Graham Davies Posted July 20, 2004 Share Posted July 20, 2004 My business has had to take the unprecedented step of temporarily blocking all emails addressed to our business email address, as from 20 July 2004. This is because our publicised email address appears to have been hijacked by purveyors of spam. We have suffered from the effects of viruses and spam for several years but, thanks to the efficient email filtering system that we use, these intrusions have been no more than an annoyance. On 15 July, however, we suddenly began to receive hundreds of bounced "undeliverable mail" messages per day. It is not entirely clear why this has happened, but our ISP's explanation is that our business email address is being spoofed as the sender's address by a number of different spam companies and now we are the recipients of their bounced emails. We do not anticipate a loss in sales as a result of this measure as virtually all our genuine customers – mainly schools and colleges - contact us by telephone, fax or letter. Is this the predicted "death of email"? http://www.pcmag.com/article2/0,1759,1599324,00.asp Link to comment Share on other sites More sharing options...
David Richardson Posted July 20, 2004 Share Posted July 20, 2004 There's a Director-General of a Swedish government agency who refuses to contact other people or be contacted except by fax and snail mail: no telephone, no cellphone, no e-mail, in other words. Her reasoning is that people don't think through what they want to say unless they write it down - and she doesn't want them wasting her time. She also wants a paper trail she can refer to later. In the interview with her I heard on the radio she said "I've heard so many dumb decisions being made on cellphones at Brussels Airport." Link to comment Share on other sites More sharing options...
Graham Davies Posted July 20, 2004 Author Share Posted July 20, 2004 David writes: There's a Director-General of a Swedish government agency who refuses to contact other people or be contacted except by fax and snail mail... I'm beginning to think that she has a point. Now that it's the summer holiday season I am getting increasingly irritated by out-of-office replies to emails, including those that are sent to discussion lists. I just bounce and zap them all, blacklisting the sender for 30 days. People who send out-of-office replies don't seem to have their brains in gear. Firstly, if you send an out-of-office reply, especially if you include dates, you are advertising the fact that you may be on holiday and that your house may be empty. There has been an increase in the number of incidents where organised criminals fire off hundreds of emails to people on email lists that they have bought and wait for the out-of-office replies to come in. If the reply is from an institutional address, e.g. port.ac.uk, you can assume that the person probably lives somewhere near the university at which he/she works, i.e. Portsmouth, Hampshire, and then all you have to do is find their name in the BT online phone book and then you have their address! Far-fetched? No, trawl the Web and you'll warnings everywhere, e.g. http://news.bbc.co.uk/1/hi/technology/2540307.stm http://www.nthsomnw.org.uk/article.php3?id_article=113 Secondly. why should you put yourself under stress? People who receive out-of-office replies from you will then badger you when you return home. In the good old days of snail mail the mail just piled up while you were away and then you dealt with it according to its urgency when you came back. No, keep 'em guessing and let the buggers wait! Link to comment Share on other sites More sharing options...
Derek McMillan Posted July 20, 2004 Share Posted July 20, 2004 SPAM seems to go in waves (which is an image which makes me slightly queasy!) As new methods of stopping SPAM come online, the SPAMmers develop new ways round them. As so many institutions are so dependent on email that it is likely they will keep one step ahead of the SPAMmers for some time to come. The more egregious probs with email seem to come from Micro**** products and their famous security holes and it is easy enough to avoid them. Link to comment Share on other sites More sharing options...
Graham Davies Posted July 20, 2004 Author Share Posted July 20, 2004 Derek writes: As so many institutions are so dependent on email that it is likely they will keep one step ahead of the SPAMmers for some time to come. I'm not so sure. I was optimistic when the new anti-spam legislation was introduced in the EU and in the USA in late 2003 and early 2004. Sceptics prophesised, however, that it left businesses vulnerable. The sceptics have been proved right, at least as far as my business is concerned. At the turn of 2003/2004 spam accounted for 70% of incoming mail to our business. This week it reached a whopping 86%. We've lost the battle! Actually, because we deal mainly with schools and colleges, we don't depend on email. 99% of schools and colleges place orders with us by fax or snail mail. This is because most LEAs insist on an official order form being completed and signed by the relevant budget holder - which makes sense. Derek writes: The more egregious probs with email seem to come from Micro**** products and their famous security holes and it is easy enough to avoid them. You're so right! I refuse to use Outlook (a.k.a Look Out!). I use Eudora for business emails and CompuServe Classic for my private emails. Link to comment Share on other sites More sharing options...
John Simkin Posted July 20, 2004 Share Posted July 20, 2004 My business has had to take the unprecedented step of temporarily blocking all emails addressed to our business email address, as from 20 July 2004. This is because our publicised email address appears to have been hijacked by purveyors of spam. We have suffered from the effects of viruses and spam for several years but, thanks to the efficient email filtering system that we use, these intrusions have been no more than an annoyance. On 15 July, however, we suddenly began to receive hundreds of bounced "undeliverable mail" messages per day. It is not entirely clear why this has happened, but our ISP's explanation is that our business email address is being spoofed as the sender's address by a number of different spam companies and now we are the recipients of their bounced emails. The same thing has happened to me and I have had to abandon my business email address. As business emails have been advertised on websites, they are easy to collect, put on CD-ROMs and sold to spammers. The result is that most businesses are having to abandon email address and it is becomingly increasingly difficult to communicate with them via the web. I would not go as far as to say this heralds the death of email. However, it does mean that a clear message should be communicated to the powers that be to sort the problem out. I recently read that spammers from all over Europe are moving to the UK. The reason. So far there has been no spammers prosecuted in the UK. Even if they do this, the fines are so low, they can afford to pay them. One of the problems of having a government that is completely illiterate about e-commerce. Link to comment Share on other sites More sharing options...
Andrew Field Posted July 20, 2004 Share Posted July 20, 2004 There are alternatives though - a slightly more developed use of e-mail or online support tickets that raise and respond to issues rather like the way this forum works. Sounds a bit strange, but if you have a contact form on your website this negates the need to publish your e-mail address and still allows people to contact you. I thoroughly agree though it is an issue of immense concern. At home I have about four layers of anti-spam going - via the server, the ISP, an Anti-Spam plugin for my e-mail software and the e-mail software itself. Still it isn't all collected. I would hope in the future we could have some sort of secure link to use as e-mail - one party has a padlock the other a key. Without both being secured and passed as genuine no e-mail is sent. Link to comment Share on other sites More sharing options...
Graham Davies Posted July 20, 2004 Author Share Posted July 20, 2004 Andrew writes: Sounds a bit strange, but if you have a contact form on your website this negates the need to publish your e-mail address and still allows people to contact you. It certainly helps to have a contact form on your website, but buried beneath that contact form in the HTML code is your email address. A colleague of mine pointed out in another forum to which I subscribe that the robot software used by spammers can certainly detect email addresses that are hidden in this way - and I have personal evidence to substantiate this. It has been suggested that removing the <mailto> link at the front of your email address helps, but I experimented with this by posting a new email address at my business website without the <mailto> link. The first spammer found it within 24 hours! I then killed the address. However, I am not talking about receiving spam, which is bad enough. I am talking about spammers spoofing my address so that the spam that they send out gets bounced back to me and identifies me as the spammer. This is a much more serious problem. Link to comment Share on other sites More sharing options...
Andrew Field Posted July 21, 2004 Share Posted July 21, 2004 It certainly helps to have a contact form on your website, but buried beneath that contact form in the HTML code is your email address. A colleague of mine pointed out in another forum to which I subscribe that the robot software used by spammers can certainly detect email addresses that are hidden in this way - and I have personal evidence to substantiate this. It has been suggested that removing the <mailto> link at the front of your email address helps, but I experimented with this by posting a new email address at my business website without the <mailto> link. The first spammer found it within 24 hours! I then killed the address. <{POST_SNAPBACK}> Not specifically useful to your issue - and I do understand about the spoofing issue, that's where I get most of my 'mail' - but you don't have to include an e-mail address in a feedback form. If you use a sever-side processing script this can contain the e-mail address, without making it publicly available to the spammers. See my feedback page for an example - http://www.schoolhistory.co.uk/feedback.shtml. Rather than have an e-mail address, it has a post action that refers to </cgi-bin/securemail.pl">. This is the sort of thing I was suggesting. You can also hide your e-mail address with a bit of javascript - http://blazonry.com/javascript/js_hiding.php Link to comment Share on other sites More sharing options...
Graham Davies Posted July 21, 2004 Author Share Posted July 21, 2004 Andrew writes: See my feedback page for an example - http://www.schoolhistory.co.uk/feedback.shtml. Rather than have an e-mail address, it has a post action that refers to </cgi-bin/securemail.pl">. This is the sort of thing I was suggesting.You can also hide your e-mail address with a bit of javascript - http://blazonry.com/javascript/js_hiding.php Thanks, Andrew. I've had a quick look, and it seems to be just the sort of thing that I need. A friend suggested something like this some months ago, saying how "easy" it was to implement, but when I tried to do it I just didn't understand what was going on. I'm not a "techie", I'm afraid - but I may be able to find someone who can help now that you've shown me what can be done. Link to comment Share on other sites More sharing options...
Andrew Field Posted July 21, 2004 Share Posted July 21, 2004 I'm happy to help if you need any assistance. It can be a bit fiddly to get things set up, but is relatively easy. I've asked to be unregistered from here now, but you can use the above link to get in contact me if you wish. Link to comment Share on other sites More sharing options...
Graham Davies Posted July 21, 2004 Author Share Posted July 21, 2004 I'm happy to help if you need any assistance. It can be a bit fiddly to get things set up, but is relatively easy.I've asked to be unregistered from here now, but you can use the above link to get in contact me if you wish. Thanks! I may take you up on this kind offer when things settle down a bit. Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now