Jump to content
Sign in to follow this  
cakeman

Spammer "Address Verification" Schemes..

Recommended Posts

Hi all, Id appreciate any input people have on this..

The IT manager in our small company came into his role when the last guy moved on as he was the only guy not to run screaming when a windows error box popped up.

He's now got our spam filter cranked up to "hyper paranoid" and its causing issues with suppliers, customers etc.. as they try and get through to us through email.

He's convinced that simply by opening an email in Outlook (various clients = 2000, 2003 and 2007 in an Exchange environment) it's phoning home and letting the spammers know the email address is valid.

I know this statement would be true if there is a linked image in the email, even if its a single pixel big (and outlook wasnt set to disable these active images), but am skeptical that if an email, even if its HTML format, has the capability to have "hidden" links or other call-home tie-ins to notify the Spammer if the user so much as opens the email itself.

Im more than willing to admit Im wrong.. but, of course, dont think I am ;)

What address verification techniques are being used?

thanks.

Share this post


Link to post
Share on other sites
<snip>

The IT manager in our small company came into his role when the last guy moved on as he was the only guy not to run screaming when a windows error box popped up.

<snip>

He's convinced that simply by opening an email in Outlook (various clients = 2000, 2003 and 2007 in an Exchange environment) it's phoning home and letting the spammers know the email address is valid.

I know this statement would be true if there is a linked image in the email, even if its a single pixel big (and outlook wasnt set to disable these active images), but am skeptical that if an email, even if its HTML format, has the capability to have "hidden" links or other call-home tie-ins to notify the Spammer if the user so much as opens the email itself.

Im more than willing to admit Im wrong.. but, of course, dont think I am ;)

What address verification techniques are being used?

...Perhaps he's thinking of the "Read receipt requested" feature of MS Exchange and other e-mail applications. If I'm not mistaken, this can be turned off globally (at the MS Exchange Server level) and there is definitely an option to turn it off at the MS Outlook client level (but I'm not sure turning off the option at the client level always works).

Share this post


Link to post
Share on other sites
...Perhaps he's thinking of the "Read receipt requested" feature of MS Exchange and other e-mail applications. ...
IMO read receipts have fairly much been rehabilitated in the business community. Tempting fate I know, but I have yet to receive an actual spam item requesting a read receipt (though they were common once, I have heard, in the days when spam were hand-crafted and sent using standard mail applications). I have responded/acceded to thousands of receipt requests in real mail. I even use them myself, sometimes. Even to US addresses.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×