[LINK] spam question
Sat, 13 Oct 2001 11:04:41 +1000
At 07:16 13/10/01 +1000, Jan Whitaker wrote:
>I'm scratching my head. Each day I'm receiving more spam, and not just
>the stupid Nigeria/Lagos/Sierra Leone/next African nation money scam, but
>lots of e-tail stuff in ridiculous HTML, sometimes with links to the web
>embedded, etc etc.
IT's getting bigger huh! I clean out about 80 to 90 message a day. It's
funny you should mention this too, because earlier in the week someone
posted a news article (Tony B I think) about Email and Web ads failing now
because consumers just ignore it.
>The quandary is that everyone who has thought about this invasion says to
>NOT reply, despite the invitation to do so on these posts because that
>verifies the address.
DO NOT REPLY. IN fact, if you can avoid it, do NOT even VIEW the HTML.
Those little web bugs are really smart. I was looking at one the other
day, it has an encrypted (loosely) string in the html, when you VIEW the
message, it tells the server via a very smart CGI, that you have READ the
message. Thus your e-mail address works. Then the number of messages
increases from a wider variety of places.
Unfortunately for the "average" user, they can't easily pre-scan their mail.
I'm actually considering an AUTO BOUNCE message at the SMTP point of
delivery that simply rejects anything with X-html in it, at least to me.
>And if you read the fine print under the US legislation that is often
>quoted, they justify doing this spam because the law says the can if they
>put this opt-out option on the piece, NOT that they actually take you off
But they do take you off "the one" list that was used "the one time" for
the "one announcement" and then add you to 500 more lists.
>So, short of mail bombing the sender from a hotmail address in
>retaliation, does anyone have any advice?
Read your subjects headers, if they look "unusual" or "unexpected" move the
message to a "holding" folder and leave it there. Do NOT open it. Do NOT
preview it. If you can, save them as ASCII to a file and view the ASCI
using notepad or some other viewer, but do NOT open the message in anything
that has ACTIVE HTML in it.
If someone is trying to e-mail you, they will send you a message again in a
few days with a different subject (normally). I rarely miss any these days
which is good.
Filtering is your friend, use LOTS of filters to pull out everything your
expecting. You can almost always as a "last" filter, put everything from
hotmail, yahoo etc into a HOLDING folder for later review. If you know
people who use these, then add their addresses earlier in your filters and
put them into their own folder or into a "friends" folder.
>When it was text mail, delete was acceptable, but now it's getting nasty.
Web Bugs :) I got one the other day, fortunately on an email address that
is "faked" anyway, so I thought I'd test it. Read the message, viewed the
source, sused out the CGI, (which I broke into and actually gained access
to the source code BTW with no effort at all) and the next day - 30 new
messages to that address.
The address has since been deleted so it's now non existant.
The other suggestion I have is use a product like MyName
http://myname.inau.com/ where you can set up a unique email address for
everyone you deal with that then delivers all the mail into your one mail
box. I have hundreds:
interop@todd (which was deleted recently because they sold it to
informix who then bombarded me with irrelevant material
about things I have no interest in.
I think you get the picture :)