Hunter and Associates
<HOME> <Pricing> <Contact> <About> <Web Services> <Capabilities> <Market Snapshots> <Articles>

ARTICLES

HOME > ARTICLES > Spam Protection Guide - 02

Spam Protection Guide - 02

01-SOLUTION / PROBLEM
02-HOW EMAIL WORKS
03-EMAIL HEADERS
04-KEEP IT ON THE SERVER
05-TEXT EMAIL
06-INVISIBLE TO SPAMMERS
07-SOFTWARE AND RESOURCES

EMAIL - How Email Works

Email is not really that complicated, there are only a few things to know about it. The first thing to know is that email being sent to you lands first on your service provider (ISP) or hosting company's mail server out in cyberspace. You choose to download it to your computer, usually when you "check email". It doesn't come to your computer until you choose.

Email travels most commonly by using the Simple Mail Transfer Protocol. This is indeed a very simple protocol, developed back in the 1980s, and contains no provision for authentication since the goal was interoperability between everyone. This is the SMTP line that you are asked to fill in when you set up your email information in an email program, and you're essentially telling the program where to go for the smtp "sending engine" to push your outgoing email to its address across the Internet.

The address your email is going to is the POP, which is the other field that you usually fill in in your email program, and POP stands for Point Of Presence - it's a unique domain name (IP address), such as example.com, and your little piece of it is the user@ part of the address.

So when you send email, your program goes to your smtp provider (perhaps "mail.provider.com") and the small piece of smtp code waiting there packages your email for travel through the Net, and sends it to your recipient's POP (perhaps "user@example.com").

You don't need to know this to secure your email from exploitation, but in three paragraphs you've learned how email works, and it's that simple. You always need to have this information to set up your email account in your email program, now you know why.

And now that you know about SMTP, you can appreciate one of the things that made the Sobig.F virus such a massive attack in August - it didn't even need to use your email program to send itself out, it came with its own, very efficient SMTP code written into it, so all it needed was your open Internet connection and it was free to use your computer to send out all the emails it wanted, harvested from your computer. It made a million copies of itself within the first few hours of its operation. By the way, we were not affected by the virus, and you don't need to be either.

Email spammers - the people who send you all the junk email - have in recent years become more closely allied with hacker techniques and perpetrators. Spammers have hijacked other people's mail servers simply by finding open ports, or by using your email form on your website if it was unprotected (and most were), and they've done this quite deliberately as a way both to eliminate bandwidth costs, and also to provide a cutout in the backtracking trail.

There's increasing evidence of spammers writing viruses purely to send spam. And hackers are using spam techniques to propagate and camouflage their viruses. Some experts believe Sobig.E is a spammers' virus designed to harvest legitimate email addresses from users' computers.

previous back to start next


HOME > ARTICLES > Spam Protection Guide - 02