Fighting Spam Part V
So how do spammers get your email address even if you don’t respond to their email? They use a simple trick – and your email reader may help them do it.
First I want to draw a line between two types of spam. One type tries to get you to respond in order to create a list of known good addresses. The other type doesn’t care if the addresses on their list are good are bad. They just want some of the people who receive their email to purchase a product.
Consider a spam email coming to you. The spammer has used a dictionary attack and wants to know if the email has been delivered to a valid address or not. The spammer can include some code that retrieves a graphic file from the web. At the end of this bit of code they put your email address. Your email reader retrieves that graphic and a line is added to the log file at the website that houses the graphic. In this case the line in the log file includes your email address. Let’s use an example. Assume our graphic file is called 1.gif and further assume that your email address is firstname.lastname@example.org. The code that retrieves the graphic will look similar to this:
It’s actually a little more complex than that but you get the idea. A simple program can then extract the email addresses from the log file. The spammer then sells the list of addresses to other spammers as “known good addresses”. Be sure to read the first article in this series to learn about log files and what they tell people about you and your Internet browsing. You’ll find a link to the other articles here:
It’s not just spammers who use techniques like this. Legitimate emails will be coded the same way. I receive emails from Levenger as I’m interested in pens and paper. In their case they appear to be coding their offers to see which ones people respond to. A worthy pursuit in my opinion and one that I advocated to companies I consult with. Properly done it can save a them money. Hopefully some of the savings will be passed on to their customers. The trouble with the emails Levenger sends me? Their whole message is graphics with codes back to the website.
The email readers I use, Pegasus and Pine, do not retrieve graphics from the web. So when Levenger sends me an email it shows up as a blank page. I’ve written them about it in the past but received no response. You can see a picture of what an email from them looks like to me here:
Some email readers – Outlook, Outlook Express, and Netscape for instance automatically retrieve graphics from the web. So even if you don’t open the email but just let it show up in “Preview” mode – the codes will be sent. Eudora can work either way depending on whether you use the “Microsoft viewer” or not. It’s one of the options. You should find similar options in any decent mail reader out there these days. I choose to use Pegasus and Pine for my email because I like the price – free. And I prefer programs that have my best interests in mind – as opposed to programs that expose me until I tell them otherwise.