OT: _spam_ (Fred N. van Kempen)

From: Brian Chase <vaxzilla_at_jarai.org>
Date: Tue Dec 3 15:00:00 2002

On Tue, 3 Dec 2002, Jeffrey Sharp wrote:
> On Tuesday, December 3, 2002, John Allain wrote:

> > It IS true that www cgi's (and prob. asp's) can get your eMail from a page
> > hit, so changing that in your browser is probably an important first step.
>
> However, some browsers (e.g. IE) don't ask you for an email address.
> Therefore I think it is unlikely that they can transmit that information.
>
> And, really, why does a WWW browser need to know that in the first place?

Many web browsers include e-mail clients which use the information for
the sender address. My preference is to use never use browsers that do
more than browse, or at least to enter bogus information for mail
address.

Now... if you're using IE, I'd not be surprised if it already has access
to your e-mail details from Outlook. Given how trivial it is for virus
writers to exploit the security weaknesses in both IE and in Outlook--in
particular to pillage the Outlook addressbook for the purpose of
self-propogation--it would be just as easy for clever spammers to use
those same weaknesses to harvest e-mail addresses.

What's depressing is that you don't even have to run Outlook to be a
victim; you only need to know someone who has your address in their
Outlook addressbook.

Spam doesn't bother me too much, as I've the righteous tools of Unix,
pine, procmail, and access to a variety of freely available Bayesian
inspired spam filtering tools on my side. :-)

-brian.
Received on Tue Dec 03 2002 - 15:00:00 GMT