In a struggle to be happy and free

Drystone Wall


A few weeks ago, Ryan mentioned to me that he thought I must get ridiculous amounts of spam since I have my own domain. This is true, but it may depend on how you look at it.

Do you mean spam messages in my inbox? If so, I probably receive about as much as anyone else. Since I’ve had the same e‑mail address for more than twelve years, I may receive a bit more, but I’m sure it’s in the ball park.

On the other hand, do you also include all of the attempts to deliver spam? This is a far greater amount. It’s so large that I’m still surprised by it. What many don’t realize is those pesky spammers don’t bother limiting their messages to users that they know exist. Rather, they employ a shotgun approach and attempt to send mail to what I have to assume is a pre-generated list of user names. Is there a here? No, but a spammer sent a message to this address anyway, hoping there would be such a user. Taking it a step further, would you think it likely that a seekingly random string of 24 numbers will be a valid user name? Me either, but a message to just came in. ‘Shot in the dark’ messages to invalid users form the vast majority of message delivery attempts.

Take all of these invalid user names into account, along with other messages rejected because they had no sender address, their sender reputation scores were too high, the greylist routine temp-failed their delivery attempt and they didn’t try again, or they were temp-failed because they attempted to exceed the session limits I set, and you’ve got quite a bit of spam traffic.

This chart shows the daily number of connection attempts to in the first two weeks of March. The colours show why the message or connection was blocked. And yes, you’re not misreading the chart if you see there were more than 42,000 connection attempts for yesterday alone. The total number of connection attempts for the two weeks represented in the chart is 424,831. This averages to 30,345 each day.

It’s ridiculous, but it continues because there’s money to be made. There have to be people who actually buy what the spammers are selling. I find it hard to believe, but the spammers would not otherwise bother.

Which colour in the chart represents non-spam mail? Don’t even bother asking because you can’t see it. The five active users on have never received more than a hundred messages even on the busiest day. Just 30 messages is closer to the average and this is 0.1% of the total number of connection attempts on an average day.

Still, far less spam makes it as far as my inbox than did years ago when there was less spam sent. Detection methods have improved faster than the increase in the quantity of spam sent. Although the torrent of spam is almost completely invisible to the average user, the costs of transporting it and detecting it are borne by everyone.


Alarm Clock 2


Daily propaganda, fresh from the government


  1. Des

    So what do the various colours represent? Does yellow represent the invalid email addresses?

  2. The yellow represent session limits. Since I’ve got so few users, I clamped right down. Only one session at a time per client, ten sessions per ten minutes, and other things like that. I suspect it causes many retries. The invalid users are grey, and doesn’t account for nearly the numbers I would have expected because most don’t make it through that far.

    I used to run without any session limits and the daily peak was about half what this chart shows. The device is more than capable of handling the traffic but I don’t want to go and encourage them!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Powered by WordPress & Theme by Anders Norén