I know that opening spam only encourages the spammer to spam me some more. I use Thunderbird as my mail client. If I retrieve my mail from my ISP provider this way, is it the same as opening the email and, thus, encouraging spammers to continue to spam me?
Unless there is some embedded javascript/activex/flash or another asynchronous-capable technology, the only way they can tell you were looking at the e-mail is if they embed an image and it loads while you are pre/viewing it. This could be a one pixel transparent gif. I doubt there are any mail clients that don’t allow you to disable the rendering of rasters so look for that setting in whatever your using (Thunderbird most certainly does). Simply retrieving e-mail from your ISP does not alert spammers.
I found a setting in Thunderbird that says “Block loading of remote images in mail messages”.
Will this block spammers from finding out I’ve opened their messages?
Yes, it will do what you want.
A related question: Why don’t ISPs have some way of vetting senders’ e-mail addresses? I know this would do no good against ‘hijacked’ e-mail addresses, but it would cut down the amount of spam by automatically deleting spam with an invalid return address before the message is delivered.
They do. Any e-mail sent to a hotmail address must follow the Sender ID spec and Yahoo! and Gmail both use Yahoo!'s DomainKeys. Read a couple branches off of Wikipedia’s e-mail authentication to learn more than you wanted to know on these…
Why haven’t various forms of authentication gotten rid of spam? No matter what you do e-mail is such that pretty much every server needs to accept mail from every other server. These technologies mainly stop people from spoofing addresses, i think. They all use statistical filtering and I know that Microsoft, AOL, and Yahoo! all use blacklists. In my experience with Gmail (whose spam filtering is totally on point) they weight e-mails by, among other things, the ways users interact with them (e.g., if you are constantly marking an e-mail address as spam, but 10,000 other users don’t, then they won’t label it as spam). I’m sure the other services do this but it seems less pronounced to me.
As more ISP’s go to SMTP servers that require authentication, those that permit spamming from spoofed addys become harder to find and less efficient due to increased traffic. Between this type of front-end improvement and the client-side filters, things seem to be getting better, even if only incrementally.