mjc
05-07-2003, 04:52 AM
OK, so what is spam and why is it so bad?
Spam is the common name for unsolicited commercial (bulk) email. It is the junk mail of the internet.
Other than the most obvious reason for being bad, that it is annoying, spam clogs email servers, wastes time (for end users and system administrators), in some cases is illegal, and very often consumes resources that the recipient of being used.
Spam can clog email servers either while being sent or, as in the case of the major "free" email providers, when being received. Imagine your "snail mail" mailbox being forced to handle 100 items at once, multiply that by the number of mailboxes your post office services, then you have an idea of what a small ISP goes through, daily. Another way it can clog servers is when the inevitable bounces occur. These bounces can either be legitimate from non-existent addresses or from users of various programs with this feature.
The problem is that purposefully bouncing does not work. Spammers forge the headers. The headers are like the return address, they detail the path a particular piece of email traveled to get to the end mailbox. Spammers forge headers so that the mail is difficult to trace to its real origination point, to cover their tracks.
Spam wastes time and resources of both end-users and admins, when they have to wade through the morass of junk to find wanted legitimate messages. Also, most often, it uses a significant portion of the users bandwidth in order to download it (or view it on the web)...definitely uses major chunks of bandwidth for ISPs and sys admins to deal with it for all the machines they service.
Spam is usually sent by Co-opting some email servers...many times these are known as open relays. Some ISP are complicit in the sending of spam (mostly Asian...Chinese to be more specific). Plus there is a new technique on the rise, where a spammer actually uses a trojan to infect unsuspecting recipients and then turn their machines into spam sending zombies.
Spam is very cheap compared to other forms of advertising. It takes a very small number of positive response to make a particular campaign a success. The number of major spam operations is fairly small (there are many small time operators who may last for a couple of runs, but the bulk of it is this core group of hard-core slime-balls). These people make quite a large amount of money peddling useless, disgusting and possibly illegal wares (some porn spam and most investment spam is blatantly illegal).
There are two things that the end-user should never do with spam...
1. Never, under any circumstances, buy a product or service that is advertised by means of spam. It doesn't matter if this particular product is something you really need. You are financing somewhere between 10,000 and 100,000 more useless messages.
2. Never use the un-subscribe link in a spam...if you did not sign up for an email item, do not un-subscribe from it by any link provided. Most often all that link does is confirm a valid address.
A couple other important things to consider...
1. Disable the ability of your email client to display html email. There are methods of confirming your address with it enabled.
2. Disable the ability for your email client to run scripts...there are more ways to confirm your address, and now there is even an exploit that allows the reading of forwarded emails by third parties (using a script to read anything appended to the message)
Spam is the common name for unsolicited commercial (bulk) email. It is the junk mail of the internet.
Other than the most obvious reason for being bad, that it is annoying, spam clogs email servers, wastes time (for end users and system administrators), in some cases is illegal, and very often consumes resources that the recipient of being used.
Spam can clog email servers either while being sent or, as in the case of the major "free" email providers, when being received. Imagine your "snail mail" mailbox being forced to handle 100 items at once, multiply that by the number of mailboxes your post office services, then you have an idea of what a small ISP goes through, daily. Another way it can clog servers is when the inevitable bounces occur. These bounces can either be legitimate from non-existent addresses or from users of various programs with this feature.
The problem is that purposefully bouncing does not work. Spammers forge the headers. The headers are like the return address, they detail the path a particular piece of email traveled to get to the end mailbox. Spammers forge headers so that the mail is difficult to trace to its real origination point, to cover their tracks.
Spam wastes time and resources of both end-users and admins, when they have to wade through the morass of junk to find wanted legitimate messages. Also, most often, it uses a significant portion of the users bandwidth in order to download it (or view it on the web)...definitely uses major chunks of bandwidth for ISPs and sys admins to deal with it for all the machines they service.
Spam is usually sent by Co-opting some email servers...many times these are known as open relays. Some ISP are complicit in the sending of spam (mostly Asian...Chinese to be more specific). Plus there is a new technique on the rise, where a spammer actually uses a trojan to infect unsuspecting recipients and then turn their machines into spam sending zombies.
Spam is very cheap compared to other forms of advertising. It takes a very small number of positive response to make a particular campaign a success. The number of major spam operations is fairly small (there are many small time operators who may last for a couple of runs, but the bulk of it is this core group of hard-core slime-balls). These people make quite a large amount of money peddling useless, disgusting and possibly illegal wares (some porn spam and most investment spam is blatantly illegal).
There are two things that the end-user should never do with spam...
1. Never, under any circumstances, buy a product or service that is advertised by means of spam. It doesn't matter if this particular product is something you really need. You are financing somewhere between 10,000 and 100,000 more useless messages.
2. Never use the un-subscribe link in a spam...if you did not sign up for an email item, do not un-subscribe from it by any link provided. Most often all that link does is confirm a valid address.
A couple other important things to consider...
1. Disable the ability of your email client to display html email. There are methods of confirming your address with it enabled.
2. Disable the ability for your email client to run scripts...there are more ways to confirm your address, and now there is even an exploit that allows the reading of forwarded emails by third parties (using a script to read anything appended to the message)