We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Security

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What is a Mail Bomb?

By R. Kayne
Updated: May 16, 2024
Views: 15,221
Share

An email bomb, or mail bomb for short, is an act of malicious net abuse whereby an email account is purposely flooded with data or messages, making the account inaccessible. The account might be down for hours or for days, and can result in the Internet Service Provider (ISP) discontinuing service to the victim of the attack. This is because a mail bomb can cause an ISPs mail server to crash, affecting not just the victim, but all of the ISPs clients. When a mail server is down, no one who subscribes to that ISP can send or receive email through the provider.

People who send mail bombs are known as lusers (losers) within the hacking community. It is considered an infantile form of striking out, a simplistic and crude attack that carelessly affects many more people than the perpetrator’s target(s). There are a few methods for sending a mail bomb, overviewed here in general terms.

A mail bomb is effective because of the way email accounts are handled. Email accounts reside on a mail server, or computers with software designed to send and receive mail. A receiving mail server has allocated space for virtual mailboxes assigned to its clients. For example, an ISP might have 100,000 subscribers, and 300,000 mailboxes, (many people have more than one email address). It’s easy to see that even a relatively small mail server such as shown in the example can potentially handle hundreds of thousands of emails each day.

When a mail server becomes flooded by a mail bomb, the computer’s available resources are consumed and the system overloads to the point of crashing. The mail bomb might consist of a single compressed file that decompresses into a very large file filled with repetitive data that overwhelms and hangs the system. In other cases a perpetrator will use a “botnet,” (robot network) to do the dirty work.

A botnet is a network of infected computers, surreptitiously under remote control of the perpetrator. The controller of a botnet can send out a single command that reaches all computers in the botnet. This can be hundreds, thousands, or even over a million computers.

The botnet ISPs do not catch the attack going out because each computer is only sending one or two messages. The result is that the targeted email account receives a mail bomb of potentially millions of emails at once. This can be costly to the ISP that receives the mail bomb, as getting the mail server back online to receive legitimate mail while blocking inbound messages from a botnet-sourced mail bomb can be a difficult task. This type of mail bomb is known as a Distributed Denial of Service (DDoS) attack.

Another method is to use a party’s email address in order to subscribe the person to multiple mailing lists. A mailing list is a discussion forum that propagates via email. One must subscribe to the list to get on it, and unsubscribe to cease receiving the list’s messages. All subscribers get all messages sent to the list. If the list is popular, this can result in dozens of messages per day. A mailing list mail bomb occurs when a victim is automatically subscribed to hundreds of mailing lists without his or her knowledge or permission. The victim must then manually unsubscribe from each list, or change his or her email address and close the old account.

A mail bomb is a serious offense and is against the Terms of Service of all ISPs. One way to protect yourself against a mail bomb is to save your ISP's email address for private use, giving it to trusted friends and family only. A free Web-based email address can be used for registering at websites, participating in Web forums, or online gaming. If a mail bomb is sent to this address, the website will still have to deal with the attack and you might lose your free account. However, you will still have your ISP, your private email address, and you can create a new, free address at another website.

Share
EasyTechJunkie is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Discussion Comments
By anon160699 — On Mar 16, 2011

Email was designed back in the 60's. Nobody foresaw the way it would be abused in the present day when it was being designed. Email is inherently insecure. Everything anyone has ever done to deal with the problem of spam up to this point in time has been nothing but a stop-gap measure. Email needs to be overhauled with security built-in. People have proposed this and are even working on it. Problem is it requires an overhaul of millions and millions if not billions of email accounts and servers, so it is not practical at this point. So for now, we just live with this crap!

By arod2b42 — On Jan 28, 2011

@BigBloom

When people are harming other people, or use the internet with malicious intent, they should not be allowed to be online. This is the opinion of most people, I think it would win out in a democratic system. Harmful issues like mail bombing and viruses can harm someone's livelihood, and have various indirect consequences which most people aren't even aware of.

By BigBloom — On Jan 27, 2011

@ShadowGenius

What about freedom of speech and a free market? I think everyone should be allowed to have access to the internet world without conditions.

By ShadowGenius — On Jan 26, 2011

The layman should become acquainted with hacking and computer code for the sake of protection in an increasingly internet-dependent world. It is also the job of people in charge of the internet to follow netiquette and not break the laws of usage. At some point, it is very likely that people will be required to have accounts to access the internet, and will be rated on how well they steward this privilege.

Share
https://www.easytechjunkie.com/what-is-a-mail-bomb.htm
Copy this link
EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.

EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.