FAQ Banner Home

JUNK E-MAIL OR SPAM

(Want to know why it's called "spam"?)

While industry analysts are still trying to figure out how to make money on the Internet, the spam artists think they've found the answer, and are busy churning out junk e-mail. So the bad news is that junk e-mail or spam is a growing problem, but the good news is that the Internet community is rising to the challenge. We hope that the following information may help you answer any questions you may have had regarding spam.


FREQUENTLY ASKED QUESTIONS REGARDING SPAM



WHY AM I GETTING E-MAIL NOT ADDRESSED TO ME?

It is an unfortunate circumstance that the "From" header of an e-mail message is so easily faked that it is usually not reliable in tracing its true source. (See below for more information about this.) However, spammers often even forge the "To" header of an e-mail message, which is an attempt to confuse the true recipient of the message. One of the problems with the way e-mail works is that the "To" header on messages (the line that normally contains your e-mail address, assuming it's a legitimate message) does not really determine where the message gets delivered. What does determine the recipient of the message is a command (or commands, if there are multiple recipients) sent to the mail server telling it where to send the mail. Unfortunately, these commands are ultimately hidden from the recipient's view, and do not show up anywhere in the mail headers once the message is finally delivered. (A sender can make use of this feature with a "Bcc", or "Blind Carbon Copy," to his or her recipients.)

Blind carbon copying can be useful if you are creating a mailing list, and you wish to ensure that the address of each of your recipients is kept private from the others. (These days, it is an unfortunate circumstance that the publication of your e-mail address will almost inevitably mean you become the target of unsolicited junk mailers, see below for more information.) So a mailer can set the "To" header to be anything he or she wishes; for example, "To: Mailing List Recipients." He or she can then silently tell the mail server, by using the "Bcc," who the actual recipients are.

Unfortunately, this feature can also be used for illegitimate purposes -- for example, in cases of spammers using bogus "To" and "From" headers to disguise their identities. This enables them to send out spam to numerous recipients and protect their anonymity. In cases like these, only a thorough examination of the message's full headers will reveal the source of the message... and even then, this will only reveal the source network or Internet provider. It will not reveal the specific identity of the spammer.

WHERE DID THE SPAMMER GET MY E-MAIL ADDRESS?

Does Southwestern Bell Internet Services sell my e-mail address?

In the interest of ensuring your privacy, Southwestern Bell Internet Services does not, in any way, publicize your e-mail address or any other subscriber information -- all such data is kept strictly confidential. This is not only our own internal policy, but a requirement of federal law as well.

I got spam that's targeting an alphabetical list of swbell.net customers.
I don't publicize my swbell.net address and yet I still get spam.

There is a variety of software that permits a bulk mailer to send messages to a large number of recipients on a particular Internet provider (such as Southwestern Bell Internet Services), even if they do not know their specific addresses. The software attempts to send a message to every address on that domain (starting with aaa, aab, aac, etc.), not caring about the number of "undeliverable" messages that will be generated from all the incorrect guesses. We believe some spammers may then track which addresses came back as undeliverable, and remove those addresses from their lists. These mailing lists are then sold to other spammers.

This may explain why sometimes you see spam which appears to be targeted at an alphabetical list of customers, or why you receive spam at an address which you may not have publicized.

We do have systems in place which catch a great deal of these attempts as they arrive, before the messages reach any valid addresses; however, no system such as this is 100% effective, and we are constantly working on improving the "intelligence" of our spam prevention methods.

Is there a security problem with your mail server?

The security problem extends, unfortunately, to the e-mail protocol itself. Mail administrators are required to return, as undeliverable, any messages addressed to an invalid address on a particular network (such as Southwestern Bell Internet Services). This opens up the possibility for abuse by spammers running software that attempts to send messages to as many different addresses as possible. (See above.)

Is there a security problem with my web browser?

There have been some security issues identified in the two most popular web browsers, Netscape Navigator and Internet Explorer. In one case, a problem with Javascript was identified as potentially allowing websites to capture a visitor's e-mail address without their knowledge. Click here for more information.

You may also want to visit these links for more security information about:

Do cookies have something to do with this?

Cookies are short pieces of text, stored on your computer, which are placed there by websites you may have visited so that those websites can remember who you are (or preferences you may have selected) the next time you visit. Although this can be convenient when making frequent trips to the same site, there are also well-known concerns regarding their use. Click here for more information about cookies.

WHAT IS SOUTHWESTERN BELL INTERNET SERVICES DOING TO STOP THIS?

Can you filter this stuff?

Some service providers have attempted to address the spam problem by blocking mail from other providers who are known to distribute spam. Although this method is somewhat effective, it eliminates only a fraction of spam. For example, many network abusers will set up an account with a reputable provider such as America Online or AT&T. No one blocks these providers because there is a great deal of legitimate mail coming from those systems.

We have also configured our mail servers to automatically notify our mail administrators whenever certain "patterns" are recognized in any large number of incoming mail messages. For example, a large number of messages with substantially the same Subject header, or of the same length, or numerous groups of messages all sent to the same number of recipients... all are flagged as potentially "spam" and are either accepted or rejected based on their content. By allowing the server to watch for such patterns, we hope to be able to stop a good deal of unwanted e-mail from reaching our customers.

Can you block all messages not addressed to me?

Conceivably, Southwestern Bell Internet Services could prevent any mail without a legitimate "To" header from reaching our customers at all. We have actually debated this idea seriously for quite some time. However, the downside of this plan is that there is a potential for much legitimate mail (i.e., mailing list messages addressed to "mailing list recipients" rather than a specific swbell.net address) being blocked. Furthermore, to program our mail servers to scan through every incoming mail message and verify that its "To" header matches that of its intended recipient would significantly degrade the overall performance of those servers.

Therefore, while we have a mail software upgrade planned for the near future, the unfortunate cost of having to wait is that much illegitimate mail will reach our customers for the time being. Our top priority, though, is that none of our customers legitimate mail be bounced simply because some automated process we were running mistook it for spam.

WHAT CAN I DO TO STOP THIS?

Should I "reply to remove"?
I try to reply but the message is returned to me.

As you may have noticed with much of the spam messages you receive, the "From", "Reply-To" and "To" headers point to addresses that are obviously fake. In many cases, trying to respond to the address in the "From" header results in your message being "bounced" back to you as undeliverable.

In other cases, you may discover that you are able to reply to an unwanted message. In fact, the message may actually give you "removal instructions" or invite you to "reply to be removed" from the spammer's mailing list. However, replying to spam, or even following the sender's instructions for "removal," may actually increase the amount of spam you get in the long run. By letting the spammer know that you've received the message, even though you are expressing disapproval at receiving it, you are confirming for them that your e-mail address is valid and that you read messages sent to that address. Unfortunately, many spammers do track which addresses write them back (regardless of the content of the reply) and use this information to update their mailing lists. Some even then turn around and sell these lists to other spammers.

In short, avoid attempting to reply to or contact the spammer by e-mail.

I want to report this to its origin.

Southwestern Bell Internet Services also recommends reporting the receipt of spam to the Internet provider at which it originates. Your best bet in determining the true source of an e-mail message is to look at its "Received" headers (you may have to set your e-mail client to "Show all headers" to be able to see them). As stated above, the spammer will have often forged the "From" and "Reply-To" headers, making them largely unreliable in determining the true source of the message.

Can I filter this stuff from my inbox?

Depending on your e-mail program, you should also be able to control which messages are visible in your Inbox through the use of "filters." The most recent version of Netscape Communicator offers filtering capability, as do Eudora, Pegasus and Microsoft Outlook. Unfortunately, Netscape Navigator 3.0 and earlier versions do not have filtering features, so you must upgrade to Netscape Communicator if you want to use Netscape Mail and take advantage of filtering.

We recommend you create a filtering rule in your e-mail program which deletes (or sends to the "Trash") any e-mail message not specifically addressed to you in the "To" or "Cc" headers.

Unfortunately, Southwestern Bell Internet Services does not provide technical support for setting up filters; however, there are many online resources available to assist you.

ISN'T THIS ILLEGAL?

I got spam that says it "complies with federal requirements".

Currently there is no federal legislation either supporting or prohibiting the sending of unsolicited e-mail messages. However, you may have noticed that some spam messages include the following language (or something similar):

This message complies with the proposed United States Federal requirements for commercial e-mail. For additional information see: http://www.senate.gov/~murkowski/commercialemail/EMailAmendText.html. Current information on the status, text, and summary of Title 3 of S. 1618 and H.R. 3888, its companion bill, can be found by using Thomas, the legislative information system run by the Library of Congress.
Or:

This message complies with the proposed United States Federal requirements for commercial e-mail bill, Section 301. Per Section 301, Paragraph (a)(2)(C) of S.1618, further transmissions to you by the sender of this e-mail may be stopped at no cost to you by sending a reply to this e-mail address with the word "remove" in the subject line. For additional info, see: http://www.senate.gov/~murkowski/commercialemail/EMailAmendText.html.

Although this all sounds rather intimidating, it is also misleading in that it strongly implies that the spammer has acted within federal law in sending you their message. The bill to which these spammers refer (commonly called the "Murkowski bill") would have legalized the sending of unsolicited commercial e-mail provided certain requirements were met. However, although this bill passed the Senate, it died in conference committee and never passed the House. Therefore, it never became law.

In Conclusion...

As you can see, there are no simple solutions to the problem of spam. In any event, Southwestern Bell Internet Services hopes that some of the information and resources contained in this page will help you reduce the number of unwelcome messages in your inbox.


Return Home
| Home | Home Services | Business Services | Get Software | Web Hosting| |
| Dial In Numbers | FAQ | News | Safety 'Net | Contact Us | Find |

Copyright © 2003 SBC Southwestern Bell Internet Services. All rights reserved.