If I “click here”, I can also fix a bad credit rating, earnfabulous prizes and/or $50,000 in the next 30 days, buy a guaranteed-legalcable TV descrambler, earn a masters or doctorate degree in the field of mychoice based on my wealth of life experience, find out the private dirt onanyone and everyone, and ensure my own privacy by filling out a simple formwith all my demographic information and submitting it to some anonymous bozo inthe Caribbean.
Based on the e-mail I get every day, it also looks likepeople from Anchorage to Australia want me to become a credit card merchant.They all say their program is better than all the others, and they all tell methat I’d better accept electronic payments if I know what’s good for me.
I am also passing up an urgent opportunity to claim along-lost fortune from a distant relative. All I need to do is give my creditcard number to some anonymous huckster, and then I’ll find out which governmentagency is guarding my unclaimed nest egg.
And that’s just the tame stuff. Some clown gave my e-mailaddress to at least one porn site. Now I get solicitations promising picturesof lesbian women, Asian women, Caucasian women, certain celebrities having sex,and lots of other disgusting junk that I’d rather not look at. Now, let me getthis straight: These guys want to send me stolen videos of people incompromising situations, and they expect me to trust them with my credit cardnumber? It’s hard to believe people pay for this garbage.
Here’s a get-rich-quick scheme that sums it all up: Somejerk wanted me to start my own porn site, pay him a wholesale price forpictures, and rake in money from people clamoring to look at the “artwork.” IfI take advantage of the e-mail offer I regularly get promising 1 million e-mailaddresses cheap, I suppose I could invite 1 million folks to look at this pornsite. I could get rich and buy my own Caribbean island.
What aracket! Are we investing all those billions in the Internet to carry thisgarbage?
It all hitclose to home a few weeks ago when a spammer compromised a customer’s e-mailserver and used it to relay spam messages across the Internet while disguisinghis identity. It turns out this is easy to do. It’s just a series of SMTPcommands to specify the sender and recipient list, and anyone with a workingknowledge of SMTP could build a crude e-mail client to send the appropriatecommands. Armed with such a program or the appropriate know-how, a spammer canroute e-mail to an end user through an intermediate site and remain anonymous.
From thespammer’s point of view, this is great. Somebody else’s e-mail server does allthe work, and the headers for the zillions of messages that go out point backto the compromised server, not the spammer. When somebody complains, thecustomer with the compromised server takes the heat and, once the customerfixes the compromised server, the spammer is free to plunder somebody else.
MicrosoftExchange is preconfigured to allow rerouting for POP3 and IMAP4 clients. Thismeans a bad guy could send unwanted solicitations to a million e-mail addressesand route those solicitations through such servers exposed to the Internet.Microsoft documents describe how to restrict such routing with MicrosoftExchange 5.5, Service Pack 1 or later, and how to turn it off. The key is inthe routing tab of the property sheet for the Internet Mail Connector.
It seems tome that all corporate e-mail servers exposed to the Internet how to restrictsuch routing with Microsoft Exchange 5.5, Service Pack 1 or later, and how toturn it off. The key is in the routing tab of the property sheet for theInternet Mail should turn this off. After all, what useful purpose does itserve in a corporate environment? Public e-mail servers, such as Prodigy, AOL,and others, have a problem. How do they provide service and block spam?
How doothers in the community feel about this? Let’s come up with a way to get rid ofthis crap. Let’s make spam mean Spam again. --GregScott, Microsoft Certified Systems Engineer (MCSE), is chief technology officerof Infrasupport Etc. Inc. (Eagan, Minn.). Contact him at firstname.lastname@example.org.