Helping people with computers... one answer at a time.

Unfortunately, there is no simple way to trace spam to a specific place and charge them. There just isn't.

Leo, we all have the problem with loads of spam, which not only annoys us, but costs us in download charges. Most spam comes in mass messages forwarded to great numbers of people. To stop or to slow spam, is there no possibility of reversing the email charges so that instead of recipients paying for downloads the senders are charged as a per-address basis as uploads? This would take edge off their businesses.

In this excerpt from Answercast #51, I look at the difficulties in tracing spam back to its origin in an attempt to stop it.

Charging spammers

In theory, what you're saying would work, except we don't know who the spammers are. In a very real sense, when an email message gets sent by a spammer, there really is no specific and easy way to say, "This is the account of the spammer that should be charged." There just isn't.

Spammers use so many different ways of spoofing and faking and falsifying where the email is actually coming from, there is no legitimate or reasonable way for us to trace it back to a spammer who would pay for it.

Stopping spam

And in fact, you're absolutely right.

If the spammers were forced to pay, spam would disappear overnight because the whole point of spam is that it can be sent out for effectively free to millions and millions of people. If even only a small percentage of those millions and millions of people fall for the spam (or purchase the product or do whatever), then it becomes profitable.

But unfortunately, there is simply no way to attribute spam to a specific place that would get charged. There just isn't.

Where does spam come from?

Think about it. So, often the spam that you get actually comes from addresses of people that you know. They may not have sent it. You don't want to charge them, but the spammers have forged the "From" address.

Even the information in the email headers that will supposedly trace back the spam to a specific server can be faked.

And in fact, even when it's not, zombie networks (individuals' machines) can be infected with botnets, which means it could be your machine that's actually sending out the spam!

If the spam were to get traced back to you, would you pay? I don't think so and that's the whole point. What we want is the spammers to pay.

Fighting spam

Through a lot of detective work, many organizations are able to trace out large botnets or large spam-sending organizations.

Not through tracing individual emails back to their source, but through tracing millions and millions of emails back to common sources and the sources of botnets that are on infected machines.

But it's a way more complicated endeavor to trace spam back to its origination - through its true origination; through its true spammers who are sending it; than something like a simple charge would require.

Article C5792 - September 9, 2012 « »

Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

Ray Norton
September 11, 2012 9:01 AM

Maybe we can't charge the spammers, but our ISPs can prevent mail from sites that are known to send a lot of spam. If it happens to be a big organization like AOL, the responsibility should rest with AOL to take action against it. If all ISPs worked trogether on this, they would prevent LOTS of spam. Somehow, I doubt they will do this. They have already had years to do something and have failed to take any action. Also, if our justice system would make this a crime with LARGE fines, we would have at least a tool to use when a spammer is apprehended.

September 11, 2012 9:24 AM

If they charged spammers I would be in big trouble.
Millions of spams go out under my domain name. I get hundreds of of undeliverables in my inbox.
No spammer is going to put themselves as the return address of the email.
At this point is has been going on for 3 months and I am ready to delete my domain.
There is nothing anybody can (or is willing to) do to stop spammers. They just move to another innocent persons domain as their return address. If they get blocked they just use another domain, make a new domain ($3-25) or make a new email account at MSN, Yahoo or Gmail for free.
By the time the legal system gets to them they are long gone.

September 11, 2012 4:50 PM

Really??? The spam is selling something or directing you to some website. Let's start charging the person/company doing the advertising. They know who they hired to send out the spam, let them pay. If they can't control it then they can stop. The spammer is going to get paid by someone, so they aren't doing it for free. OR...several companies have suggested that we adopt the new email format where each mail server preserves where the mail is coming from and makes every piece of email traceable - right back to the original computer. If someone is using your computer to send out mail, trace it back to the source. We can use technology to fix this.

September 11, 2012 5:44 PM

Even if the source of spam is disguised, there has to be a way for the spammer to receive orders for Canadian pharmacies, penis enlargement pills or whatever. I've never understood why the feds don't trace a route back to the spammer this way. I'm sure there are many intermediaries, but the spammer has to receive the order somehow.

September 13, 2012 9:03 PM

My way of fighting spam is to have a personal policy of NEVER purchasing any product that is frequently spammed - no matter how much the saving might be. Doesn't reduce spam by any means, but it certainly doesn't reward the spammer (or the company / product owner) that pays some idiot to spam their product(s) on their behalf.

September 18, 2012 9:08 AM

We will never be rid of spam, because there will ALWAYS be someone 'un-savvy' enough to fall for it. Some of my most recent spam has been job opportunities sent from MYSELF. Why would I send myself info on jobs i know nothing about? Yet SOMEONE must think "gee, I must have forgotten all about it, how thoughtful for me to e-mail it to myself" or the spammers wouldn't try it again and again.
Bottom line - if it sounds too good to be true, then it probably is.
"Trust no-one, and keep you laser handy"

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.