Hi all,
I am the one who sent the message to Barrie about disconnecting from the
internet before reading SPAM e-mail. Since I am responding to a string of
e-mails regarding this, I apologize in advance if I misquote anyone.
On Sat, 12 Apr 2003 11:14:05 -0600, David Councill wrote:
Barrie,
How can you tell that a message was sent back? I was skeptical of the
original statement about a message being sent back confirming email
address
validity. The question that came to my mind was - how?
Simplified explanation: Any HTML formatted e-mail (colored text, embedded
pictures) can contain an image with a unique identifier code that is mapped to
your address. The code could be as simple as the numeric ASCII equivalent of
your e-mail address, or could be an unrelated string of characters stored in a
database on the spammer's server. When an HTML formatted e-mail is opened, the
e-mail initiates a request to the spammer's web server looking for something
like "257864A573244d4566872785_1px.gif". The web server knows when it gets a
request for an image like this, that it should strip off and store the number
(everything in front of the underscore), and send you the image.
This happens immediately if you use webmail services (like yahoo or hotmail)
and read your e-mail in a web browser, and I don't think that there is any way
to stop it. If you download and read your e-mail in Eudora, Outlook, etc...
your computer will request the image and notify the spammer when you open and
view the e-mail, even if you only open the e-mail in the preview windowpane.
A longer, more in-depth explanation is available here:
http://www.privacyfoundation.org/resources/webbug.asp
There is a notify/return receipt function that can be used on emails
but
Eudora faithfully notifies you that the email has a return notification
requested and asks if its ok, later, or never (plus it leaves a copy of
the
return receipt in your outbox if you give it the okay).
I don't know exactly what the case is with Eudora, but some e-mail readers can
be set to send this receipt by default. I know that this is the case for you
Barrie, as I have my e-mail set to request receipts, and your machine sends
them. Here is what a receipt looks like:
Reporting-UA: QUALCOMM Windows Eudora Version 5.2.0.9
Final-Recipient: rfc822;
<foo@manchu.net>
Original-Message-ID:
<7E3F6AB049B8A14A9E4AF90521CAFF9B4C64F9@exchange1.leanintree.net>
Disposition:
manual-action/MDN-sent-manually; displayed
Any spammer worth his salt will include the return receipt requested string in
the header of his e-mail just hoping for this sort of thing. As you can see, I
know that the recipient is using Eudora for Windows, v 5.2.0.9, and that he
actually opened my e-mail on Tue, 8 Apr 2003 10:02:15 -0600, and Eudora
politely sent me his e-mail address as well. The bollocks of the whole thing is
that computers have so many settings, knobs and whistles that it is impossible
for any one person to know everything. I just know because one of my
colleagues did a paper on this for the Privacy Foundation (listed above).
Reading e-mail off-line is a brute-force method to prevent a lot of this
access. David Councill has some excellent suggestions below for some options
on managing this access with more finesse.
Some spam come with html links that have your email address or a number
embedded so they can tell your origin if you click on it. But you have
to
click on it first. If you just move over it with your mouse, Eudora
displays the actual link so you can tell if it has a return code, a
feature
missing in Outlook.
Yes! For god's sake, don't click on anything in a spam e-mail.
The reply to remove you from the list, though, is a sure way to let the
spammer know your email is legitimate, received, and read.
Exactly right. Never click the link that says "Click here to stop receiving
these e-mails..."
Perhaps if I'm wrong, someone can add more details. I get 50-70 spams
daily
but a lot of it is because my email address is very public and highly
exposed on the Internet.
The best way to eliminate spam is to keep spammers from getting your e-mail in
the first place. Since spammers spider websites looking for e-mail addresses,
you might try a javascript that slices up your e-mail address, and use escape
codes or images for @ and dot characters. I have used this one for marnoldm at
du dot edu with decent results:
a
href='javascript:window.location="mai"+"lto:"+"marnoldm"+"@"+"du"+"."+
"edu";'
onmouseover='window.status="mail"+"to:"+"marnoldm"+"@"+"du"+"."+ "edu";
return true;'
onmouseout='window.status="";return true;'>marnoldm<img
src="http://www.du.edu/~marnoldm/media/images/at.gif"; width="12" height="13"
border="0" align="absbottom" alt="@">du.edu</a
A e-mail harvesting spider would have to execute the javascript in order to
read the e-mail address, and I imagine that there are few that can do this.
If you post to BBSs, you may want to consider posting your e-mail address as
"MyName at MyISP dot com". It is a bit of a pain to people who want to respond
to you, but seems to help disguise your address from spammers.
You might want to consider subscribing to a complaining service, like
spamcop.net. Spamcop uses filtering (primarily whitelisting and blacklisting),
automatically complains to the ISPs who host offending sites/mailings, and
notifies companies that have open relays on their mailservers that spammers can
exploit (no financial interest).
A spam filter catches 90% of it before it gets to
my PC. I have been thinking about the ultimate spam buster - an email
program that sends back a spoofed majordomo email to the sender that
says
something to the effect that the email address is no longer valid. That
would likely be the only way to get off the spam list.
If you make this, I would love to be first on your list to get a copy!
Since I have a cable connection, I use a program called ZoneAlarm to
control outgoing Internet access. But its handy on a dial up connection
too
as programs can be designed to look for an open internet connection
before
they send data. But with ZoneAlarm, it will catch any program trying to
use
your Internet connection and you have to authorize it to let it
through.
Not only are there spammers out there, there is also a lot of spyware
that
once running on your computer, they can send your email address and
other
information to these Internet marketers.
Good advice!
So from your original email - my main advice would be to make sure html
displays/executions are turned off on your email program (like Barney
said). Use an outgoing firewall software (ZoneAlarm basic is freeware).
Run
a spyware detection program periodically, like Ad-aware.
Also good advice.
I appreciate the information from this thread on how spammers can
determine
if their email has been opened. My email does not display html and
embedded
images so I was safe on that end. But since this is an Internet list,
I'm
sure we can all benefit from any anti-spam tips.
The following site has some good information on how to configure your systems
to provide better privacy and manage applications and e-mails that try to
access the internet:
http://www.securityfocus.com/infocus/1579
Best,
Michael
/// or try http://www.team.net/cgi-bin/majorcool
/// Archives at http://www.team.net/archive
|
![http://www.du.edu/~marnoldm/media/images/at.gif"](http://www.du.edu/~marnoldm/media/images/at.gif"){kind=link}