How Spammers Verify Email Addresses_SpamAssassin: A practical guide to integration and configuration-QQ阅读男生轻小说网

上QQ阅读APP看书，第一时间看更新

How Spammers Verify Email Addresses

Spammers can verify email addresses in three ways: by receiving replies, providing an opt-out web link, and by using web bugs. Web bugs are small images that secretly track information about the spam recipient. The following section describes a web bug in detail. A recipient of spam may occasionally reply to a spammer's email. This is a futile gesture. Often, the spam email is sent from a fictional email address, and the reply will be returned, undelivered. Spam can also be sent from a real, but hijacked address. Hijacking occurs when the spammer chooses a bona-fide email address to use in the mail headers of his or her spam, either the From: header or the Reply-To: header. The unfortunate victim will receive thousands of bounced messages from undelivered emails, as well as the occasional irate reply.

Note

One golden rule about spam is never to reply and never to click an opt-out link.

Email is occasionally sent from an account set up by the spammer. If a reply is sent, the spammer will not remove the user from their list, they will simply have confirmed that they have reached a valid and active email address, which only increases the chances of receiving spam.

Opt-out links are another way of verifying that an email address is valid. When the user clicks on an opt-out link, instead of their email address being removed from a database, it is more likely that it will instead be added to a list of email addresses that are known to be active and used in future spam campaigns.

Web Bugs

Web bugs are tiny, unnoticeable images present in an HTML email. They track information and can be used to identify the recipient of an email; they can also determine the time at which the email was read. The geographical location of the reader can also be determined to some extent.

The web bugs are stored on a web server under the control of the spammer. Each email will have a different web bug contained within it. When the web server is asked to retrieve a particular web bug, the spammer will be able to trace the email address that is associated with that web bug. This is another way of confirming email addresses. Web bugs are used in HTML emails, and the best defense against them is to use an email client that does not display HTML, or to disable HTML in the email client in use.