Home | craig.ca Offers | About | Contact || NinerNet | Sandra

IamCraig.com

There ought to be limits to freedom. --George W. Bush

Section: Internet Security

Anti-Spam Letter

Here's a letter that's not too mean that you can email to all your friends, relatives and business associates if you find yourself deluged with spam, chain letters and hoax virus warnings. Feel free to copy and paste it into a new email message from you. All I ask is that you leave the whole message intact (everything between the horizontal rules), right from the phrase "Network_Provider" down to the date at the end of the message. Make sure you also follow the advice in the message about hiding the recipients of the message you send, otherwise you'll get flamed for being a hypocrite. If you don't want to email the whole message you can just send people the URL for this page ( http://www.iamcraig.com/spam_letter.php ) with a brief personal note from you.

Craig Hartnett
craigh@niner.net
Monday, October 5th, 1998
Updated Thursday, August 23rd, 2007

You can read an article based on this letter on the FactsCanada.ca site at www.factscanada.ca/friday/friday-2001-18-12-07.shtml. It has been updated more recently than this one and is not so mean. :) There's also a much newer article entitled "How and Why to Blind Copy Multiple-Recipient Messages" that covers a very important subject.

Please also note that, while the general thrust of this information is still valid, some of the more specific technical points are now rather dated. Caveat emptor! Amazingly though, human nature doesn't change, and some of the same hoaxes circulating when this was written late in the 20th century are still circulating today!

---

Network_Provider: NinerNet Communications -- http://www.niner.net
X-Sender: cdgh@pop.uniserve.com (Unverified)
X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32)
Date: Mon, 05 Oct 1998 01:50:47 -0700
To: (Recipient list suppressed)
From: Craig Hartnett <craigh@niner.net>
Subject: Public Service Announcement

Hi there,

I'm sending this to just about everyone that I know who has email. If it
applies to you, please take note. If it doesn't, read it and learn anyway,
and maybe you'll think of someone who needs this message. This is not meant
to be a personal attack on anyone -- you don't know what you don't know.


INTRODUCTION:
~~~~~~~~~~~~~

Tired of receiving spam? Wonder how the heck a spammer got your private
email address -- the one you only gave to family and friends? Sick of chain
letters, hoaxes and bullshit virus warnings?

What a coincidence -- so am I.

Links to all of the websites and companies I mention are at the end of
this message. If you don't know what spam or a virus is, there are
definitions there too. I know this is longer than most email messages you
receive, but read it all anyway. It will save you time and spare you the
animosity of your friends in the long run. You can also read it at
http://www.iamcraig.com/spam_letter.php on the Web later this week.


VIRUS WARNINGS:
~~~~~~~~~~~~~~~

If you receive a virus warning via email, please take the time to check it
out with the American Department of Energy's "Computer Incident Advisory
Capability" website. They are the computer virus hoax and chain letter
authority. If it doesn't check-out, please don't bother forwarding the
warning. Just delete it and pass *this* message onto the person who,
probably unwittingly, sent you the hoax.

Some notes on computer viruses / virii; simply reading an email message,
in most cases, *CANNOT* do any harm to you or your computer. You have to
run an executable program that comes attached to an email message before
any harm can be done to the data on your computer. The program cannot and
will not run by itself. If you get an attachment from a source that you do
not know or do not completely trust, check it with a virus checking
program. If you don't have such a program, get one, install it, and
keep it updated. Otherwise delete the attachment *WITHOUT* clicking on it
or doing anything else to it. A computer virus cannot cause your computer
to melt-down, explode or kill you, all of which have been claimed possible
by various hoaxers.

Please keep in mind too, that technology is constantly changing. Weaknesses
have been discovered in some popular email programs that can be
exploited. However, the usual result seems to be a little inconvenience
rather than massive amounts of lost data. The lessons to be learned in most
cases are two-fold:

1) Stick to plain text email -- HTML formatted email may look pretty but
let's face it, email was never meant to look great, it was just meant to
communicate in words something concise and to the point. Besides, hidden
behind the HTML coding in more and more recent cases can be a threat to
your computer and your valuable data. This means that you no longer have to
open an attached executable program for a virus to infect your computer
and, also in an increasing number of cases, the computers of others on your
network and whose email addresses you have stored on your computer.

2) Consider changing your email program -- Many recent attacks on email
programs have only attacked the most popular free email clients (i.e.,
Microsoft Outlook Express). I wouldn't want to expose my prejudices here,
but here's a hint; get a decent email program, one that doesn't stick
out like a sore thumb asking to be attacked by virus authors and hackers. I
prefer Eudora, and I have yet to see (although I stand to be corrected) a
virus, Trojan or any other kind of attack that affects it.

Fixes for the various attacks have been made available by the program
vendors. Get them, keep up-to-date, and back-up your data. Assume your
friends and business associates do likewise -- only pass on alerts that are
timely and which you have personally verified with a reliable source,
usually a software vendor such as Microsoft, or a well known and respected
virus lab (two of which are listed below).


SPAM / REVEALING YOUR FRIENDS' E-MAIL ADDRESSES:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

You'll notice that the distribution list for this message has been hidden.
That's a favour I do for *you*. That way nobody can skim your email
address and sell it to a spammer. Please do me and everyone else on your
distribution list the same courtesy. If you don't know how to do it, check
your email program's documentation.

Here's a simple procedure that will hide all the recipients with most, if
not all email programs and services (including programs like Eudora or
Outlook, and services like Hotmail); put *ALL* recipients in the "Bcc"
(blind carbon copy) field, not the "Cc" or "To" fields. If you have to put
something in the "To" field, put your own email address, or a fake address
that you know does not work.

If you do forward an email message of some kind, many email programs
and services include the original sender's email address and other useless
header information in the body of the new forwarded message. Do your
friends another favour and delete this information from the new message, as
well as deleting their signature (defined below) if they use one. Leave
just the meat of the message -- take out the fluff. Getting a message that
has been forwarded a hundred times with all the header information intact
is annoying to the recipients at best, and a gold mine for spammers at
worst. For an example, see the end of this message.


CHAIN LETTERS:
~~~~~~~~~~~~~~

I know some people just love to receive chain letters, especially
"get-rich-quick" ones. I am *not* one of those people. If your life
revolves around the possibility of Bill Gates giving you a free copy of
Windows '98 and a thousand bucks, or avoiding bad luck by annoying your
friends, then I feel very sorry for you. Please ask your friends if they
want to receive chain letters, and then make a special distribution list
for them. My guess is that it will be empty.


MOTIVATION:
~~~~~~~~~~~

So why have I suddenly decided to waste my time writing this? Also located
at the end of this message are the subject lines of the spam I have
received in the last month. Some of this has even come to the email
address I mentioned at the beginning -- the *private* email address I have
given *ONLY* to family and friends. I have *never* posted that address
anywhere on the Internet, or given it to any company for any reason. Even
this message is not from that address. I use that address when
corresponding with family and people I know personally in real life. I find
it ironic that the email address I give out all the time for things like
email subscriptions, warranty registrations, etc. has never once received
a single piece of spam!

Then there's the virus warning (actually another hoax) that came to me
recently with 68 email addresses in the "To" field. That's not counting
the sender's address and all the addresses in the body of the message that
were there because the people who forwarded the message did not bother to
delete the previous senders' information.

There are links to information about some of the other hoaxes and chain
letters I have recently received at the end of this message.


CONCLUSION:
~~~~~~~~~~~

There are a whole bunch of links related to viruses, hoaxes, spam and chain
letters at the end of this message. Other than visiting the CIAC website
to verify hoaxes and downloading some anti-virus software from one of the
vendors, your best defence is common sense.

A computer virus is a serious matter, and hoaxes and chain letters that ask
for money are no better. It seems to make sense to pass along warning
messages, and some chain letters are just fun, aren't they? Passing on
warnings that are hoaxes means that real warnings can go undetected or
unheeded. (Ever hear the story of the boy who cried, "Wolf!") *You* may
enjoy chain letters, but poll your friends and I think you'll find you're
in the minority. Do you want your email address and other personal
information floating around all over the Internet for anyone to pick-up?

Please think before you act.



DEFINITIONS:
~~~~~~~~~~~~

Virus -- A program that, *when executed*, will carry out (usually
undesirable) actions on your computer. Commonly feared consequences are
formatted hard drives and loss of stored data by other means.

Spam -- Unsolicited Commercial Email (UCE). Junk email. The Internet
equivalent of flyers and letters from Ed McMahon in your mail box. Believe
it or not, spam actually costs you money. Ask your ISP or server
administrator.

Signature -- A block of text created by a user, automatically appended to
the end of every email message sent by that user. This is usually
identifying information such as name, company name, website address,
email address, phone number, fax number, postal address, and / or any
other information the sender deems pertinent. Some email programs allow
you to select from a number of different, user created signatures before
sending your message. Services like Hotmail also allow you to create a
signature to be automatically appended to every email message you send.


EXAMPLE OF A FORWARDED MESSAGE:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The unintelligible gibberish below is referred to as the "header" of an
email message. It is of little or no interest to anyone except computer
geeks and spammers looking for more email addresses. Most email
programs and services will include some or all of this information in the
body of a new message when you forward a message to someone. All you have
to do is delete it. Imagine how big this message would be if it had been
forwarded 100 times and all this junk was still in there!

>Return-path: <craigh@niner.net>
>Received: from mx04.netaddress.usa.net [204.68.24.141]
>	by pop.uniserve.com with smtp (Exim 1.82 #4)
>	id 0zGH7V-00068g-00; Mon, 7 Sep 1998 23:19:17 -0700
>Received: (qmail 1928 invoked by uid 0); 8 Sep 1998 06:19:18 -0000
>Received: from pop.uniserve.com [204.244.156.3] by mx04 via mtad (2.6)
>	with ESMTP id mx04-ciHgTR0143; Tue, 08 Sep 1998 06:19:17 GMT
>Received: from van4d40.dial.uniserve.ca (rhodes) [204.244.163.103]
>	by pop.uniserve.com with smtp (Exim 1.82 #4)
>	id 0zGH7Q-00068S-00; Mon, 7 Sep 1998 23:19:12 -0700
>Message-Id: <3.0.5.32.19980907231856.009505c0@pop.uniserve.com>
>Network_Provider: NinerNet Communications -- http://www.niner.net
>X-Sender: cdgh@pop.uniserve.com (Unverified)
>X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32)
>Date: Mon, 07 Sep 1998 23:18:56 -0700
>To: cdgh@usa.net
>From: Craig Hartnett <craigh@niner.net>
>Subject: Be Afraid...
>Mime-Version: 1.0
>Content-Type: text/plain; charset="us-ascii"
>
***** DELETE THE CRAP ABOVE THIS LINE *****

>
>***** THE ACTUAL MEAT OF THE MESSAGE STAYS HERE, BUT DELETE ALL THE
>FORWARDING SYMBOLS (USUALLY >) IF THE MESSAGE HAS BEEN FORWARDED
>MORE THAN A FEW TIMES *****
>

***** DELETE THE PERSONAL INFORMATION IN THE SIGNATURE BELOW THIS LINE *****
>
>NinerNet Communications           Craig Hartnett
>------------------------------------------------
>Providing business Internet solutions since 1996
>------------------------------------------------
>http://www.niner.net * Telephone: 1-206-374-2986
>mailto:zzz@niner.net * Facsimile: 1-206-374-2986


RECENTLY RECEIVED SPAM:
~~~~~~~~~~~~~~~~~~~~~~~

Spelling not corrected. Spammers aren't known for their highly evolved
intellects. My comments are indented and bulleted.

ARE YOU TIRED OF BEING LABLED A LOSER!
	- To my *private* email address! (No smart ass comments.)
The Money You Want, The Way You want Fast!
from Helen Astor/ forward to pres. please
Internet Publishing Business
AD: Complimentary Hotel Stay Sampler
Would you like to have some extra money?
FREE CREDIT CARD PROCESSING - New & Home Based Businesses
***How Serious Are You?
AD: Stock-Pick Discovers Media Goldmine!!
	- Another to my *private* email address!


LINKS:
~~~~~~


Hoax and Chain Letter Resources:

United States Department of Energy, Computer Incident Advisory Capability:
	http://ciac.llnl.gov
CIAC HoaxBusters:
	http://hoaxbusters.ciac.org
Bill Gates Hoax:
	http://hoaxbusters.ciac.org/HBGiveAways.shtml#billgates
Disney Hoax:
	http://hoaxbusters.ciac.org/HBGiveAways.shtml#disney
AIDS Hoax:
	http://hoaxbusters.ciac.org/HBMalCode.shtml#aids
Budweiser Frogs Screensaver Hoax:
	http://hoaxbusters.ciac.org/HBMalCode.shtml#budfrogs
CIAC HoaxBusters Chain Letters Page:
	http://hoaxbusters.ciac.org/HBChainLetters.shtml
Sophos Virus Information:
	http://www.sophos.com/virusinfo
Links to more resources:
	http://home.ptd.net/~larrysch/virus.htm (dead)


Anti-Virus Software Vendors:

McAfee (Network Associates) -- VirusScan/VirusShield:
	http://www.mcafee.com
Symantec -- Norton Anti-Virus:
	http://www.symantec.com
Command Software -- F-Prot:
	http://www.commandcom.com
Aladdin Knowledge Systems -- eSafe:
	http://www.esafe.com
Sophos -- Sophos Anti-Virus:
	http://www.sophos.com


Anti-Virus and Security Related Resources:

Symantec AntiVirus Research Centre (SARC):
	http://www.symantec.com/avcenter
Microsoft Security Advisor:
	http://www.microsoft.com/security
Anti-Virus Emergency Response Team:
	http://www.avertlabs.com


Anti-Spam Resources:

Coalition Against Unsolicited Commercial Email:
	http://www.cauce.org
Network Abuse Clearinghouse:
	http://abuse.net
S.P.U.T.U.M.:
	http://www.sputum.com (dead)


This has been a public service announcement. Any resemblance to a rant is
purely coincidental. The information in this message is a copyright ©
1996-2008 of NinerNet Communications. Other trade or service names mentioned
herein are the copyrights of their respective owners. The mention of a
product or service does not constitute endorsement of that product or
service by NinerNet Communications or Craig Hartnett. This message may be
reproduced by any means without the prior consent of the copyright holder,
as long as the entire message is kept intact, including this notice, and not
changed in any way.


Craig Hartnett
craigh@niner.net
Monday, October 5th, 1998
Updated Thursday, August 23rd, 2007

---

On NinerNet

Host my site? VisitZambia.info HeartSafe First Aid Training Philogyny IndyPhoto.com

NinerNet

Domains for Sale

eJob.ca Philogyny.info B2C.ca BriCan.ca AltSex.ca

NinerNet

Web This site

Now Reading

This page (/spam_letter.php) last updated 2007:08:24:05:16:58 UTC.
Copyright © 1996-2008 Craig Hartnett. All rights reserved.
The primary domain of this site is iamcraig.com, but it's also available at craig.hartnett.ca, craighartnett.com, and craig.ca.