A Plan for Spam

Max Clark

Oct 15, 2006 • 2 min read

After a brief and informal survey over the past couple of weeks I feel it is safe to say that the volume of spam reaching inboxes is on the rise. I have always likened spam and anti-spam to an arms race, one side develops a new technique and the other side figures out how to block the message or defeat the filter. Some times it really does remind me of a see-saw.
Over the past few years there have been several effective advances on the anti-spam front; open proxy black hole lists, real time block lists for known spammer IPs, Bayesian filtering, URI real time block lists, the sender permitted from (SPF) framework, etc… Each on has in turn been effectively thwarted by the spammer; using disposable IP addresses on dedicated servers and high speed consumer internet lines, using nonsensical text in the message, sending links for domain names that haven’t been registered, and of late my favorite – emailing an image with the spam message (which is another reason why HTML email should never have been created – when you receive a message with a green background and 15 different colors of font being the first).
As ISPs and anti-spam vendors struggle with how to build a better mousetrap to identify and filter out the message I propose a slightly different approach – eliminate the financial incentives to send spam in the first place (novel idea isn’t it). I’ve read articles/interviews that placed the conversion rate necessary to consider a campaign successful in the 0.005% territory (50 conversions out of every one (1) million messages). Based on the work I have done for companies running email campaigns to their registered users I would speculate that the actual conversion rate for most spam email campaigns to be somewhere in the tenth of a percent territory. Let’s evaluate the math…

Monthly cost for a dedicated server: $99 dollars
Amount of email sent if you have absolutely zero idea what you are doing: Approximately two (2) million messages per day per server.
Amount of email sent if you know what you are doing: Approximately 15 million messages per day per server.
Revenue from a poorly configured machine sending two (2) million emails with a $40 purchase at 0.005%: $4,000 dollars
Revenue from a properly configured machine sending 15 million emails with a $40 purchase at 0.005%: $30,000 dollars

Who wouldn’t get into this business?
So how do we eliminate the financial incentives to send spam? Stop buying what they are selling. I only wish it was that simple. The unfortunate reality is that with a list of 100-200 million email addresses there are way too many people who just might be tempted to order that Viagra off the Internet, or invest in the penny stock because it is going to go up, or send someone their bank account so they can help an exiled ruler save their fortune. 0.005% of the US’s current population is 15 thousand people, and if you agree with my assumption that the real conversion is in the tenth of a percent that makes for a lot of suckers.
So instead I am going to make a plea and appeal to your sense of responsibility. Please tell your parents, your grandparents, your children, your friends, your neighbors, and even the person you pass on the street not to purchase anything that is sent to them via an email. When the well dries up, the spam will stop.

A Plan for Spam

Max Clark

Sign up for more like this.

How Network Automation Streamlines Small Business Operations

Best Practices for Navigating Compliance in Cloud Services

How Can Zero Trust Security Modernize Your Organization’s Cyber Defense?