You’re just burdening the postal system with this pointless mail (and burdening yourself with the work of writing these notes). Anything other than the expected order forms & checks are discarded by the underpaid serfs that open these envelopes; your notes will never be read by anyone who has authority change the mailing list. (You have 10 years of experience proving this.)
Many junk mailers find it cheaper to just continue mailing to everyone rather than set up a data processing operation to update the mailing list addresses. Especially as it’s often not their own list, just rented for a one-time mailing.
Save yourself some effort by not responding to junk mail. And save the rest of us postal customers from this additional burden on the postal system.
How about challenge-response systems? I used mailblocks for a while and it seemed quite good.
Here’s how it works:
Sign up for service. It automatically places everyone in your address book/contacts in your “white list”. Those people will never notice anything different, their email will be passed right along.
The first time that someone sends email to you from an address not on your whitelist they get an automated response containing a link. The response explains that this is an antispam system and that they have to take a moment to confirm that they are an actual person. Until this action is taken, the email will not be sent to the recipient.
Clicking on the link displays a picture of a short alpha-numeric string (muddled up so that you can see it but a machine would have a very hard time doing so). You type in the string and click OK.
This places you on the recipient’s white list and you’ll never see another response from the system. At this point the original email is sent along to the original recipient
This makes use of the fact that spammers don’t look at their return mail (assuming that it even goes to a valid return address). If the challenge goes unanswered for about two weeks (you can adjust this), the email is discarded and the “spam target” never sees the message.
You don’t hear too much about this approach any more which leads me to think that somebody found a way to spoof it, anyone know for sure?
Challenge-response systems fail because of the Number One Top Unbreakable Rule:
SPAMMERS LIE
In this case, they lie about where their email comes from. They lie congenitally, compulsively, and consistently. A spam email never comes from who it says it comes from.
A challenge-response system only succeeds in jamming the mailboxes of the people whose email addresses spammers have stolen to use as phony ‘From’ addresses with misbegotten challenges. Spammers use challenge-response systems to spam.
What I use is a whitelist approach, where messages from anyone in my address book or anyone I’ve ever sent mail to or received mail from is sent to the inbox. Anything else goes to a quarantine folder, which I review once a day or so. Only rarely do I receive desired email from a stranger, so this works well for me. But it probably wouldn’t work well for someone, like a moderator on this message board, who often receives legitimate email from strangers.
Well sure, but that’s, you know, OTHER people’s mailboxes, not mine
And it still defeats the spammers in the sense that their junk mail does not go to anyone. You’ve got a point about a potential flood of challenges going to some hapless person who had their email addy used as a From field, but if enough folks used the system then the majority of the spam would never be read by anyone, ever. And the challenges can easily be grouped and disposed of (since they all come from XYZ[at]mailblocks[dot]com).
Which is pretty much how challenge-response systems work (the mail from new/unknown folks is just stored elsewhere, not in a folder in your mailbox). You still have to check all those emails on the off-chance that some of them are legit though.
They don’t care. They’re either too stupid to know or they think someone is reading their spams or they aren’t in the spamming business anyway, and they simply want to cause network problems for someone. Joe jobs are still extremely common.
If a system’s worth has to be prefixed with ‘if enough folks used it’, the system is broken and it will never work. Avalanches don’t start on cue, and you will never boil the ocean.
It’s still Unsolicited Bulk Email, thus it is still spam.
The plaintiff in this case was the owner and operator of an ISP. Even with the exponetially magnified pool of potential data for a lawsuit that an ISP can compile, compared to that of an end-user, it takes a looooong time and a lot of work and a lot of legal fees for an ISP to put together a case that is even worth filing, let alone enough of a case to win.
When your address was set up and actually started accepting mail doesn’t matter to a spammer. Chances are that the your address had been used for countless failed spam deliveries when it was but a gleam in your eye. There are many ways that spammers are able to come up with addresses to send their crap to, regardless of the current status or history of each address.
They harvest addresses:
from publically available websites.
from websites that require authentication after registering for a login and password themselves, or just hacking in.
by pilfering the address books of computers infected with malware.
by pilfering the entire file system and cache of computers infected with malware.
by buying lists from someone else who has done the actual work.
by stealing lists from someone else who has done the actual work.
by randomly generating addresses.
by taking previously harvested/pilfered/purchased/stolen/generated e-mail addresses and playing “mix & match” with the usernames and the domains.
No it isn’t. Ever get call after call after call after call from a fax machine, and you can’t tell it to stop calling? Dealing with bouncing e-mail from an address you can’t contact because of challenge-response spam filtering is much like that.
I run a message board, and ban people who use challenge-response email services when they register or change their address. they never add my domain to their whitelist. Their validation messages always bounces back. They always turn on new thread, response and private message notifications, and those always bounce back. When the Web site’s address is added to their whitelist, it never “takes,” and messages start bouncing again after a few weeks.
Think about it - if everyone used challenge-response e-mail, nobody would be getting anything - spam or legitimate messages. Let’s say you send a message to someone who’s not yet on your whitelist, and you’re not on theirs. They won’t see your e-mail, because you’re not in their whitelist; their challenge-response system sends a “click here to validate” message that you won’t be able to read, because the address isn’t in your whitelist.
