Microsoft and Spam mail...
Discussion
This is just a publicity stunt.
Microsoft could have killed the majority of Spam when it was first seen as a problem.
The Spammers goal is to find real mail addresses. When you open or preview a spam message Microsoft Outlook sends a notification to the originator that the message has found a valid e-mail. This notification contains your e-mail, IP address and time.
By default Outlook Express has a preview plane.
Why did they not put a filter into Outlook that either stops or asks the user if they wish to have their details disclosed.
Please note that other mail clients, even some Linux ones do the same.
Look here for more details:
http://spamlinks.port5.com/spamlinks.htm
>> Edited by marlboro on Sunday 25th January 00:50
Microsoft could have killed the majority of Spam when it was first seen as a problem.
The Spammers goal is to find real mail addresses. When you open or preview a spam message Microsoft Outlook sends a notification to the originator that the message has found a valid e-mail. This notification contains your e-mail, IP address and time.
By default Outlook Express has a preview plane.
Why did they not put a filter into Outlook that either stops or asks the user if they wish to have their details disclosed.
Please note that other mail clients, even some Linux ones do the same.
Look here for more details:
http://spamlinks.port5.com/spamlinks.htm
>> Edited by marlboro on Sunday 25th January 00:50
The user agent goes back with every html-mail viewed, when links to images or scripts are embedded.
The spammer can see your IP address and your platform name, but I don't know, how an email address is verified by that.
In my humble knowledge I can imagine, that a way to verify an email address would be to allocate a unique link to the email address, and hope it to be clicked.
The mail-clients I know, Mozilla/Netscape www.mozilla.org and KMail www.kde.org offer either translating html mails to ASCII, switching off JavaScript, or forbidding external contents to be loaded.
I wonder that Outlook doesn't do so?
The spammer can see your IP address and your platform name, but I don't know, how an email address is verified by that.
In my humble knowledge I can imagine, that a way to verify an email address would be to allocate a unique link to the email address, and hope it to be clicked.
The mail-clients I know, Mozilla/Netscape www.mozilla.org and KMail www.kde.org offer either translating html mails to ASCII, switching off JavaScript, or forbidding external contents to be loaded.
I wonder that Outlook doesn't do so?
quoting Billy BBC said:He doesn't know how right he is
And anyway, in a decade from now, "we will laugh at personal computing as we know it".
Bodo said:
The user agent goes back with every html-mail viewed, when links to images or scripts are embedded.
The spammer can see your IP address and your platform name, but I don't know, how an email address is verified by that.
In my humble knowledge I can imagine, that a way to verify an email address would be to allocate a unique link to the email address, and hope it to be clicked.
OK, lets imagine I'ma spammer. I send you a HTML mail, and in the bottom of the mail I put this line:
<img src=http://myserver.com/cgi-bin/confirm.cgi?email=youremail@blah.com?verify=true height=1 width=1>
now, my cgi will output a gif/jpg/png to the browser, which it will display happily, as it is a <img> tag, but while spitting out a picture binary for display, it also connects to my database server and logs that your e-mail is working. no need for receipts which might or might not work/get sent/get blocked.
now, coz my script spat out a 1x1 see through gif, and the image tag forces it to be 1x1 you won't see it either......
Hope this helps, if not, ask and I'll try again.....
If you're using older outlook versions and are worried about html e-mail messages fetching "images" that confirm your address, get ZoneAlarm Pro (you'll have to pay for it). (Outlook 2003 is good too...)
ZA Pro allows you to specify precisely what software on your computer can do to the internet. E.g. you can say "Outlook can do POP3 or IMAP or SMTP to the Internet, but NOT http".
Good piece of kit for stopping spyware and worms in their tracks too.
ZA Pro allows you to specify precisely what software on your computer can do to the internet. E.g. you can say "Outlook can do POP3 or IMAP or SMTP to the Internet, but NOT http".
Good piece of kit for stopping spyware and worms in their tracks too.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff