Re: Bouncing Seems to Work

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Quoted text here. Click to load it

There are two separate arguments here.

1) Does bouncing reduce the spam you receive ?

All I'm saying is that on my limited trial so far, it appears to do so. I've
checked the spam tracking sites mentioned above and my own reduction seems
much greater than the general trend; again, I realise that this trial of
mine is only a limited one but the results so far would make me at least
question the conventional wisdom that bouncing has little or no impact.

2) Is bouncing a responsible way of dealing with it?

Previously, I would have been inclined to say yes but to be honest, I hadn't
really given it a great lot of thought as I believed the 'responsible'
argument was irrelevent if bouncing didn't work anyway. Now that it *seems*
to work, I have to think more deeply about the 'responsible' part.

I take on board the points that are made above, like everyone here, I hate
spam/junk mail with a passsion and the last thing I want to do is add to the
problem by pushing that mail out to innocent people. The only argument I
could perhaps use is that if somone else's email address has been hijacked
my a spammer, then that's their problem, not mine and getting email bounced
back to them might at least get them to pay attention to the fact that it
has been hijacked. That sounds selfish but isn't meant to be.

BTW, I have read here before about people setting up their mailserver to
reject certain types of email. What is the difference? In this case does the
email not get returned and just disappear into cyberspace?

Re: Bouncing Seems to Work

OldWiseMan wrote:

Quoted text here. Click to load it

You are forgetting that spammers *routinely* use one of their victim's
addresses to send a batch of spam. They use an address right out of
the list to mark their place in the list. The owner of that address is
an even bigger victim, and does not deserve further bounces from you,
in addition to all those s/he is going to get from all the bad
addresses in the spammer's list.

The hijacked person you mention is NOT at fault.

Be kind. Don't bounce.

    -This space intentionally left blank.

Re: Bouncing Seems to Work

On Thu, 10 Mar 2005 17:29:23 -0500, "Beauregard T. Shagnasty"

Quoted text here. Click to load it


Paranoia comes from experience - and is not necessarily a bad thing.
My        email         is          AT         DOT
   actual       address    pchuck       sonic      net.

Re: Bouncing Seems to Work

Quoted text here. Click to load it

Have you actually tracked to whom you are sending all those bogus NDRs?
Did you review the headers in them to see if the sending mail server or
relay even matches the domain of the purported sender?  How many
casualties have there been using this approach (i.e., how many innocents
get hit with your bogus NDRs)?

You say that YOUR level of received spam has increased.  Whether this be
from a reduction in general spam quotas, a reduction on spam hitting
your particular e-mail domain, or something else is unknown.  You don't
know if ANY of your bogus NDRs ever targeted the real sender of a spam.

Quoted text here. Click to load it

Vanguard here.

If you feel compelled to continue issuing bogus NDRs, you'll need a
different product than Mailwasher.  For example, those spams you receive
that have an IP address assigned to a dial-up or cable/dsl user are
probably from folks who are infected with a mailer daemon (i.e., they
have a trojanized PC).  Sending a bogus NDR won't help because: (1) They
won't know why they got the NDR for an e-mail they don't know they sent;
and, (2) The mailer daemon sends crap but it doesn't listen for inbound
NDRs.  SpamPal offers a MXblocking plug-in that detects e-mail
originating from dynamically assigned IP addresses but it is a passive
spam filtering product (so it can tag the spam mails but doesn't go
blasting out bogus NDRs in response to them).

No one can do anything about their e-mail address getting hijacked.
After all, how are you going to stop someone on the street saying that
they are you?  You are using Outlook Express.  Go look in your e-mail
account definition(s).  See, even you can enter anything you want in the
From and E-mail fields so you can pretend to be anyone that you want to
be.  The From, To, Cc, Subject, Reply-To header are all part of the
*data* that he sender composes.  They are NOT added by the mail server.
That means the sender can specify any value they want in those fields.

Post your replies to the newsgroup.  Share with others.
E-mail reply: Remove "NIXTHIS" and add "#VS811" to Subject.

Re: Bouncing Seems to Work

OldWiseMan wrote:
Quoted text here. Click to load it

And what can the innocent person do if they find out that a spammer is
faking their email address in spam?

I have often been victimized in this way.  There was a time when I would
use the information in the bounced spam to identify the real source of
the spam and to complain to the host:  but some hosts just don't care
(e.g. many in Brazil); and for those that do care, the spammer just
changes their domain name and host ... and often continues to use my
faked email addresses in future spam.  In one case the spammer switched
domain names and hosts four times, continuing to use my faked email
address for each name and host.

In the end it was just costing me too much time, and was ultimately
futile, so I gave up, then added filters to trash email being bounced to me.

Re: Bouncing Seems to Work

Quoted text here. Click to load it

Totally a perception. Bouncing in no way reduces spam. As a postmaster for
my company I can assure you that most addresses are forged and those that
aren't have been harvested by a virus or web site.

Quoted text here. Click to load it

My boss had her email address used by a spammer (she's not dumb and doesn't
readily give out her address). This resulted in literally thousands of
bounced email messages a day. It lasted for about 3 weeks until the spammer
switched to another address. It's real simply don't bounce spam. There is
enough of it going around without you adding to the problem.

Re: Bouncing Seems to Work

Quoted text here. Click to load it

I think one has to distinguish.

It's good to "bounce" spam mails rejecting them *within* the SMTP
dialog. This does no harm to anybody (at least if you have not directed
a forwarding service to your address).

It's VERY bad to accept them first and to reply then by a (real or
faked) non-delivery report (NDR) because this normally hits innocent

A domain of mine last week has got about 9,500 NDRs a day - quite a lot
of them result of clueless postmasters who *think* that they have found
the definitive solution to the spam problem.

So my advice: Do not send non-delivery report (or "faked bounces") as
reply to spam mails.


Gute Programmierer kommentieren und dokumentieren ihr Programm und dessen
Quellcode nicht. Das Programm war schwer zu implementieren - es soll auch
schwer zu verstehen sein.           (zitiert nach Oliver Schönwald, 2001)

Site Timeline