Mail-Spamming - misuse of the internet?
Table of contents
This article combines information of different internet sources. Find further information to the topic mail spamming:
What is mail spamming and what can we do against it?
The term spamming stands for mass sending of e-mails of different senders. Spam mails are undesired mails with 'shady' content and often dubious offers. Another term for this is 'UCE' (unsolicited commercial e-mail) or junk mail.
These mails often contain advertising of private or commercial providers or unordered offerings or information and pollute the own mail box.
The dispatch of spam mails doesn't happen directly, but often via SMTP relays (arbitrary server). In this process sender information is frequently faked (address and host), so it is not possible to trace the real sender.
Most sender adresses are not answerable, even when a domain exists, which makes it even harder to find the real sender. In this example:
"From: kie28@prodigy.com"
"prodigy.com" is a valid domain, but the user 'kie28' doesn't exist.
The complete inhibition of spam mails is really hard to realise. A precondition for a proper protection is that usage of a relay host is not possible. Some anti spam concepts are listed below:
- Sender filtering is hard to realise, because sender information change frequently and many different sender are abused (in the beginning of 1998 'aol.com' was a frequently used sender).
- It would be possible to test the addresser on a central place and refuse not answerable mails. But the german law doesn't agree with that. The main argument is that traditional letter post also delivers letters without or wrong addresser.
- Blocking of special hosts as adresser of mails is often used. From my point of view that is controversal, because also reasonable e-mails are blocked, too. One example is "http://rbls.org/ "
- Installation of a high performance mail server which provides anti spam rules (e.g. Send-Mail V8 ) as a protection against relaying.
- Disabling of mail access from outside and mail request via a secure mail relay as a protection against relaying (used at TU Dresden).
- Apply filter rules to the header lines of the e-mail.
Find further examples for filter and/or anti spam programs on user and provider level here spam-blocking possibilities.
Why is spamming evil?
Besides polluting the inbox, spam is also stressing the server and web traffic. According to provider statistics, spam mails occupy about 20-30% of the available bandwidth.
The increasing number of these mails lead to longer editing times (usually deleting). Using filter ules can cause blocking of valid e-mails, too.
These and several other reasons caused the development of many effective provisions against spamming in the internet.
How to find addressees for ad-mails?
Addressees for advertising e-mails are found in many different ways. Besides address trading, addressees are found by 'brute force attacks' (generating letter combinations and trying every possible address) or from address archives. Furthermore so called web bots scan web sites automatically for address information.
Example for address trading. A quote from an ad-mail:
"Subject: Email 57 Million People for $99
57 MILLION EMAIL ADDRESSES FOR ONLY $99
That's right, I have 57 Million Fresh email addresses that I will sell for only $99. ..."
Example for address archive:
The server "www.dejanews.com" archives global news articles and thus the e-mails adresses of their authors.
Using special search algorithms addressees are found this way.
What is the legal situation?
Within the german science net, spreading of advertising mails (mail spamming) is a net abuse. This is written in the user agreement "Benutzungsordnung für das Zusammenwirken der Anwender der DFN-Kommunikationsdienste" and decided by the directorate on the 16th of May in 1994 and also fixed in the guideline for security in computer networks (of TU Dresden).
In the german law, a terminal rule regarding spam mails is not fixed yet. An effort is being made to implement general and thus legally hard applicable rules, for instance on the provider level.
There are also no overall international rules to inhibit spam mails. Several states already have spamming laws, e.g. USA.
Example message in the USA after spamming:
"By US Code Title 47, Sec.227(a)(2)(B), a computer/modem/printer meets the definition
of a telephone fax machine. By Sec.227(b) (1)(C), it is unlawful to send any unsolicited
advertisement to such equipment, punishable by action to recover actual monetary loss, or
$500, whichever is greater, for EACH violation."
Things to keep in mind while using the internet
Within the german science net spam mails are prohibited. If nonetheless someone spreads ad-mails, she or he has to face the consequences.
To avoid your own address to be added in a spamming list, keep the following five points in mind.
- Don't spread your e-mail address recklessly in the internet and don't give it away to arbitrary web sites for free offers or something.
- If you receive ad-mails, NEVER send a reply to the addresser! This would confirm your address to the addresser and would probably cause increase the spam activity. Therefore send your complaints to the postmaster of the addresser's provider and also inform the postmaster of TU Dresden. In this context, always send the e-mail header information, too, so it is possible to retrace the way the spam mail took.
- As we saw in a previous example, news systems are a popular place to acquire e-mail addresses. Who works in such a system should not be surprised to get victim of spam mails. It is better to send answers to the article to the author himself and be careful with own postings!
- As an admin of a mail server, you want to protect it against usage as a relay. Two ways to do that are mentioned above.
- In order to prevent web bots to automatically collect e-mail addresses it is recommended to not write addresses in plain text. For instance, don't use a 'mailto:' before the address, so it is harder for bots to detect.