You Have the Right to Remain Silent…. Fingerprinting Email?

You can share this, including by text message!

  • You Have the Right to Remain Silent…. Fingerprinting Email?

You know those pesky bounce notices you get when a spammer forges your domain in a spam run? Hundreds, even thousands, of bounce notices sent by ISPs all over the world, kindly letting you know that the person to whom the mail was sent doesn’t exist, is over quota, or is on vacation. Except that you don’t really care, because nobody at your site actually sent the email to them. Of course, if the spammer forged an real live email account at your site, your user holding that email address may care very much, as their inbox is flooded with the secondary spam created by all of these bounce notices.

Well, the good folks over at have an interesting idea.

As was reported in InfoWorld today, has developed a technology which they call “Total Protection”, which incorporates an aspect known as “Email Fingerprinting”. The concept is fairly simple: will be adding a unique “fingerprint” header line to the headers of every single piece of outgoing email – that is email which originates from an server.

(Article continues below)
Get notified of new Internet Patrol articles for free!
Or Read Internet Patrol Articles Right in Your Inbox!
as Soon as They are Published! Only $1 a Month!

Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
You Have the Right to Remain Silent…. Fingerprinting Email?

This fingerprint is intended to be part of the header set which is returned by receiving systems in their bounce notices.’s plan is to care about bounces which contain their unique fingerprint, and to reject or otherwise not care about bounce notices which do not contain the fingerprint as, presumably, those bounce notices were the result of a spammer forging the domain, and were not really the result of email sent by someone through an server.

Nice, in theory, but will it work? Only time will tell, but one has to wonder what happens when receiving ISPs don’t follow the generally accepted practices for bounce handling (and many of them don’t). Does this mean that if an customer – let’s say Joe Customer – sends email to their Aunt Tilly at, and it bounces because Aunt Tilly has moved on to another ISP, but doesn’t return the fingerprint, that Joe will never know that Aunt Tilly did not receive her email?


And how exactly does this help you?

Well, it doesn’t – all it really does is help to lessen the load on their own servers, by allowing them to reject out-of-hand bounce notices that aren’t really about mail sent from their system (hopefully). Still, you have to applaud their ingenuity, and one has to wonder whether other ISPs will follow suit, and, if so, whether has already jumped on the patent bandwagon.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!

You Have the Right to Remain Silent…. Fingerprinting Email?

Get notified of new Internet Patrol articles!

You can share this, including by text message!

  • You Have the Right to Remain Silent…. Fingerprinting Email?

4 Replies to “You Have the Right to Remain Silent…. Fingerprinting Email?”

  1. I have a feeling that is looking at this only because it will benefit them. I have used their service for sometime and have found that SpamShield Lite, which they make available to users for spam control, does not work correctly on their servers. I have tried via emails to site administrators and to correct the problem over many weeks, but they refuse to take any action . In a nutshell, you can specify in SpamShield Lite that email from a particular domain or email address be blocked, and it still passes through to the in-box. In addition, the “block all email except from approved senders” functionality does not work.

    In my opinion, not only does allow spam, it apparently promotes it. They have certainly shown no interest in correcting the problem and it should not be that difficult to correct. It is not a case of fuzzy or Bayesian logic, but simply a pass or not pass based on domain name or email address, and SpamShield Lite has that functionality. It just isn’t implemented. It would appear that it has been intentionally turned off because they have a vested interest in seeing that the user continues to receive spam.

  2. Not to mention that theose thousands of bounce messages end up in someone’s over-stuffed mailbox!

  3. Another thing that should be discussed is ISP’s that “bounce” infected emails. Nowadays, most of the time the return email address is forged so bouncing the infected email really does no good except add to the increase in wasted bandwidth.

Leave a Reply

Your email address will not be published. Required fields are marked *