There are pages on the Web that create e-mail addresses that are fake so they can be harvested by spammers . For this to work, the spammers have to (a) crop addresses from the Web, (b) not’blacklist’ such pages (either on autodetection or about manual detection), and (c) care that their mail gets sent to real addresses.
Are all these authentic? Do these address generators operate? For the case that is botnet, you counter with Bayesian filtering. Basically, the idea is that when there is a botnet utilized to send out a spam, the spamtraps will get many copies of the message very quickly. They disperse that and will create a filter which finds the message’s fingerprint. Regardless of what DNS/IPs the botnet uses the spam will be blocked by this. (The spammers counter this by smarter randomizing of their spams to make them difficult to coincide with a filter. It’s an arms race.)
And in that case, then how do they work? Is the concept that the spammers will be inundated with mail and implode? That they will have a lot of low a return (real answers ) on their investment (e-mails sent out) and go out of business? Upon getting connection from spammer that is blacklisted, rather than rejecting connection immediately away servers could use technique. Which means essentially keeping link times out.
The notion is, that SMTP is generally transported over TCP, meaning single computer has restricted number of simultaneous connections (open sockets) it could make. Thus, should spammers utilize SMTP server with settings, their throughput would be seriously hampered by tar-pitting.
All of aforementioned techniques are useless when individuals use botnets. Fake email addresses most commonly server as spamtrap (kind of honeypot). They idea is, since that this type of email address will never be used to receive any valid emails, anything that comes is a spam. These spam messages are later analysed and used to update a variety of RBLs (Real-time Blackhole List), nowadays most commonly DNS based black list.