On Friday, March 12, 2004 02:25 pm, Rex Deaver wrote:

> I much prefer the method used by MailWasher, don't
> know if it is available for Linux, but shouldn't be
> hard to do. You view your email while it is still on
> the server, select the spam, the good stuff is
> delivered and the bad stuff is bounced as if the email
> address was invalid. 

The problem with bouncing the messages, especially after they are received, is 
that the "bounce" typically sends the message as an attachment to a message 
from you or your mailserver, and uses the "From:" or "Reply-To:" header in 
the spam.  These headers are almost universally forged now, so you end up 
sending your "bounce" to some other poor user.  Since the bounce message 
appears as a message from you or your mailserver's administrator, both of 
which are valid addresses, it can bypass some of the security checks.  

At the least, these bogus bounce messages are just more annoying spam - this 
time generated by you.  At worst, they can bring a destructive payload 
through inadequate security, in which case YOU end up being the person who 
sent the damaging email.

A better thing to do with verified spam is to a) use it to train beysian 
filters, and possibly report it to a system like Vipul's Razor, which 
maintains a database of spam signatures.

Bouncing was a good idea when it most often meant a problem with a destination 
mailbox.  In these days of spam and trojans, it's no longer a good policy.