It's an interesting concept... Now spammers will use a noticeable portion of
the CPU on the boxes they've hijacked, instead of the currently virtually
unnoticable portion of the resources, so, in that sense, it might help
the owned boxes to their true owners.
Me thinks you overestimate the coding quality of ANY commonly available
program which deals to millions of sockets, and there is no reason
spammers wouldn't be included. CPU is the only thing bounding the problem
at "bad", instead of "insane".
How much pipe do you think a new high end system can fill by sending out
relatively short messages to millions of sockets, even with halfway decent
code, by the time it finishes doing MX resolutions, the 3-way handshake,
deals with unreachable or otherwise dead or blocked servers which don't
send an RST, and handles all this concurrently? I'd put the number
somewhere around 5Mbps, and this doesn't even touch people throwing
together perl scripts, or who can't write asynchronous code and just throw
threads at the problem.
But to quote a line from the article:
"One of the fundamental problems with spam is that it costs nothing to
send, but has associated costs for the recipient which include loss of
bandwidth, problems with usage, and lost productivity," he said.
This is absolute nonsense. It costs the spammers the sum total of what it
costs all the recipients, and probably more. Yes there are some people who
abuse open relays, a dial account they were already paying for, or a
hacked box, but what percentage of the spams do you think these account
Spamhaus says 10%, though that does sound like a number they just pulled
out of their ass.
Spammers pay the same way that receivers do, except without the luxury of
dealing with only one millionth of the load. These don't apply to every
situation obviously, but just off the top of my head we have:
* Cost of commercial outbound bandwidth vs residential inbound bandwidth
* Cost of the systems which send the e-mails, be they rented or purchased
* Cost in money and time changing providers constantly
* Cost of paying providers large sums of money far over market rate to stay
* Cost in money and time to obtain e-mail lists
* Cost in money and time to receive and sort bounces, and prune dead emails
* Cost in money and time to continue to operate the site being advertised
* Cost in money and time to deal with thousands of angry calls/emails if
they try to keep the LOOK of legitimacy by claiming they don't spam
Obviously these are very real costs, of the exact same legitimacy as the
receivers "costs". Yes spam is a cheaper way to reach millions than other
advertising methods like direct mailing, but that doesn't mean that it is
The point here is that spam is used, not because it is free, but because
it WORKS as an advertising method. If you sell a $50 product (like say
software, or a subscription to a porn site, or even some $0.10 penis
growth sugar pills), and you spam 100 million email addresses at a cost of
$5000, and if even 0.01% of the people click the link and buy the product,
you've just netted $495,000. As long as it is making people that kind of
money, there will be sufficient reason to find a way to get around these
poorly thought out ideas of Microsoft.
P.S. Are there any MTA hacks which keep the socket of messages identified
as spam tied up as long as possible? I haven't seen them, but it seems
like a good idea.