To all of you dopes out there who have installed spam-blocking software on top of your mail server, I need you to do one of two things. The first option is to uninstall it until you grow enough skill to use it. Your inability to administer indicates your ability to administer systems makes your hosts a prime target for being hacked. Please resign and consider working in a slightly less dangerous circle of hell, in a career as a call center operator or destination specialist. Your second option is to gain sentience and realize that sending an email every time you receive a spam message is idiotic.
I get dozens of bounce messages every day from mail hosts with spam detection software. Sure, it’s easy to block these in the same way one blocks spam, but that’s not the point. As a random example of this incompetence, I’ll pick Akuma Quality Hosting registreert haar domeinen bij NLDG Domeinregistratie. They are not unique. Any time a spam message hits one of their hosted domains, they send back a bounce message with attachments, details, explanation of the bounce, and all that shit.
I’ve got news for you, Akuma Quality Hosting. Sending a response back to a forged “From:” header is only contributing to the problem. First off, you’re sending bounce messages to somebody who had nothing to do with the spam message. If spam messages had real From: headers, spam wouldn’t be a problem. Second, you have made matters worse. Every time somebody sends you spam, you’re now duplicating that message, adding metadata, and firing it off to somebody else. You suck, you’ve just doubled the negative infrastructure impact of every single spam message.
I don’t have a problem with challenge-response email systems for personal addresses. Nor do I have a problem with an automated spam detection system. I do, however, have a problem with incompetent systems administrators and software designers that add or enable features without realizing all of the subtleties at play.
Whoever the programmer is who decided that bouncing mails based on ‘From:’ in the event of spam should have their hands cut off. It’s ultimately their fault for giving incompetent system administrators this option in the first place, but the system administrator should serve as a line of defense, preventing the programmer’s mistakes from being thrust upon the populace.