No, just that they don't care. First, most spam is sent via hacked computer relays. No cost to them to send fake emails. Second, email is so cheap they can send to 10 bad addresses for every 1 good one with no loss to profits. Third, many spammers make a good chunk of their money selling addresses. Even junk addresses are fine for that purpose.From: m ike <[EMAIL PROTECTED]> I cannot tell if you are arguing that it is impossible to pollute a spammer's address book by any significant factor. That may be the case. But it would turn the tables, with spammers forever trying to clean up their address lists.
> I can flood your system with spam to thousands of emails to fake email > addresses in the hopes of hitting your real email address... if I use > a zombie net, I can cripple your machine (or mail server) without > really trying. In fact, the more fake addresses you have, the harder > your machine would be hit. > in the end, how would the spammer benefit from this?
For the few that are real addresses that do get through. This is a common technique- guess addresses, see which ones hit.
> Got an estimate as to how big that is, and how long it would take to > do the matching? > I think it is very very feasible to match M = 500 emails per day against N * M * D, where N is the number of fictitious addresses one owns, and D is depth, in days, of the cache.
If you run a small server, sure. If you have a lot of people on your mailserver, this would be nontrivial in terms of resources.
Harder to do. SMTP uses TCP, so you have to get the responses to the sender. Hard to fake IPs if you're not on the same physical trunk and need to hear the response.As you've probably gather, I'm not to hip on these things. But I thought that anything in an email could be spoofed. That is, what prevents a spammer from making it look like the spam came from my IP, which is valid, of course :) :) with the result that my IP gets added to the RBL.
Gabe
-- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
