HOME
TOPICS
ABOUT ME
MAIL

 
A letter I received made me realize I had been ignoring a big problem.
  technofile
Al Fasoldt's reviews and commentaries, continuously available online since 1983

How spammers get your name


June 26, 2002


By Al Fasoldt
Copyright © 2002, Al Fasoldt
Copyright © 2002, The Post-Standard

   If you start getting junk e-mail from porno sites, does that mean someone in your household has been sneaking off to visit X-rated Web sites when you weren't looking? The answer might surprise you.
   Spammers get their lists of intended victims many ways. As you already suspect, one way is via the guilt-ridden highway. Somebody goes to a so-called "adult" Web site and leaves an e-mail address, intentionally or accidentally, and the spam operators who run the site (or who work under contract with the site's owners) then have a valid e-mail address that they can use themselves or sell to others.
   But that's actually not the way spammers get most of their e-mail addresses. I've been planning to report on ways you can deal with spam for many weeks, but last week I knew I had to examine another side of the junk-mail scandal first. A letter I received made me realize I had been ignoring a big problem.
   The letter is from someone I'll call Edwardo. That's not his real name.
   "About once a month or so, an e-mail from a porno site will come in to our in box," the letter said. "This stuff is never directly addressed to anyone in particular but rather carries some obscure address."
   The letter continued:
   "My wife's e-mail address is the default address. She is convinced that this e-mail is targeted at me because if you hit "reply," MY e-mail address shows up in the box -- not hers, which is the default. I don't visit these sites. But the fact that my address shows up in the "From:" line has made my wife suspicious. In her eyes, this makes me guilty of "obviously visiting porno sites," which I don't do. Why is this? Please shed some light on this as I am at a loss and this is causing major problems."
   We need to understand two separate things here. The first is how e-mail programs handle return addresses. The second is how spammers choose their victims.
   Edwardo and his wife have separate e-mail accounts, presumably using the same e-mail software. (My wife, Nancy, and I did that for years. In such setups, two people use the same ISP but have different e-mail addresses; this helps keep mail from getting tangled up.)
   Edwardo's mail software puts a return address on every letter he sends out. The return address is under HIS control, unless his Windows PC is under the control or a virus or worm. (This can happen easily to most Windows computers, but we don't need to add that complication to this explanation.)
   So when Edwardo writes a letter in reply to something he receives, the return address will be his address. Nothing new about that, and no cause for alarm from Edwardo's wife. There's nothing sinister there.
   What about the way spammers pick up addresses of victims? They get most of them by sweeping Web pages, newsgroup postings and online find-your-buddy e-mail lists for all possible e-mail addresses. They use software that does this automatically.
   As I've pointed out many times, spammers also corral your e-mail address any time you write to a spam site trying to get your name off a list. They don't do that. They put your name on a confirmed list of suckers instead.
   Since Edwardo is savvy enough to avoid that kind of trap, I'm guessing that all the porno spam he and his wife get some from the standard way spammers pick up e-mail addresses.
   The real question, of course, is how we can stop what to me is clearly immoral and unethical misuse of Internet mail. I'll tell you what I think in another column.