What's so bad about bouncing spam?

Today's article is about an anti spam technique known as bouncing and some of the problems inherent in it.

First off a bit of background about what email spam bouncing is. All mail that is sent on the Internet has various fields. Most people are aware of the From: To: and Subject: fields and almost everyone is aware of the CC: (carbon copy) field. A lesser know cousin of the CC: field is the BCC: field (Blind Carbon Copy). This BCC: field is great for sending messages to groups of people without exposing everyone on the list in the To: or CC: fields. Often these emails get into the wrong hands or some how get accessed by viruses and spyware and can be harvested for email addresses. If everyone is hidden in the BCC field then no problem, only one address is compromised.

The field most people don't know about is the Return-Path: field. What this field does is show the return address that the mail server should use in the case of an undeliverable piece of mail. The big problem with this field is three fold.

1. This address is often faked.
2. It can be blank
3. It is almost always not a real mailbox or email address.

In most cases, the fake return address can be anything from a fake made up email address, like fdasfhdjsahfdsja@fdsajfd.com, usually generated by random means, to creative fakes like your OWN email address, or email addresses of friends or people on the same server as you (especially in the cases of small business domains or ISPs).

This kind of bouncing almost always results in an innocent 3rd part receiving the spam if you reject or bounce it and a real email address was the return-path. Best case scenario is it generates a lot of extra network traffic bouncing between fake addresses. In the end you don't get the spam, but someone else may or it loads down the whole Internet costing everyone more response time and eventually more money to pay for better infrastructure.

In the short term, I am sure most of the readers here don't care too much about possible infrastructure problems what with all the porn that is being downloaded on the Internet, so the best course is if you are going to bounce spam you should make up a really random address. I used to send my spam to dev ~ at ~ null ~ dot ~ com and I am sure that the person there wasn't thrilled. I hope by admitting this and publicly apologizing (I am sorry) they won't send out a henchman to break my typing finger). Karma is a bitch and I have had the favor returned by many messages to ~ fake user AT eatspam dot com ~ over the years. This happens when people try to think of clever "geeky" places to send their spam. Now I use fdksjfdlksajfdska@fdsakjfsdlajfdas.com or something like that. The funny thing is that spam robots are harvesting this fake email as you read this and adding it to their email system to spam me.

I will close this installment with a tip. If you sign up for various services on the Internet using a "throw away address" (more on this in my next installment), you can usually tell who is sending you spam and to what address they are using. Let's say you sign up for Alamo rent a car .com and they sell your address to deepthroat.com and you start getting spam at alamo at ~ yourdomain from porn sites... you can do a fun little trick where you bounce the mail to webmaster@deepthroat.com

This is done by forwarding your mail (not using the fake return-path:) via the use of an alias or
forward. Various mail servers have different ways to accomplish this and some can be a bit technical, but it is almost always possible.

This is one of the few situations that I think bouncing spam is not only justified, but fun. The bastards that sold you out will now get their spam mail sent back to their webmaster. If you want to take it a step further, try to find out some "real" addresses of people at the company, possible by calling their company or other techniques. Imagine routing these spams through a system that would call the CEO of the company and read the spam over their home phone number... the technology is there!

Thanks for dropping by and if you like what you see here, please help support this site by posting a link to http://www.eatspam.com/ and subscribing to our RSS feed.

Thanks,

Matthew

The world needs another website like...it needs more spam.

Greetings,

Well I finally got off my butt and decided to start writing about the ever increasing problem of email based spam. The problem got so bad at one point that I was getting 1000-1500 spams per DAY. Almost half a million a year, rain, sleet or snow! They would come pouring in while I slept. When I went to the gym, bam there would be 100 more. Went out to eat, I could count on another 10 minutes of my life wasted reading 73 more when I got back. The worst was when I didn't check email for a long weekend or a mini vacation. OMG, I would have thousands waiting for me.

Needless to say, I got really good at filtering and scanning the messages. I often use techniques like sorting on Subject or Sender and also by Date/Time. Spammers use all kinds of techniques to mask spam they send you. They make up fake names, send from fake dates in the past or future, send from people on the same server or "friends" accounts that may have been hijacked or exploited via address book viruses. Because I had so many email accounts and received so much duplicate spam, I was able to often eliminate large chunks through this simple sorting methodology. Stopping spam became an almost full time job and the more filters and programs I set up to help me, the more likely I would have a false positive (an email that gets incorrectly tagged as spam). As you can imagine, looking through 10,000 emails in my spam box for a "real" message is not practical.

In the coming weeks and months I will talk about various problems facing the world of legitimate email users and various solutions to those problems including lots of effective tips and tricks. In the meantime, please check out the rest of http://www.eatspam.com/ for info, free products and services and news. Please link to me and bookmark this site.

Thanks a lot and I look forward to telling you how I went from 500,000+ spams a year down to about 10 per day.

Matthew

http://www.eatspam.com/