Spammers don’t need to use clever (or unclever) web-scraping techniques when they can just harvest e-mail addresses by brute force. There’s just no other way to explain the correlation between the fury of suspicious, blank messages I’ve gotten lately along with the dramatic increase in offers for great sex-pills, “insider” stock info, and deals on vacations that are just too good to be true.
The process for spammers is simple: generate e-mail addresses by brute force, send out messages, and then wait. If an error message comes back, they know that the e-mail address is no good. If an error message doesn’t come back, then they know it’s a good one that they can start spamming to death.
There are so many e-mail addresses out there today (anyone have an estimate?) that using clever tactics such as generating addresses like “email@example.com” must be getting less and less effective. Therefore, just start out with “firstname.lastname@example.org”, then try “email@example.com”, then try “firstname.lastname@example.org”, etc. and eventually you’ll have a pretty thorough listing of all of the .Mac members’ e-mail addresses.
So here’s my ultimatum to the .Mac team (and I’ll follow up by filing a bug directly): Make an attempt to at least stop this nonsense or I’m cancelling both of my accounts. My suggestion is to start offering some level of filtering on the server side. My $100 a year per account should at least buy me that ability.
I have almost a whole year to wean myself off of your service, and I’ll start right away if the nonsense doesn’t stop. So how about giving it some thought and getting back to me in the next .Mac members e-mail that you send out?