I have heard that some (most? all?) spam emails have a built-in
capability of "calling home" either the moment they are retrieved
from the POP server, or the moment they are opened.
Is this true?
I use Mailwasher Pro 6.1
I know this program does not remove the messages from the server.
However, does it "read" the messages, and still cause the "call home"
feature in spam emails (if this in fact is so) to be activated?
Thanks!
Spam email calling home?
- OldEnough
- Rattled Rabbit
- stan_qaz
- Omniscient Kiwi
- Location: Gilbert, Arizona
Post
Re: Spam email calling home?
Some spam messages load an image that includes a unique identifier that can be tied back to your e-mail address. It is only activated if you allow your e-mail program to display the e-mail and load the image.
Depending on the security issues your mail client and operating system are having there could be other things happening when you download a message that contains malware into an insecure system. That is a very complex set of issues that I don't deal with since I use Linux and not Windows.
MW does remove mail from the server, I'm not sure why you think it doesn't.
MW does presents a safe, text only preview of the messages on your server to allow you to decide if you want to remove them from the server or not.
Reading the e-mail does not cause any issues be it spam or malware, that is perfectly safe. What is unsafe is allowing an insecure e-mail client on an insecure operating system to execute programs or load images based on instructions in an e-mail. MW does not do that, many e-mail clients do.
Bottom line you can safely look at any message in MW with no risk to your computer and if you choose, have MW delete it from your mail server.
Depending on the security issues your mail client and operating system are having there could be other things happening when you download a message that contains malware into an insecure system. That is a very complex set of issues that I don't deal with since I use Linux and not Windows.
MW does remove mail from the server, I'm not sure why you think it doesn't.
MW does presents a safe, text only preview of the messages on your server to allow you to decide if you want to remove them from the server or not.
Reading the e-mail does not cause any issues be it spam or malware, that is perfectly safe. What is unsafe is allowing an insecure e-mail client on an insecure operating system to execute programs or load images based on instructions in an e-mail. MW does not do that, many e-mail clients do.
Bottom line you can safely look at any message in MW with no risk to your computer and if you choose, have MW delete it from your mail server.
- rusticdog
- Firetrust Monkey
Post
Re: Spam email calling home?
There is nothing within the POP protocol that does this either, so simply retrieving email will not trigger any external commands such as loading an image from a server, or running a script.
It does come down to the email client, however we've seen in the last few years some smarter decisions being made by the email client providers, and because of that it's a practice you don't see as much.
Back in the day when a great deal of users used Outlook Express, which rendered all HTML, ran scripts, and loaded external images, this technique carried more success.
But changes to Outlook, Outlook Express and the newer programs like Windows Mail, ThunderBird etc....all mean that by default these programs will not load any external images, and certainly Outlook Express doesn't carry the same vulnerabilities it used to.
If you are concerned about this, you have several options.
First set your client to not load external images by default, unless the email is from someone in your address book. Instructions for this depend on your email client, and it may be your email program is already setup this way.
Firetrust has the Benign program, which rewrites your email as it arrives into your email program, that too can remove this kind of stuff from the email and other such scripts and nasty things.
If you are *really* concerned, then you could switch the email program to only display email in plain text, again instructions will vary, though this will also mean all the nice pretty things you used to see in your email will now just be boring text.
It does come down to the email client, however we've seen in the last few years some smarter decisions being made by the email client providers, and because of that it's a practice you don't see as much.
Back in the day when a great deal of users used Outlook Express, which rendered all HTML, ran scripts, and loaded external images, this technique carried more success.
But changes to Outlook, Outlook Express and the newer programs like Windows Mail, ThunderBird etc....all mean that by default these programs will not load any external images, and certainly Outlook Express doesn't carry the same vulnerabilities it used to.
If you are concerned about this, you have several options.
First set your client to not load external images by default, unless the email is from someone in your address book. Instructions for this depend on your email client, and it may be your email program is already setup this way.
Firetrust has the Benign program, which rewrites your email as it arrives into your email program, that too can remove this kind of stuff from the email and other such scripts and nasty things.
If you are *really* concerned, then you could switch the email program to only display email in plain text, again instructions will vary, though this will also mean all the nice pretty things you used to see in your email will now just be boring text.
- AlphaCentauri
- Guardian Gecko
- Contact:
Post
In Seamonkey -- and I assume in Thunderbird, the mail-only version -- you can set it to not load images by default. Then at the top of the preview window for any email that has images, there will be a button you click to allow images to load. Even for senders you trust you must do that, but clicking one button is a pretty simple safety measure.
Re: Spam email calling home?
That doesn't sound like a good idea if the email program can't tell a spoofed "from" line from a real one. I get lots of spam which appears to be from email addresses in my address book, especially my own. Phishing spam would be an especially big problem, and those are distributing malware now, too.rusticdog wrote:First set your client to not load external images by default, unless the email is from someone in your address book.
In Seamonkey -- and I assume in Thunderbird, the mail-only version -- you can set it to not load images by default. Then at the top of the preview window for any email that has images, there will be a button you click to allow images to load. Even for senders you trust you must do that, but clicking one button is a pretty simple safety measure.
- OldEnough
- Rattled Rabbit
Post
Re: Spam email calling home?
Thank you very much, folks, for sharing your insights!
Old Enough
to know I don't know a thing . . .
to know I don't know a thing . . .