Should I let email bounce or send it to a blackhole

I have a lot of unused (old, dead) accounts on my machine. Many of them receive literally thousands of emails a day, all spam.

If the account was used by a person, I let the email bounce so that anyone trying to contact them knows something is wrong. However I'm not sure what to do about the hundreds of accounts that were used for other purposes, such as throw-away accounts I used to use for websites that asked for my email address, or address that I used to list on web pages.

Option 1:
Forward all mail to these accounts to /dev/null. The sender doesn't receive a bounce.

Option 2:
Let the email bounce.

The benefit of sending the email to /dev/null is that a spammer can't use me to generate bounce messages (Backscatter spam). i.e.: forge the "from" line to be someone they don't like, then use me to send tons of bounce messages to that person.

The benefit of bouncing them is that it is less maintenance for me. I can just delete the item from my aliases file and the email will bounce. Also, I keep discovering new spam traps and adding them to my "spam black hole" list, which is a waste of time.

What are the pros and cons of each approach?

Best Answer

As long as you bounce the mail by refusing to receive it in the first place, then a spammer cannot use you to annoy somebody innocent with a lot of bounces.

You can either return an error on the RCPT TO command, which is what usually happens in case of a non-existent address, or you can return success on the RCPT TO command but return an error at the end of DATA.

In both cases, the end result will be the same. Your mail server took no responsibility for the mail, and the sending mail server is now responsible for bouncing it. In case of spam, it means the spammer will have to generate bounces. (And if that's what they wanted to do, they could have done so without even trying to deliver the mail to you in the first place.)

I see no problem in this approach.

I do however see a problem in accepting the mail. I.e. if your mail server responds with success all the way through the transaction including at the end of DATA, then it becomes the responsibility of your mail server to deliver the mail. This is a problem, because you have no proper way out.

Silently dropping the mail is a problem, because if any legitimate mail was sent, the sender can never know that it wasn't delivered.
Sending bounces from your mail server is a problem, because in that case spam bounces to some innocent person's mailbox instead of back to the spammer.

There may be cases where distribution of the email-address in the first place was so limited, that you know there couldn't be any legitimate mail send to the address. In those cases it makes little difference if you reject the RCPT TO command or if you accept the mail and silently drop it. But I cannot come up with a situation in which silently dropping the mail is better than rejecting it during the SMTP transaction.

Best Answer

Related Solutions

Bounce backs from web-generated e-mails are missing

How to attract more Spammers hitting the Spam traps

Related Topic