Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications

    How Did Spammers Get My Address?

    By
    eWEEK EDITORS
    -
    August 28, 2003
    Share
    Facebook
    Twitter
    Linkedin

      Everyone but the newbie knows the things to do and not to do in order to keep our e-mail addresses out of the hands of spammers: Dont post an address on the Web or (even worse) Usenet. For those wanting a sophisticated approach, use a disposable forwarding e-mail address. And finally (and most ironically), dont ever unsubscribe from a spam list.

      Despite these practices, spammers still might get your address. How you might ask?

      One of the main techniques used by sophisticated spammers is called the directory harvest attack (DHA). The algorithm is fairly simple: take a domain, spam-victims.com for example, and send out large numbers of e-mails to a variety of common names at that address (john@spam-victims.com, mary@spam-victims.com, john1@spam-victims.com, and so on). The bigger the target, the more likely that a random name will actually be an address.

      If a particular address in the attack is a real address then nothing will happen (or even better for the spammer, the user will respond). If the address is not a real one, by default most mail servers send a “bounce” message declaring that there is no user with that name in this domain. The spammer gets a clean list of addresses that they can spam or sell.

      Of course, there are some fine points on the technique. For example, they can search a company Web site for a few addresses in order to learn the naming scheme (john_smith or jsmith, etc.). But its all very straightforward.

      Now, youd think this would be easy to stop: configure the mail server not to send out bounce messages. But theres a price network admins would pay for this action and its not a small one. If a ordinary user, a non-spammer, makes a mistake in an e-mail address when sending a message to the domain, the message wont get through and the sender wouldnt receive an error message. This could be a serious problem—what if its a customer? They might assume that the message had gone through.

      All isnt roses for the spammers, however. One problem, or solution depending on your point of view, is that some mail servers (including some versions of Exchange) put bounce messages in a deferral queue, and the DHA attacker may not receive it for some time. In the meantime, the spammer may assume that the address is legitimate, even though he or she just havent yet received the bounce. The end result will be an address list that is less accurate than the spammer thinks. Boo-hoo.

      Postini, an e-mail security vendor, claims that its heuristics-based anti-spam protection can detect the behavioral characteristics of a DHA. The software will then send an alert, giving the administrator the option to place a complete IP block on the address performing the attack. In combination with a deferral queue Postini could allow an administrator to provide for bounces, but still have time to stop them in event of a DHA.

      Still, this is a less-than-satisfactory solution. Instead, it should be completely automated, which would let administrators avoid having to spend time on such a stupid thing.

      Sometimes it seems as if theres more problem than solution in computer security news, and this definitely seems to be the case with respect to spam. A directory harvest attack may even be legal. Even though it simply relies on the way SMTP mail is supposed to behave when functioning properly, DHA offers a perfect example of the dysfunctional aspects of the Internet.

      Security Supersite Editor Larry Seltzer has worked in and written about the computer industry since 1983.

      More from Larry Seltzer

      eWEEK EDITORS
      eWeek editors publish top thought leaders and leading experts in emerging technology across a wide variety of Enterprise B2B sectors. Our focus is providing actionable information for today’s technology decision makers.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×