Frequently Asked Questions About Spam
- Why am I getting e-mail not addressed to me or email from myself?
- Where did the spammer get my e-mail address?
- Is there a security problem with my web browser?
- Is it possible to filter these messages?
- What can I do to stop this?
- How do I report spam that gets past my Postini filters?
Why am I getting e-mail not addressed to me?
The
From: header of an e-mail message is easily faked so that it is
usually not reliable in tracing its true source, but spammers often forge the
To: header of an e-mail message as well in an attempt to confuse the true
recipient of the message. The
To: header on messages
(the line that normally contains your e-mail
address, assuming it's a legitimate message) does not really determine where a message is
delivered. The recipient of the message is determined by a command sent
to the mail server telling it where to send the e-mail. These commands
are hidden from the recipient's view and do not show up anywhere in the e-mail
headers once the message is finally delivered. One of the methods used
to hide delivery commands is to use
Bcc: (Blind Carbon Copy).
Bcc: is useful when creating a mailing list because you can keep the
addresses of each of your recipients private
from the others. The sender sets the
To: header
to be anything he or she wishes, for example:
To: Mailing List
Recipients. By using the
Bcc:, the sender indicates privately
the actual e-mail addresses of the recipients. However, the
Bcc: feature is also
used for false purposes. In cases of spammers, using bogus
To:
and
From: headers to disguise their identities
enables them to send out spam to numerous recipients while protecting their
anonymity. In cases like these, only a thorough examination of the
message's full headers will reveal the source of the message, but even then,
it will only reveal the source network or Internet provider; it will not reveal the specific
identity of the spammer.
Where did the spammer get my e-mail address?
There is software that permits a bulk mailer to send messages to a large number
of recipients on a particular Internet provider (such as hal-pc.org), even if they do not know
any specific addresses. The software attempts to send a message to every
conceivable address on a particular domain
(starting with aaa, aab, aac, etc.), not caring about the number of
undeliverable messages that
will be generated from all the incorrect guesses. Spammers can then track which addresses came back as
undeliverable and remove those addresses from their lists. (This is why HALNet does not send bounce messages in response to invalid addresses.) These mailing lists are then sold to
other spammers. This is only one explanation why sometimes you see spam which appears to be targeted
at an alphabetical list of customers, or why you receive spam at an address which you may not have publicized.
You also may have inadvertently publicized your own e-mail address. Whenever
you buy something online or sign up to receive an e-mail catalog, your e-mail
address is required to complete the transaction. In this process there is
often a section asking if you wish to receive offers from the company in
question. Depending on the source to which you give your e-mail address,
the company may turn around and sell your e-mail address to other vendors.
Even giving your e-mail address to a reputable company may eventually result in
your e-mail address ending up in the hands of spammers simply because the next
vendor may not be as selective at the vendor before. In the effort to
avoid spam, it is best that you avoid giving permission for vendors to send you
special offers.
Is there a security problem with my web browser?
There have been some security issues identified in the two most popular web browsers,
Netscape Navigator and Internet Explorer. In one case, a problem with JavaScript was identified
as potentially allowing websites to capture a visitor's e-mail address without their knowledge.
Is it possible to filter these messages?
All HALNet accounts have the option of adding the Postini spam and virus filtering system. One great advantage of the Postini filters is that spam is stopped
before it reaches the HALNet mail server. Postini constantly updates its spam detection protocols to keep up with the latest 'tricks' used by spammers to bypass filters. For more detail on the Postini system, see the
Filter FAQ. You can add the Postini filter system to your account for a 30-day free trial by contacting the office at 713-993-3300. For only $2.00 a month after the free trial period, we're sure you'll appreciate the decrease in junk mail and viruses. If you decide you'd rather go it on your own, just contact the office within 30 days and we'll cancel the service.
Another option is to set up filters on your
local e-mail client. Outlook, Pegasus, Eudora and most other clients support
user-defined filtering rules. The advantage of a local filter is that
the decision is totally yours as to what constitutes spam and what to do with it. The disadvantage of local filters is that you are responsible for adjusting the filters to keep up with the 'advancements' in spamming techniques
What can I do to stop this?
As you may have noticed with much of the spam messages you receive, the
From:,
Reply-To: and
To: headers point to addresses that are obviously
fake. In many cases, trying to respond to the address in the
From: header results in your message being bounced back to
you as undeliverable. In other cases, you may discover that you are able to reply to
an unwanted message. In fact, the message may actually give you
removal instructions
or invite you to
reply to be removed from the spammer's mailing list. However,
replying to spam, or even following the sender's instructions for
removal, may actually
increase the amount of spam you get in the long run. By letting the spammer know
that you've received the message, even though you are expressing disapproval at receiving it,
you are confirming for them that your e-mail address is valid and that you read messages
sent to that address. Unfortunately, many spammers do track which addresses write
them back (regardless of the content of the reply) and use this information to update
their mailing lists. Some even then turn around and sell these lists
to other spammers. In short, avoid attempting to reply to or
contact the spammer by e-mail.
How do I report spam that gets past my Postini filters?
Spammers are constantly developing new tricks to slip through even the best of spam filters. If you are a HALNet Postini Filter System user and receive a spam message that has slipped through the filters, forward it, intact and without comment, to
[email protected]. You will be doing your part to help keep spam out of your own and your fellow users' mail boxes!
(Note: this only applies if you are a current Postini Spam Filter user)