|
|
Are You Contributing to the Junk Email Problem? Possibly.
Joe Halbrook
Permission Technologies
http://www.CleanMyMailbox.com
Today, we all get and send email just as much and as easily as we use the
telephone. In fact, email is sometimes more preferred than using a phone,
even a cell phone. It’s easy to do (especially if you’re a fast typist)
and provides the opportunity to really think through something you want
to say, first, as opposed to spontaneous conversation.
And how we love to forward those emails we get to friends! You know -
those cute, funny, touching, or just provocative emails that we’re
sure everyone in our Address Book or Contact List would enjoy just as
much you we did.
Did you know that because you and I do this, we are contributing to
receiving more and more unwanted emails? We may actually be perpetuating
junk email.
Have you ever heard of chain letters or viral advertising? They work
because of the beauty of their exponential factor. You see we forward
that funny email to, lets say, ten of our friends (to make the math easy).
Then each of those ten people forward the same email on to ten of their
friends (up to 100 recipients now). And each of those hundred people
now forward it to ten of their friends.
You see, just after three iterations of forwarding emails, 1,000 people
have received that email you or I thought was "funny." (Maybe some of
those recipients thought it was funny - maybe not. But, that’s another
topic in itself.)
The goal of this article is to help each of these future recipients
to understand what can and does occur when we decide to pass along a
funny or touching email. Not that we shouldn’t; just what can happen
when we do this the way that most people do it.
You’ll know what I’m talking about shortly, if you think back of the
last one of this kind of email you received from a friend. They have
a distinct characteristic that makes them very obvious.
At the top of the email, you see something: dozens, if not hundreds of
email addresses of everyone your friend emailed the message to.
Most of the time, you get to see all the email addresses of the
first or second (or more) iterations of the friend that sent the
email to your friend. Have you ever found yourself scrolling down
forever and ever past all those email addresses, until you finally
find the actual email?
That’s what I want to focus on. You see, sending or forwarding
the actual email is fine and well. The problem comes when you forward
a multiple iteration email to all your friends with all those
email addresses imbedded in them.
>>> Original Message
>>> From: blahblah@blah.com
>>> To: Joe Smith <blahblah@blah.com>, Jean Berry <blahblah@blah.com>
>>> Rick Michaels <blahblah@blah.com>, Jimmy Dalton
>>> <blahblah@blah.com>, Carol Snodgrass <blahblah@blah.com>,
>>> Hannah Milton <blahblah@blah.com>, James Reynolds
>>> <blahblah@blah.com
>>> Subject: My funny email
>>> I know you’ll love this email. It’s great
>> Original Message --
>> From: blahblah@blah.com
>> To: Jason Smith <blahblah@blah.com>, Jean Bea <blahblah@blah.com>
>> Rick Jetson <blahblah@blah.com>, Brad Digget<blahblah@blah.com>,
>> Jason McGee <blahblah@blah.com>, Hal Lynch <blahblah@blah.com>,
>> Subject: My funny email
>> This is so funny. It brought tears to my eyes laughing.
> Original Message
> From: blahblah@blah.com
> To: Gretta Stanton <blahblah@blah.com>, Jan Rick<blahblah@blah.com>
> Billy Delp <blahblah@blah.com>, Linus Beal<blahblah@blah.com>,
> Mellisa Hall <blahblah@blah.com>, Jim Welch <blahblah@blah.com>,
> Subject: My funny email
This is a funny story!
Now, let’s consider a couple of hazards related to what we are doing
when we send or forward emails like this.
First, did we ask permission from everyone we sent this email if
they would mind if we disclose their email address to everyone
else we sent it to? Probably not.
Yet, that’s what we do every time we forward an email like this;
we expose all our recipients’ email addresses to everyone else on
our mailing list! That might be ok, but then what if there is
someone who doesn’t really want everyone else to know their address?
Secondly, and more importantly, spammers (yes those annoying people
who send out billions of emails weekly with all those offers for cheap
prescription-dodging drugs, and body-enhancing supplements) just
love all of us forwarding emails like these. Why? Because they
actually sneak spyware (software with malicious intent programmed
into it, sometimes called "bots" because of their robotic nature)
onto millions of unsuspecting computers in homes like yours and
mine. This software just sits there on our computers for weeks,
months, even years. And it may have never done a single thing that
would make us suspect it’s even there. (Not all bots are harmful,
but these certainly are malicious.)
These bots can sit there and "sniff" all our incoming email.
(Yes, you read that correctly!)
Computers that have been infected with these little bots are
sometimes known as zombies. They are called this because of what
they actually do. I’m getting to that part - stay with me, here.
As we download our forwarded emails from all our friends, these
little bots can sniff not only what we see in the emails (including
all those email addresses of prior iterations), but even the email
headers, which we may never even know exists. These headers
encapsulate every email that is sent and received on the Internet.
If you ever want to see them, you can usually click on an email’s
Properties within your email software, then Click on the Details,
then Message Text.
You’ll see something like this:
Return-path: <xyzzieur@emailorigin.com>
Envelope-to: me@mymailbox.com
Delivery-date: Mon, 26 Oct 2009 15:24:49 +0000
Received: from localhost ([127.0.0.1] helo=mail.server.net)
by mail.server.net with smtp (Exim 4.69) (envelope-from
<xyzzieur@emailorigin.com>) id 1N2RRB-0008ET-IO
for me@mymailbox.com; Mon, 26 Oct 2009 15:24:49 +0000
Received: from web110311.mail.gq1sender.com ([67.195.8.211]
helo=web110311.mail.gq1.sender.com)
with IPv4:25 mail.server.net; 26 Oct 2009 15:24:49 +0000
Reply-To:MIME-Version:
Content-Type;
Received: from [123.456.789] by web110311.mail.gq1.sender.com
via HTTP; Mon, 26 Oct 2009 08:24:50 PDT Date: Mon, 26 Oct 2009
08:24:50 -0700 (PDT)
From: My Good Buddy <xyzzieur@emailorigin.com>
Subject: Fwd: This is hilarious - gotta read
To: Me <me@mymailbox.com>
Cc: Gretta Stanton <blahblah@blah.com>,
Jan Rick<blahblah@blah.com>, Billy Delp <blahblah@blah.com>,
Linus Beal<blahblah@blah.com>, Mellisa Hall <blahblah@blah.com>
MIME-Version: 1.0 Body of email !!!
So, why is this sneaky little bot so nasty, and why should you care?
Think about it: The bot doesn’t have to concern itself with validating
the email addresses for the spammer that planted it. As it sniffs
out all those addresses from our inbound emails, it knows that each
of them is a valid address. We already did that work for it -
because remember, we’re forwarding this funny email to all our friends,
(and the couple of iterations of people before us who sent it to
their friends). And let’s face it, our friends’ email addresses
are already "good" - after all, we send email to them all the time.
So, all the bot has to do is sniff out all of those valid email
addresses, and then "phone home" to the spammer! Some bots are
programmed to even send junk email from the host computer. That’s
why the infected home computer is often referred to as a zombie.
Getting scared, yet? You should be.
Back to those email headers - the mechanism that documents the routes
that each email took to get from the Sender to you. Spammers can
learn a plethora of information from those, too. And the nasty
little bot phones home with those little details, as well. As you
can see, all the Cc: (carbon copy) addresses are usually contained
in those headers, as well. So, even if the bot is somewhat lazy,
it doesn’t have to scan the actual body of the emails to get valid
email addresses to send back to the spammers. It can just scan
email headers. Easy, breezy, Japanesee!
SO WHAT’S A PERSON TO DO ABOUT ALL OF THIS?
Here’s where you and I and all our friends can make a HUGE difference.
It’s ok to send cute, funny, touching, or provocative emails along
to our friends. Nothing wrong with that, at all. But, just in case
we are housing one of those nasty bots (or one of our friends has
one on his/her computer) let’s not feed the bot. How? It’s easy!
Just two simple steps:
First, instead of addressing the email To: all our friends or Cc:
(carbon copying) it to our friends, instead just send it To: yourself,
and Bc: (blind copy) all your friends! This removes all our friends’
email addresses from the email headers (To: and Cc: headers). You
see, Bc: addresses are never included in those email headers. Thus,
the bots will never have an opportunity to see and harvest them.
Secondly, before we forward the email in the form it comes to us,
do a tad bit of editing. Remove all the indented >>> and >> and >
lines containing names and email addresses at the top of the email
first, leaving only the actual body of the original email.
This accomplishes two things: It leaves nothing for the nasty
little bot to phone home about, and it may reduce the event that
we actually gave out someone’s email address that didn’t want it
published to all our other friends.
Now, that wasn’t hard, was it? Two simple things to remember.
And we just reduced the probability of everyone on our Contact List
getting even more unwanted email (from spammers). They’ll love us
dearly for that.
And we haven’t even talked about imbedded viruses in some of those
emails. That’s a topic for another article, in itself.
Just some cautious advice to think before you click the next time
you want to forward that funny email to a dozen of your closest
friends. These two simple steps can help all of us, in the long run.
Now, if you want to forward this article to all your friends, and
I certainly encourage you to do so, please don’t forget these two
steps. As more of us follow these two simple suggestions, who knows
what kind of dent we will make in the fight against unwanted email.
Cheers and happy forwarding!!
Joe Halbrook
Permission Technologies
http://www.CleanMyMailbox.com
|
|
