|Received:||3/31/2004 5:35:28 PM|
|Organization:||Association of Information Technology Professionals|
|Agency:||Federal Trade Commission|
For many domains, any combination of characters will be a valid email address that delivers mail to a default recipient. Since addresses can be up to 256 characters in length, and each of those characters can be any number, letter, or special character, the number of possible valid addresses, while not infinite, is substantial. Calculations show that for a single domain alone, listing every address that the owner does not want spam at would cost the FTC more for storage than the federal government is expected to receive in total revenue this year. That makes a do not spam list of unique addresses financially impractical. That suggests that you have two options. 1) Permit domain wide opt out. Let *@aol.com be a valid entry so that no aol customers, for instance, receive any unsolicited commercial email. 2) Assume that any address NOT fed to you has opted out, and instead maintain the much smaller file of those addresses which do want junk mail. This is a small percentage of the whole, and those who want to be spammed only need provide one address. This would be a significantly smaller database, managed at significantly reduced expense. There would also be no security concerns about unscrupulous spammers harvesting this list of verified addresses, since this is a set of addresses that wants to hear from them. Either of those options would work better, at lesser expense.