Brian Martin has a very nicely written little essay titled Anti-Virus Companies: Tenacious Spammers which points out a fact that many folks overlook: Anti-Virus companies are some of the worst spammers around and there’s no good reason for it.
When you think about it, he’s right. If you’re like me you’ve probably been deluged with dozens (if not hundreds) of emails every time there’s a virus outbreak of any significance such as the ones going around the last day or so. The reason is simply because so many anti-virus products send emails back to whomever is listed in the FROM field telling them their was a virus in the email. Often that email contains ads for whichever anti-virus program generated it.
Considering that most modern viruses spoof the FROM field and all the anti-virus companies know this there’s really no good reason for them to send an email back to the poor bastard who’s address got spoofed other than to advertise their products. The emails generated certainly don’t provide much of anything in the way of useful information beyond the fact that it stopped a virus so that leaves advertising as the only possible intent.
Now consider how many millions of emails these viruses generate as they shoot themselves off across the net. Even if only a small percentage of anti-virus programs generate email responses every time they stop a virus you’re talking thousands of additional emails with no purpose beyond advertising flying around the Net eating up bandwidth and doing absolutely nothing to help make the situation any better. In fact they often makes things worse by confusing the hell out of less tech-savvy users who now suddenly think they have a virus and get on the horn to their tech support departments.
It’s stupid and the anti-virus companies should know better and it’s time we started telling them. From now on I’m forwarding every one of these stupid messages back to the company whose product produced it with a terse note explaining why they can shove it up their ass. I suggest you do the same.
Update 1/29/04: Interestingly enough I noticed this morning that CNet.com has an article on this very problem.