Don't use MailWasher's Bounce Facility


[email protected] is a spamtrap; the address appears ONLY on this webpage, so when mail to that address appears, the sender is known to be a spammer.

Bouncing mails is a bad idea and is becoming widely frowned upon these days, because the bounce often goes to the wrong place. Hence MailWasher's facility to bounce mails deliberately is a particularly bad concept.

Consider the categories of mail you're likely to bounce:

  1. Spam from all-out scumbag spammers peddling dodgy drugs etc., who forge return addresses and abuse other people's insecure mail servers in order to hide the true origin of the email. This category of spam is probably the largest these days. If you bounce this type of mail, you'll just annoy another innocent victim of the spammer whose email address was forged by the spammer.
  2. Spam from so-called "mainsleaze" spammers, who don't try to hide the origin of their mail. If you bounce their mail, they'll get the bounce but they won't necessarily remove you from their list anyway. It's in their interests to have as wide a circulation as possible - it attracts advertisers - so even if they know an address is undeliverable they may still keep it on their list. Another reason they might not remove your address is that they may think the bounce is due to a temporary problem (running a list the size of MCIVTA, I can see why they would think this sometimes) and so they keep your address on the list in case the problem goes away. If you know the company that is mailing you, the best bet for getting off the list is probably just to follow the unsubscribe option that they usually have. Don't do this if you've never heard of the company though - you may just be verifying that your address is "live".
  3. Viruses. Some of these have real sender addresses but most these days don't. So if you bounce them, you're just annoying another innocent victim, as in the first category. Anti-virus software that sends an alert to the presumed sender of a virus is just as bad as MailWasher in this respect, as explained by Fridrik Skulason, founder of anti-virus company FRISK Software International, in his open letters of September 2003 and January 2004.
  4. Mail from annoying people you don't want to talk to any more. Fair enough, bouncing mail to them may do the trick if they can't tell the difference between a genuine bounce and the forged ones generated by MailWasher.

Here's another thought: have you ever received a spam advertising a CD with millions of addresses on it, i.e. a DIY become-a-spammer kit? Well, if you receive lots of spam, it's likely that your email address is one of the millions. That's on a CD-ROM distributed to as many suckers people as the spammer can sell it to. What effect would receiving a bounce have on the spammer selling that CD? Exactly. None. The spammer can't recall the CD and remove your address from it, and in practice the spammer won't even remove your address from subsequent versions as that would (a) be too much trouble, and (b) reduce the number of addresses on the CD, making it less attractive to potential buyers. These CDs are already jam-packed with munged addresses, Message-Ids that look like email addresses and plenty of other undeliverable addresses, so they're not going to worry about another one.

So you see there's not a lot of benefit to using the "bounce" option, other than the satisfying feeling you might have got from thinking you've got one over a spammer, but there are significant drawbacks, and they mostly involve sending mail to other innocent parties.

Moreover, it's possible that the very act of using the "bounce" facility may violate your own ISP's terms of service, because in some cases the bounce message generated by MailWasher may use a sender address belonging to your ISP. If the "bounce" itself generates a bounce (quite likely, since the original sender's address may not exist, as mentioned earlier), then your ISP will get the bounce of your "bounce". Rest assured they won't be terribly pleased to see this, as you have been forging their addresses and dumping unwanted mail into their mailbox.

By all means, use MailWasher to delete mail from your mailbox, but please don't use its bounce facility - you'll only annoy other regular mail users, not the spammers.

Don't just take my word for all this - check out this link too. There are instructions there for how to turn off the bouncing facility in a variety of products, not just MailWasher.

[email protected] is a spamtrap; the address appears ONLY on this webpage, so when mail to that address appears, the sender is known to be a spammer.


Paul Howarth - MCIVTA Admin <[email protected]>

Fedora Core Linux