[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

A Spam Experiment



-----BEGIN PGP SIGNED MESSAGE-----

Over the past two weeks I ran a little, completely non-scientific,
experiment to examine the propgation of spam.

First, I created a bogus mailing address that forwarded to my normal
address, allowing me to see the different "to" headers.

I then posted a single "test" message to six usenet newsgroups to act as
catalyst.  These were:
	alt.tv.nypd-blue
	comp.org.eff.talk
	comp.os.ms-windows.apps.utilities.win95
	comp.sys.mac.portables
	misc.legal
	rec.arts.sf.tv

Over the next 72 hours, I received 28 pieces of spam, which I catagorize
as an unsolicited email attempting to sell me a product or service.  

12 of these messages had an address indicating I could respond to have my
name removed from future mailings.  I responded carefully to each address,
but 4 of them bounced as an invalid address, no such domain, or other
problem (no route to host, probably because it was physcially
diconnected).  I also notied that the "reply-to" field had no relationship
with the address to request removal on all 12 of them.

The other 14 pieces of spam were replied to the "Reply-to:" field.  All
were bounced as "no such user" or "no such domain".  One postmaster wrote
with a canned form letter saying their domain had been put in as the
reply-to field unknown to them. 

Over the next 72 hours, I received an additional 49 pieces of spam,
including one that was 850k in size and another that was 421k.

This batch was NOT replied to in any way, although 17 of them did include
an address to reply to request removal.

Since the initial six days, there have been a total of 4 spam messages,
all of them were also ignored.  The last 72 hours have had zero spam.

- ---

I need to do more tests with a new address, but I am curious as to if the
spike in activity during the second 72 hours wasn't caused by the fact
that I replied to messages requesting removal.  While it is possible that
it was caused by slow usenet propogation, it seems to have happened much
slower than propogation usually takes (about 12-18 hours on average in the
states, last I heard.)

This test wasted 3MB of mail space and total of about 75 minutes to
download and reply to (requesting removal).

Not that at no time did this mail address reqest any mail be sent to them.
The only crime committed was to post to usenet.

Just my numbers, FYI.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBM5ICSDokqlyVGmCFAQHMegP/U9jLlTR3gtT1fNqqPx2dnWGhGhRl/18W
k4nzWHLsDGE08UxJ8xILJ1jkV9UJOhUpHqzZuy6Hr6zUE5duoAEWGBL4tY8xrzty
cG2lDXnrXjfkvtDUf7Ixo49aSHz2mQUT/ia6JbLCFPNKby+16LteSQa7w/O0h9aF
+u5WonQvCAc=
=A18d
-----END PGP SIGNATURE-----
 
Robert A. Hayden              [email protected]   __
         -=-=-=-=-=-                              -=-=-=-=-=-   \/_
         http://krypton.mankato.msus.edu/~hayden/Welcome.html    \/