Unsure how to proceed with odd emails I'm receiving. Report or Not?

[rconner]

A lot of people have a lot of investment in SMTP, so it would be difficult to get them all to change. This includes the ISPs with their mail hosts, but also you with your mail client. Not that things couldn't (or shouldn't) change, there's just a lot of inertia with these things. This is the same reason, by the way, why the people sitting in back of the airplane generally have more and better communications tools than the people in funny suits sitting forward of the locked steel door. It's also why IP came in and stole the show while the bureaucratic proponents of OSI were in the conference room arguing about minutiae (and why we are using SMTP over TCP and not X.400 over OSI).

SPF and DKIM were two pretty notable advances, with potential to make life hard for spammers, but we see that few providers have as yet taken these to their bosoms despite the relative ease and low cost of implementation; how much more trouble would we have deploying "E-mail 2.0?"

IM and SMS have their adherents, but they don't seem to include many people born before Elvis died; likewise the new and highly-buzzed phenomenon of Twitter. Possibly some technology of this sort will come forward to take some of the load off of SMTP, but as these are evolving in the same patchwork fashion as SMTP did, we can expect many spammy or abusive exploits to get in at the nooks and crannies.

A lot of the reasons why spam has exploded have more to do with (surprise!) human complacency and corruption than with technology. No new protocol or RFC or standard is going to fix these problems.

• Corrupt domain registrars see fit to sell thousands of domain names to obvious spammers, and then collude with these spammers to forge or obscure the registrant data for these domains. When ICANN makes one of its infrequent awakenings from hibernation to call them on it, some of these outfits simply lie about having taken corrective action.
  
• Software publishers persist in offering new-and-kewl ways for people to do things with their computers, only to find that these have been insufficiently tested for vulnerability to subversion by spammers or crooks.
  
• Internet providers allow all manner of abusive or illegal traffic in and out of their domains without taking the simplest measure to block it (I speak here of botnet activity, which can be curtailed through judicious port blocking).
  

It almost kinda hurts me to say this, but I must take a cue from the gun lobby and insist that what's needed aren't new laws, but more enforcement of the ones we already have.

-- rick

[Farelf]

...By the way I'm totally calling that the chick in the pic is actually a guy. I swear I can almost make out an adam's apple. Anyways, like I said before, I believe this is the first unsolicited spam I've received on this specific address. It just doesn't make sense....

You're spending too much time looking at that picture Seriously, you are taking care when viewing these things? From what can be seen they look harmless/useless but SC truncates at 50k, the further content is not visible to us. I always view my received spam as 'page source' and copy and paste in-line graphics code content, as mentioned, to Toasted spam to reveal those parts, in preference to opening or even previewing 'live' spam. There are such things as web bugs (maybe worse, who knows?) and some reactionaries still use them.

[Miss Betsy]

Actually, the spam can be 'bounced back' to the original sender if it is returned at the server (looking at the postmark) to the IP address it came from. If it is rejected at the server level and returned to the sending computer, if the sending computer is a mail server, then it composes a rejection message to the actual sender.

This is what happens to those people who come here and have a 'rejection' message that says their email has been rejected as spam.

The problem is that if it is a black hat mail server, it simply drops (does not do anything) with that kind of message. (they don't accept spamcop reports either) In your case, the incoming spam is coming from a botnet where none of the computers are mail servers - they can't handle incoming mail so again the message disappears.

The spamcop report goes to the abuse desk of the IP address the spam came from. A very few ISPs will contact the owner of a compromised computer and stop their internet access until they get their computer cleaned. Many don't care and don't want to go through the hassle of explaining to a customer why they shouldn't have internet connectivity. The reason they don't care is because their email is secure from spam and is not on any blocklists.

One reason why email protocols don't change is because, like TV, you have millions of people who are set up to use it the way it is now done. How many years were the new TVs sold before the change to HD happened? And that was just in the US. The same kind of campaign would have to happen internationally.

Blocking at the server level (instead of accepting all email and filtering) would stop a lot of spam. I get almost no spam on a hotmail account that has the junk mail filter turned off though I used to get lots of spam. Of course, if it happens to be a legitimate mail server sending the spam, I don't get legitimate email either. Receiving ISPs do not use blocking because they don't want to have to explain to their irate customers why Aunt Minnie's email is being blocked because of spam.

I bet if you forwarded your email from this account to a hotmail account (or even a yahoo account), you would soon not see any of these spam - if any of them made it in the first place.

Miss Betsy