Magnus Holmgren wrote: > Spammers need to clean their address lists once in a while, lest they > end up with a very low proportion of valid addresses, right?
No, they don't have to clean it. Let's face it.. spammers are currently making extensive use of dictionary attacks to add more addresses to their lists. Therefore you must conclude they do not care about wasted bandwidth on failed delivery attempts. Since we know spammers don't care about wasting time with failed delivery, what motiviation would they have to clean their lists? > Question: Is there any knowledge as to how spammers deal with different > kinds of failure? As far as I can tell, they ignore failures completely. Old accounts from over 7 years ago are still generating dozens of failures on spam every day. For that matter, a few legitimate commercial mailing lists ignore failures too. I've got several accounts for users that haven't been undeliverable for multiple years that are still getting attempts to deliver subscription commercial mail. Most commercial outfits care about bandwidth, so few fall in this category except by accident. Does it matter if I reject the RCPT command or the > MAIL command, or even drop the connection right away (e.g. if the remote > host is found in SBL)? Does it matter if the remote host is a zombie or > owned (not pwn3d) by the spammer? AFAICT, doesn't matter. They'll still keep trying that address forever. > Most spammers don't treat temporary failures specially, so you might > suspect that they wouldn't care much about exactly what went wrong -- > just whether their message was accepted or not. Nevertheless, I > currently do all rejection before DATA at RCPT, none upon connection, > HELO or MAIL. At least it's the only way not to hinder the food for the > spamtraps (except having all spamtraps in a separate domain with a > separate MX). > > What do you say? >
