Greeneville City Schools

Instructional Technology Team
It is currently Mon Jan 24, 2022 8:28 am

All times are UTC - 5 hours

Post new topic Reply to topic  [ 1 post ] 
Author Message
PostPosted: Mon Oct 27, 2008 12:37 pm 
Site Admin
User avatar

Joined: Mon May 16, 2005 10:13 am
Posts: 103
Location: Central Office
How do email addresses end up on spam lists?

Every day, millions of people receive dozens of unsolicited commercial emails, known popularly as “spam.” Some users see spam as a minor annoyance, while others are so overwhelmed with spam that they are forced to switch email addresses. This leads many email users to submit helpdesk requests to email administrators with the question “How did these people get my email address?”.

The Center for Democracy & Technology (CDT) embarked on a project to attempt to determine the source of spam. They set up hundreds of different email addresses. Then the CDT waited six months to see what kind of mail those addresses were receiving. It should come as no surprise to most email users that many of the addresses the CDT created for this study attracted spam. What is very interesting is the different ways the email addresses attracted spam. There were also the different volumes, depending on where the email addresses were used.

The results offer insights about what online behavior results in the most spam. The results also debunk some of the myths about spam.

*The analysis indicated that email addresses posted on Web sites or in newsgroups attract the most spam.

Web Sites: CDT received the most emails when an address was placed visibly on a public Web site. Spammers use software harvesting programs such as “robots” or “spiders” to record email addresses listed on Web sites, including both personal Web pages and institutional (corporate or non-profit) Web pages.

CDT tested two methods to stymie address harvesting:

Replacing characters in an email address with human-readable equivalents, for example “” was written “sample at domain dot com;” and
Replacing characters in an email address with HTML equivalents.
Email addresses posted to Web sites using these conventions did not receive any spam.

USENET newsgroups: Newsgroups expose email addresses of every person who posts to the newsgroup to spammers. Newsgroup postings, on average, generated less spam than posting an email address on a high-traffic web site. In our study, we discovered that most newsgroup related spam is sent to the address in the message header. This held true even if other email addresses are included in the text of the posting.
For the most part companies that offered users a choice about receiving commercial emails respected that choice. Most of the major Web sites which we provided email addresses for respected the privacy choices we made, if a choice was made available.

Some spam is generated through attacks on mail servers, methods that don’t rely on the collection of email addresses at all. In “brute force” attacks and “dictionary” attacks, spam programs send spam to every possible combination of letters at a domain, or to common names and words. While these attacks can be blocked, some spam is likely to get through. In many cases, spam generated by these attacks will be directed to shorter email address (like before it is directed to longer addresses (like

Reprinted from: ... ymie-spam/

Larry Jones
Central Office

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC - 5 hours

Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group