An email bomb or “mail bomb” is a malicious act in which a large number of email messages are sent to a single email address in a short period of time. The purpose of an email bomb is typically to overflow a user’s inbox. In some cases, it will also make the mail server unresponsive.
Email bombing is often done from a single system in which one user sends hundreds or thousands of messages to another user. In order to send the messages quickly, the email bomber may use a script to automate the process. By sending emails with a script, it is possible to send several thousand messages per minute.
If performed successfully, an email bomb will leave the recipient with a pile of email messages in his or her inbox. It may also max out the recipient’s email quota, preventing the user from receiving new email messages. The result is a frustrating situation where the user has to manually delete the messages. If the recipient’s email client or webmail system does not allow the user to select all the unwanted messages at once, this process can take a long time to complete.
Fortunately, most mail servers are capable of detecting email bombs before a large number of messages are sent. For example, if the server detects that more than ten messages are received from the same email address within one minute, it may block the sender’s email address or IP address. This simple action will stop the email bomb by rejecting additional emails from the sender.