What’s a mail bomb?

Print anything with Printful



A mail bomb floods an email account with data or messages, rendering it inaccessible. It can crash an ISP’s mail server, affecting all clients. Lusers send mail bombs, and there are various methods, including using a botnet or subscribing to multiple mailing lists. It is a serious offense and against ISPs’ terms of service. To protect yourself, use a free web-based email address for online activities and save your ISP’s email address for private use.

A mail bomb, or mail bomb for short, is an act of malicious network abuse whereby an email account is intentionally flooded with data or messages, rendering the account inaccessible. The account could be inactive for hours or days, which could result in the attack victim’s Internet Service Provider (ISP) going out of service. This is because a mail bomb can crash an ISP’s mail server, affecting not only the victim, but all of the ISP’s clients. When a mail server is down, no one who subscribes to that ISP can send or receive email through the provider.

People who send mail bombs are known as lusers (losers) within the hacker community. It is considered a childish form of strike, a simplistic and crude attack that carelessly affects many more people than the perpetrator’s targets. There are a few methods of sending a mail bomb, described here in general terms.

A mail bomb is effective because of the way email accounts are handled. Email accounts reside on a mail server or computer with software designed to send and receive mail. A receiving mail server has allocated space for virtual mailboxes assigned to its clients. For example, an ISP might have 100,000 subscribers and 300,000 mailboxes (many people have more than one email address). It’s easy to see that even a relatively small mail server as shown in the example can potentially handle hundreds of thousands of emails every day.

When a mail server is flooded with a mail bomb, the computer’s available resources are consumed and the system becomes overloaded to the point of crashing. The mail bomb could consist of a single compressed file that decompresses into a very large file filled with repetitive data that overwhelms and crashes the system. In other cases, a perpetrator will use a “botnet” (network of robots) to do the dirty work.

A botnet is a network of infected computers surreptitiously under the remote control of the author. A botnet controller can send a single command that reaches all computers on the botnet. It can be hundreds, thousands or even more than a million computers.

Botnet ISPs do not detect the attack in progress because each computer sends only one or two messages. The result is that the target email account receives a mail bomb of potentially millions of emails at once. This can be costly to the ISP receiving the mail bomb, as getting the mail server back online to receive legitimate mail by blocking incoming messages from a botnet-origin mail bomb can be a difficult task. This type of mail bomb is known as a Distributed Denial of Service (DDoS) attack.
Another method is to use a party’s email address to subscribe the person to multiple mailing lists. A mailing list is a discussion forum that propagates via email. You must subscribe to the list to access it and unsubscribe to stop receiving messages from the list. All subscribers receive all messages sent to the list. If the list is popular, this can result in dozens of posts a day. A mailing list mail bomb occurs when a victim is automatically subscribed to hundreds of mailing lists without their knowledge or permission. The victim then has to manually unsubscribe from each list or change their email address and close the old account.
A mail bomb is a serious offense and is against all ISPs Terms of Service. One way to protect yourself from a mail bomb is to save your ISP’s email address for private use, giving it only to trusted friends and family. You can use a free web-based email address to register on websites, participate in web forums, or play games online. If a mail bomb is sent to this address, the website will still face the attack and you may lose your free account. However, you will still have your ISP, your private email address and you can create a new free address on another website.




Protect your devices with Threat Protection by NordVPN


Skip to content