(As if you had to ask)

Why is spam bad?

If you have come here looking for information about the Kempt.net DNSBL, then you should look at the Kempt.net DNSBL page.

More information can be found on the Kempt.net spam policy page.

What is spam?

Spam, in Internet parlance, is most commonly defined as unsolicited bulk email (or netnews posting, etc.). In practical terms, spam is massively-broadcast email or posting with a forged envelope, forged headers, and misleading or even illegal content. It is sent by exploiting security vulnerabilities in millions of computers around the world, enabling the spammers to use stolen resources to do the work of sending the mail while hiding their own identity.

The counter-claim

Some spammers have written letters claiming that spam is a valuable and useful thing on the Internet. They even go so far as to claim that users want to receive spam, and that the complaints all come from the selfish, lazy system administrators who don't want to have to do the extra work and buy the extra bandwidth and machines necessary to handle the increased load from all the extra mail traffic. None of this, let me assure you, is at all true. (Well, except for the part about not wanting to buy more hardware and bandwidth. Why should the recipient sites have to pay to support the advertising done by the spammers? But they do.)

The reality

Numerous surveys of users have revealed that their reactions to spam range from resignation to bitter frustration. None appreciate even a single one of the spam messages that intrude into their mailboxes.

Some users, unfortunately, are not savvy enough to understand what spam is—dishonest and deceitful at best, and downright scams at worst. These users are susceptible to the get rich quick, multi-level marketing, bank fraud, and stock inflation schemes that make up much of the spam that circulates today. These users cannot be effectively surveyed about spam, because they don't understand how to distinguish legitimate email from spam.

Clearly, spammers do what they do not because the end users want to receive what the spammers send out. They do it in order to reach those few uninformed, unsophisticated users who will be duped by the latest scam. If even some very small fraction of one percent of recipients fall for it, then the spammers win big. A very small fraction of millions of messages is still a substantial number, and spammers' morals are too weak to allow them to overlook this fact.

The mechanics

As far as system administrators are concerned, they object to spam not because it puts a legitimate extra load on systems, but because spam invariably disobeys the rules and protocols of operation on the Internet, and causes havoc as a result. For example, spam messages invariably contain forged sender addresses, clearly because the spammers don't want to have to deal with the backlash of bounces and errors that their illegally-formed messages produce—not to mention that a real return address would allow people to track the spammers down and put a stop to their illegal business. In the old days, when spammers would send messages from ill-gotten accounts at some unlucky service provider, then the spam messages had legitimate return addresses. However, the spammer would immediately abandon the account after sending his litany, leaving the service provider to deal with the resulting mess. The end result is the same.

As spammers have become more sophisticated, they have begun including other intentionally misleading headers into their messages, attempting to disguise the path that the spam took to reach the recipient and even disguise the type of computer and email program used to send the original message. Does this sound like the practice of a legitimate business?

But it's not just that many of the header fields of spam messages are forged. The manner in which the spam messages are sent violates every rule and principle involving Internet mail. Spammers will send a message to hundreds of thousands of addresses at a time, most of which are not valid, and none of which have asked to be sent the message (by definition). Since the return path is forged, each individual site that was the unfortunate recipient of the message will have to deal with delivering the bounces (error messages) generated by the spam by continually re-trying to deliver them to some unwitting third party, and finally failing, only to deliver them to the local site's postmaster to sift through. All of this does amount to wasted time and network resources—none of which the spammer has to deal with, of course—and for what? To tell the few poor unsuspecting people who actually receive the message that they, too, can have bigger breasts, just by taking a dubious dietary supplement offered by an unknown spammer?

And there's more! It's not just that the headers are forged, or that the delivery mechanism breaks down the orderly operation of the Internet. There's also the fact that spam messages lie about every single thing within their contents. You may have noticed that many spam messages claim that you are receiving the message because you have opted in to their list. We receive hundreds of messages a day that make that claim—sent to accounts that have never existed in the entire history of the Internet! Other messages claim that they are in compliance with some law or another because they include contact information. And perhaps they do include a phone number, and maybe sometimes it even gets through to a person. But they have clearly violated the intent of whatever law they are claiming they are cooperating with, because the place where the contact information is supposed to reside—the From field—contains a forged address. It's impossible to bounce unwanted or undeliverable mail back to them, and that's just the way they want it. They want you to have to pay for their advertising.