont have the critical information they need. Without knowing whether the e-mails
they are spamming are valid or invalid, they don't know what their ROI (return on investment) is.
Now granted, their investment is time rather than money, but time is not an infinite quantity, and
they don't have time to spam the whole world. It does take time for them to send out a
million spams. It's not at all an "instantaneous" process. - We could actively work against the spammers! If spammers don't know which of their
e-mail addresses are valid or invalid, we could purposely start posting invalid e-mail
addresses on the Web for their Web crawlers to harvest. Today, if we do that, then when they
send the spam to the fake address, it bounces and they remove it from their list. But if they
didn't get the bounce, then they just wouldn't know. Perhaps we could fill their lists with
so much junk that the spamming process would become so inefficient that it just wouldn't be
worth their time. Now, only site owners (owners of a Web domain) should make and post the
fake e-mails because as an average user of say, Yahoo e-mail, you don't know which names are valid
and which aren't. But if you own your own Web site and domain, then you certainly know which
e-mail addresses are valid on your domain, and you can easily make up an unlimited number of fake
ones and post them.
Well, that's my idea on how to combat spam. Let me know what you think. I hope that those of
you who administer e-mail accounts and servers will agree with me and turn off the bounce
notification. It's time.
|
 |
|
