Re: Should ISP's send bounceback on mail to non-existent address?

Steve Baker wrote:

> Hmm. But a "spam run" isn't about sending to 5,000 addresses, is it?
> How many Rcpt Tos to real addresses could be done during the 10 second
> delay that a Rcpt To to a bogus address generates?

Just open parallel sessions. Sendmail does not coordinate the
BadRecipientThrottle between different processes.


> Maybe "the spammers" have, in effect, unlimited resources so that it
> doesn't matter? Is that what you're saying?

Pretty much. Spammers have the advantage for two reasons:

1) Ratware is concernted with mass-mailing the same (or an
algorithmically-mutated) message to millions of people. This goal is
quite different from a normal mail server, and therefore different
optimizations can be performed. The result is that unless you do
your throttling at a very low level (eg, in the operating system
network stack), the spammer can make you use up a lot more resources than
you can make him use up.

2) Serious spammers break the law, so they care nothing for taking
over thousands of compromised machines, or stealing credit card
numbers to register fake domains to get around SURBL for a few hours.

> That still isn't quite
> right, though, because zombies get "burned" (listed by CBL, etc.), and
> although the spammers are always using zillions of new ones, they don't
> have enough to prevent the CBL from tagging most of the spam I get as
> being from a zombie.

I use sbl-xbl.spamhaus.org and it catches nowhere near "most" of my spam.
Perhaps there are more aggressive or up-to-date RBLs that I'm not
aware of.

> They wouldn't want to "waste time" using a zombie
> to try to send to invalid addresses, they'd want to have a clean list
> and try to get the spam out before the zombie of the hour made it to
> the blocklists.

Perhaps, but that's not my experience. Empirical evidence (see the
BNR.CA story on another branch of the thread) seems to point to spammers
not caring much about clean lists. I bet that it's cheaper to send out
spam to 100 invalid addresses than to actually clean your list to find
the 1 in 100 that's valid.

Regards,

David.

.

Relevant Pages

  • Re: OT: GMail and Spam
    ... > for legitimate users and yet will impose serious burdens on spammers. ... > (There are so many zombie machines out there that they can easily pick ... paid for some spammer's spam, and for your own lack of security. ... Which reduces their profitability and therefore the amount ...
    (sci.space.shuttle)
  • Re: OT: GMail and Spam
    ... > for legitimate users and yet will impose serious burdens on spammers. ... > (There are so many zombie machines out there that they can easily pick ... paid for some spammer's spam, and for your own lack of security. ... Which reduces their profitability and therefore the amount ...
    (sci.space.history)
  • Re: OT: GMail and Spam
    ... > for legitimate users and yet will impose serious burdens on spammers. ... > (There are so many zombie machines out there that they can easily pick ... paid for some spammer's spam, and for your own lack of security. ... Which reduces their profitability and therefore the amount ...
    (sci.space.policy)
  • Re: increase in spam and what to do about it
    ... running through an ISP's mail servers, the spam wasn't as bad and even ... ISP's who really have no problem with spammers. ... ability to zombie a box has got to be eliminated/reduced as well. ...
    (comp.os.vms)
  • Re: increase in spam and what to do about it
    ... because your potential customer is using an ISP that happens to get ... As fast as you can come up with a trechnical solution the spammers will ... doesn't stop spam but is very likely to make the innocent pay for it. ... organization, ie. ISP - include hefty fines in your customer contract, ...
    (comp.os.vms)