Four strikes and you’re out

I have a “four strikes and you’re out” policy on spammers. That is, I have a process which watches my mail logs, and if a host sends four messages to invalid recipients at my domains, they get added to my firewall deny list. What amazes me is that this cuts my inbound mail from about 30 messages per minute to about 5 or 6 messages per minute. So not only is the overwhelming of all my inbound email traffic spammy, but 80 or 90+ percent of it is to completely invalid addresses.

Long ago, there seemed to be a lot of people selling lists of valid email addresses that you could send your junk to. Now, it seems sufficient to just make up addresses, in the hopes that a few in a thousand might actually work.

Can you imagine how much faster your network connection would be if there weren’t *millions* of pieces of worthless email travelling to completely bogus email addresses per second? And, of course, the return traffic of that message being rejected.

I know, I rant about spam all the time. It just makes me very angry that people are getting away with this, and that many of them seem to think that it’s a perfectly legitimate business practice.

Yesterday, at a customer site, I removed 572 items of spyware, adware, viruses, and other malicious code from a desktop machine. While it’s likely that some of these things were installed intentionally, most of them installed themseves as a side-effect of various pop-up windows, email messages, advertisements, and network-propagated garbage. This, too, is just not right, and should be labelled criminal. But, since there’s absolutely no way to enforce this, let alone regulate it, really the only thing that can be done is to make the operating system a little less open-arms-welcoming about what kind of garbage it is willing to install without out so much as a “if you please.”

Meanwhile, as I’ve been writing this, my mail server has rejected more than 50 messages that were identified as spam, as well as blocking more than 400 messages that were destined to completely invalid addresses.