|
To put it into
perspective, spam is the same as the junk mail you
receive in your letter box with two major differences
the first being cost and the second being ease of
stopping delivery.
Arranging a mail drop
to an average sized city can be quite expensive with
pamphlet design and printing then having the thing
delivered, the cost per hit can be quite high. As a
result the organisation/business carrying out this
exercise has to have a more than a feeling that costs
will be covered.
Stopping the delivery
is generally just a matter of displaying one of those
"No Junk Mail" signs on your letter box. The
distributors of this sort of mail know not to deliver,
or there are penalties. As an absolute minimum you can
phone the advertiser and complain, after all your have
an address and phone number printed on the thing
delivered. If it wasn't where would you go to purchase
what was being advertised.
Email spam is a very
low cost method of advertising anything you want. The
cost per delivery is so low as to be almost non
existent, and it is not proportional. The actual cost
for 3000 deliveries is the same as 30,000,000 all the
sender has to do is sent one email to a server list and
the server does the rest. However do not for a minute
think that there is no cost at all, its just that the
spammer does not have to pay that cost.
And who does you ask?
well you do actually.
Anyone with a
connection to the internet is paying their share of the
cost of running the internet. When you pay your ISP they
pay for the traffic you have used and they pay for a
connection to the next level and on and on it goes. All
the spanner needs is a connection to the internet and
you help pay for the enormous amount of traffic that
spam emails, take up world wide. Second only to the
spammers in using huge amounts of bandwidth are those
idiots who insist on forwarding jokes, video clips,
chain mail and last but not least not optimised digital
camera photos to every one in their address books -
but that's another story.
Stopping the stuff is
next to impossible. Yes, some ISPs are better than
others at filtering this sort of mail than others, but
filtering is not stopping. Just because you do not see
it does not mean that network congestion is not
occurring and costs are not being incurred in moving the
stuff around.
How can you stop it?
You can't - you can
help tho. If you are receiving large numbers of spam
emails, change your email address. Never, never, never
give your email address to a web site for anything,
unless you would trust them with your first born. Large
numbers of web sites offer something for nothing in
return for your email address, that should be a clue (no
points for guessing what the email address will be used
for). Another favourite is electronic greeting cards,
they get address's two at a time.
It you are receiving
spam never actually purchase anything advertised - it
just encourages them.
The following text in
Red is the header of an actual message received by by
the mail server that collects unsolicited mail from
supported web sites.
Under each line is an explanation of its meaning and if
the information can be trusted, or has been added for
its confusion value.
|
|
|
Return-Path:
<78032l31@bigfoot.com> |
|
This is entered
by the senders Mail program and can be made to
say anything at all. In this case bigfoot.com is
an organization selling, among other things,
solutions to the spam problem. |
X-Envelope-To: sites@computercarewanganui.co.nz |
|
Added by the
Mail Server that runs on my own system. Don't
bother sending mail to the address as it will
not arrive. |
Return-path: <78032l31@bigfoot.com> |
|
As per the first
line. |
Envelope-to: admin@vys.co.nz
Delivery-date: Tue, 08 Jul 2003 06:35:22 +1200 |
|
Added by the site
server when the message was posted to the POP3
mail box. |
Received: from
pcp03818688pcs.nrockv01.md.comcast.net
([68.86.232.207] helo=68.86.232.207)
by orbit.nucleus.co.nz with smtp (Exim 3.36 #1)
id 19Zapd-00062Z-00 |
Added by the site
server when the message was received by them. In
this case the message was received from an IP
address owned by Comcast Cable Communications (www.comcast.com).
As this organization is a supplier of high speed
digital connections it is unlikely that they
sent the message, but one of their customers
did.
In some cases there may be more than one
"Received" block and when this is the case the
newest entry is the first. Each server adds its
own block above the previous. If there is more
than one don't trust the oldest as it can be
forged. |
for admin@vys.co.nz; Tue, 08 Jul 2003 06:35:22
+1200 |
|
Address mail sent
to as supplied by the sender. |
Date: Tue, 08 Jul 2003 02:47:59 -0500 |
|
Date and time stamp
for the message from the originating System |
From: 237995@yahoo.com |
|
This is entered by
the senders Mail program and can be made to say
anything at all. |
X-Mailer: The Bat! (v1.49) |
|
The senders Mail
program. In this case it is a program designed
to send lots of mail very quickly using an
external list of addresses. |
|
Reply-To: 237995@mail.com |
|
This is entered by
the senders Mail program and can be made to say
anything at all.
If you have a
system that automatically returns unwanted mail
to the sender this is the address it goes to.
The address is never correct for the sender, but
is in most cases a valid address. So before
returning the mail think about what you are
actually doing.......
The person you are
bouncing the mail to is an innocent party, and
is probably a little #####ed at getting hundreds
of returned email messages each day over several
days.
I speak from
experience - it has happened to me several
times.
|
Organization: 101190829 |
|
This is entered by
the senders Mail program and can be made to say
anything at all. |
X-Priority: 3 (Normal) |
|
This is entered by the senders Mail program
and is the default value for all mail. |
Message-ID:
59833641-6DB01408-AC35B4E-22325102-631BFFE9@excite.com |
|
Gives the host site
for the originating mail box. excite.com is an
ISP offering free mail addresses and is probably
big enough not to notice several million emails
being routed through one of them. As an
interesting footnote to this, when I went to the
site my spyware killer gave a warning about some
nasty thing trying to get at me, when I refused
to accept the gift I was denied access to the
site. Makes you think, but probably gives a clue
as to the nature of www.excite.com and its
management. In some cases this can be faked and
then the originating name will be your own
server. |
To: admin@vys.co.nz
Subject: 237995 Using PC Surveillance on a
Network 854872064
Mime-Version: 1.0
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: 8bit |
|
The start of the
actual message. |
|
