Spammers generally don’t pay that level of attention to SMTP responses, far 
less fine-tune their address lists and tools. These morons just find a victim 
host or botnet to blast out crap to a bazillion email addresses, not caring if 
any of them work or not or if their spam makes it as far as getting presented 
to a human victim. Then move on to the next victim host/botnet and repeat with 
the same list of a bazillion email addresses. Or an even bigger list. Once the 
spam generating software’s fingerprints eventually get spotted by SpamAssassin 
or whatever, a spammer will just throw that generator away and either tweak it 
a little or get a new one. Repeat.

FWIW I see the same bogus recipient email addresses (which never existed) 
repeatedly showing up in most of the spam attempts which arrive here. Clearly, 
those addresses are being swapped/traded by spammers or I have one very 
persistent spammer who only uses the same addresses over and over again. Either 
way, they don’t care that RCPT TO fails because they’re trying to deliver to 
email addresses that have never existed. If spammers did as you seem to think, 
these addresses would have been deleted from their lists a long time ago. They 

> DISCARD accepts the mail but throws it into /dev/null

True. But it means the spammmer still gets to burn your bandwidth and your CPU 
cycles as they deliver crap to your /dev/null. That does not seem sensible to 
me. YMMV.

Saying "500 This TLD sends spam - get lost” usually kills the SMTP session 
*well before* the DATA part of the handshake. So you don’t receive the spam 
payload. The message doesn’t get to your server. You also get the satisfaction 
of saying something rude back at the scumbag that was sending spam. Which eases 
the blood pressure even if it has no impact on that scumbag.

You’ve made your choices. I’ve made mine. We’re both happy with the ones we 

