Spam: How to Make Things Worse

  By Shamus   Dec 12, 2006   14 comments

Some Sysadmins evidently have spam filters in place that let you know if your email was eaten by their spam filter. It does this by replying to the suspected spam. I can see the reasoning here. If the filter eats an email I’ve sent to their system, the filter lets me know so that I can pick up the phone or otherwise make another attempt to reach the intended party. This seems like a helpful thing thing to do, until you come out of your stupor and realize spammers usually don’t use a valid return address. If a message is suspected of being spam, then the odds of the return address being vaild are astronomical.

The result of this idiocy is that if a spammer uses a real adress of some unrelated third-party (say, for example, mine) then the target’s filter will, in turn, send a whole bunch of “Your email could not be delivered” crap to this third party. Some are even stupid enough to include the text of the original spam, thus helping the spammer by propigating their spam even further. To me.

What would happen if I installed a similar filter on my end? When I got hit with one of these “warnings”, would my filter would turn around and send the warning right back at the original target? Would the two mail servers then begin an eternal game of ping-pong with the message?

I bring this up because the number of warnings outnumber the actual spams in my inbox this morning. One or more spammers is using [random]@shamusyoung.com as their originating address, and so my inbox has over a thousand of these “Your email was intercepted by our junk mail filter” warnings. These filters should at the very least have some sort of breaking point where they realize, “Hey, I’ve eaten a dozen messages from this guy. Maybe he is, in fact, a spammer, and maybe I should stop notifying him that his stuff isn’t getting through.” These filters should never, ever, blindly reply to hundreds of random emails comming from the same address.

I am reminded of a passage from Cryptonomicon:

The noise detonates car alarms down in the hotel’s lot.The noise of one alarm triggers others, and so on. It is not the noise that keeps Randy awake so much as the insane stupidity of this chain reaction. It is an object lesson: the kind of nightmarish, snowballing technological fuck-up that keeps hackers awake at night even when they can’t hear the results.

Yes. That is exactly why this bugs me. It is not the volume of mail that irritates me, but the pointlessness and stupidity of the chain reaction.

UPDATE: I was just emailed a link to this post. Looks like I’m not the only one with this problem.

1414 comments. (Fourteen is the sum of the first three squares.)


  1. Back when we had an earlier version of our email system, folks would routinely set up a Vcataion Rule (“I am out of the office,” etc), then they’d send themselves a test and walk out the door. You can imagine the triggering then.

    But yes, “Your mail could not be delivered” messages are piling up in my email as well. Email is well and truly broken.

  2. bkw says:

    Spam is fun and exciting. On my personal server (hosting a few domains for a few friends), in the last 962.358 days I’ve gotten 565.6 emails per day. 82.9% of them are caught by the filter as spam. I still get around 7-10 in my inbox per day (usually one line of spam with the text from four chapters of Tom Sawyer appended).

    What’s depressing is that e-mail really isn’t fixable. The only way you can kill it is to make it unprofitable, but the only way to do /that/ is to make sending e-mails (or procuring the infrastructure) so expensive that it also prices it out of the reach of Ordinary Folks.

    Email is absolutely horrible. But I honestly don’t know what could possibly be an alternative.

  3. Rich says:

    Neal Stephenson is great. Recently finished the Baroque Cycle. His is the kind of writing that makes me feel sad when I finish it, because I want to read more.

  4. *** Dave says:

    One way to cut down on the mail delivery failure notifications is to blackhole anything to your domain that’s not defined (i.e., you’ll never see anything sent to, or bounced from, [random]@shamusyoung.com, only the stuff that goes to defined e-mail addresses). Most mail systems will let you do that.

    Of course, if you make use of the ability to receive and route such stuff (to allow you to put “comcast-signup@mydomain.com” as a one-off address to see if it shows up on any other mailing lists … you’re back where you started.

    E-mail isn’t “broken” — it’s just something that needs to be managed.

  5. David V.S. says:

    At the community college where I teach math we have this problem with faculty setting their e-mail to do vacation messages during break. There are plenty of cases where a never-ending loop is established between the automatic spam-sender and the faculty account’s vacation message-sender.

  6. Shamus says:

    ***Dave: Sadly, this is exactly what I’ve been doing.

  7. Ermel says:

    Yo ask, “What would happen if I installed a similar filter on my end? When I got hit with one of these “warnings”, would my filter would turn around and send the warning right back at the original target? Would the two mail servers then begin an eternal game of ping-pong with the message?”

    Indeed they would. We set up such a thing, locally, between two machines in office one day a long time ago. We managed to turn those computers off before the mail server barfed. Just barely.

  8. Lil'German says:

    Well, most email-progs do have a treshold above which no “ping-Pong” posting is tollerated… when it answered 20 times (give or take some numbers) to the same message it simply ignores any further copy of THAT message. So neither the vacation rule nor the multiple mailer-demon-notifications ever should flood infinitely. Not that any finitely flooding would be amusing to the receiving end…

    And to the “random’at’yourpage.url” adresses… why do you even bother to maintain a “catchall” function with your mails? Anyone really interested in contacting you or authorized to use a mail-adress will have a “nonrandom” adress and all the spammers that are just guessing will run into the void and bother NOONE when you simply turn the darned thing off… or beg your provider to do, if you don’t have direct control above the mailboxes… that should have reduced the spam coming in over MY homepages by 70 percent or such…

  9. Shamus says:

    I started doing the various addresses years ago, so that when I sign up for a forum or whatever I can see how well they handle my email. So, a week later when I get a gamespot@mydomain.com email I’ll know that gamespot are the ones who screwed up. This has actually happened a few times.

    I started this years ago, and it wasn’t until this site began to get really popular that it became a problem. Now I’ve signed up for a hundred sites using this method, so if I disable the catchall (which is easy) then I’ll be locked out of my old accounts.

  10. Steve C says:

    I have strong feelings against spam, but the truth is it’s a social problem rather than a technical problem. In other words, the only way the problem will be solved is if the spammers (the humans) are stopped rather than simply filtering out their activities. The better the filters that are created, the better the spammers will become at avoiding those filters. Spammers are trying to outsmart people who programmed that filter that filled your inbox after all.

    What annoys me most about spam is that it would be easy to track down spammers if law enforcement bothered. All they would need to do is follow the money. ie: Officer buys a spam product on credit card, then tracks it back who accepts that cash. Computer equipment seized and society is protected. (And contrary to popular belief most spam originates in North America, it’s just routed through the rest of the world.)

  11. Just another commenter says:

    Tracking spam via the end of the money trail is going to be a little more difficult than that. All you have to do the shut down your competition would be to send spam linked to their site. Or it could be an unscrupulous sales rep, once again leaving the end sales company innocent.

    I have heard of a neat idea called (if memory serves) the Black Stamp program. (maybe this is a variant on that concept) The idea is that you charge the sender for each e-mail. “Yet another way of discriminating against the poor!” I hear you cry, but that is not the case. You have each e-mail cost (say) 1 cent. Half of the cent goes to the recipient, and the remainder goes to internet maintenance and administrative costs.

    Sure, it would cost $100,000 to send out a million e-mails, but most legit companies who send e-mails with that kind of bulk also send out mass snail-mailings, at a much greater expense. As for the rest of us, I don’t send enough e-mails for this to have a real economic impact.

    And the recipients? I wouldn’t mind spam so much if I were getting a dollar for ever 200 messages I can bulk delete. But somehow I don’t think I would be getting quite as many spams.

  12. Miral says:

    What about people running mailing lists for open-source (or free-as-in-beer) software and the like? I bet the Linux kernel mailing list easily sends a million messages per day, for example.

  13. Varil says:

    On the topic of spam, I just randomly felt like showing this hellish mess of a forum. There are topics with like 20000 pages of spambots “talking” to each other, basically.

    …which in itself may be another sort of recursive loop. “HEY! This thread got me a reply. I’ll spam this forum again!” said 400 spambots.

    http://www.oangband.com/forum/viewforum.php?f=1&sid=faa4166bd7cb0383b977b911a182165d

  14. NBSRDan says:

    Not only does replying to spam messages likely punish a third party, but if the spammer is for some odd reason using the real return address, then replying will tell the spammer “you have reached a valid address- spam it vigorously and a message will eventually get through to a human being.”

Leave a Reply

Comments are moderated and may not be posted immediately. Required fields are marked *

*
*

Thanks for joining the discussion. Be nice, don't post angry, and enjoy yourself. This is supposed to be fun.

You can enclose spoilers in <strike> tags like so:
<strike>Darth Vader is Luke's father!</strike>

You can make things italics like this:
Can you imagine having Darth Vader as your <i>father</i>?

You can make things bold like this:
I'm <b>very</b> glad Darth Vader isn't my father.

You can make links like this:
I'm reading about <a href="http://en.wikipedia.org/wiki/Darth_Vader">Darth Vader</a> on Wikipedia!