Spam email calling home?

Computer problems not related to MailWasher or other Firetrust programs getting you down. Put the geeks to the test by asking about your problem here.
OldEnough
Rattled Rabbit
Posts: 2
Joined: Sun Sep 14, 2008 7:31 am

Spam email calling home?

Sun Sep 14, 2008 7:39 am

I have heard that some (most? all?) spam emails have a built-in
capability of "calling home" either the moment they are retrieved
from the POP server, or the moment they are opened.
Is this true?

I use Mailwasher Pro 6.1
I know this program does not remove the messages from the server.
However, does it "read" the messages, and still cause the "call home"
feature in spam emails (if this in fact is so) to be activated?

Thanks!
Old Enough
to know I don't know a thing . . .
User avatar
stan_qaz
Omniscient Kiwi
Location: Gilbert, Arizona
Posts: 8671
Joined: Fri Jul 25, 2008 5:13 am

Re: Spam email calling home?

Sun Sep 14, 2008 11:28 am

Some spam messages load an image that includes a unique identifier that can be tied back to your e-mail address. It is only activated if you allow your e-mail program to display the e-mail and load the image.

Depending on the security issues your mail client and operating system are having there could be other things happening when you download a message that contains malware into an insecure system. That is a very complex set of issues that I don't deal with since I use Linux and not Windows.

MW does remove mail from the server, I'm not sure why you think it doesn't.

MW does presents a safe, text only preview of the messages on your server to allow you to decide if you want to remove them from the server or not.

Reading the e-mail does not cause any issues be it spam or malware, that is perfectly safe. What is unsafe is allowing an insecure e-mail client on an insecure operating system to execute programs or load images based on instructions in an e-mail. MW does not do that, many e-mail clients do.

Bottom line you can safely look at any message in MW with no risk to your computer and if you choose, have MW delete it from your mail server.
User avatar
rusticdog
Firetrust Monkey
Contact:
Posts: 14050
Joined: Mon Jun 13, 2005 6:27 pm

Re: Spam email calling home?

Sun Sep 14, 2008 12:58 pm

There is nothing within the POP protocol that does this either, so simply retrieving email will not trigger any external commands such as loading an image from a server, or running a script.

It does come down to the email client, however we've seen in the last few years some smarter decisions being made by the email client providers, and because of that it's a practice you don't see as much.

Back in the day when a great deal of users used Outlook Express, which rendered all HTML, ran scripts, and loaded external images, this technique carried more success.
But changes to Outlook, Outlook Express and the newer programs like Windows Mail, ThunderBird etc....all mean that by default these programs will not load any external images, and certainly Outlook Express doesn't carry the same vulnerabilities it used to.

If you are concerned about this, you have several options.
First set your client to not load external images by default, unless the email is from someone in your address book. Instructions for this depend on your email client, and it may be your email program is already setup this way.
Firetrust has the Benign program, which rewrites your email as it arrives into your email program, that too can remove this kind of stuff from the email and other such scripts and nasty things.

If you are *really* concerned, then you could switch the email program to only display email in plain text, again instructions will vary, though this will also mean all the nice pretty things you used to see in your email will now just be boring text.
User avatar
AlphaCentauri
Guardian Gecko
Contact:
Posts: 348
Joined: Thu Jul 24, 2008 3:39 pm

Re: Spam email calling home?

Sun Sep 14, 2008 6:36 pm

rusticdog wrote:First set your client to not load external images by default, unless the email is from someone in your address book.
That doesn't sound like a good idea if the email program can't tell a spoofed "from" line from a real one. I get lots of spam which appears to be from email addresses in my address book, especially my own. Phishing spam would be an especially big problem, and those are distributing malware now, too.

In Seamonkey -- and I assume in Thunderbird, the mail-only version -- you can set it to not load images by default. Then at the top of the preview window for any email that has images, there will be a button you click to allow images to load. Even for senders you trust you must do that, but clicking one button is a pretty simple safety measure.
OldEnough
Rattled Rabbit
Posts: 2
Joined: Sun Sep 14, 2008 7:31 am

Re: Spam email calling home?

Mon Sep 15, 2008 7:15 am

Thank you very much, folks, for sharing your insights!
Old Enough
to know I don't know a thing . . .

Return to “General Tech. Help”