On Wed, 28 May 2003, Samuel W. Heywood wrote: > On Tue, 27 May 2003 17:24:09 -0500, Sam Ewalt wrote: > > How can they find out your email address just by your going > to their advertised web site and the only thing you do there > is to just take a looksee?
I throw almost all of my spams away immediately, but I do have one example hanging around of one way they do this: http://www.xxx.com/click.php?entrypage_id=9999&partner_id=424927&niche=NICHE_ID This particular URL passes an entry page number and a partner ID, so the parent site knows whom to credit. It's just as easy to have an "e-mail ID" (even though it's not labelled as such) included in the URL. Sometimes this can look as innocuous as http://xxx.com/XzsTv. That last bit is actually an encoded version of your e-mail address. (For an example of how this can work, look at http://tinyurl.com for one... not saying tinyurl is ever involved in spam, just that the same type of hash can be used to encode your e-mail address in a URL.) There are also e-mails containing extra-info inline graphics names for those who are viewing in arachne or other HTML mail readers while online. <a href "http://xxx.com/";> <img src ="http://xxx.com/[EMAIL PROTECTED]"> </a> The graphic is displayed in your e-mail as if there is no additional info on the filename, but your e-mail address is recorded in their web logs because it's part of the graphic filename you downloaded. > The only way I can figure how they could do that is if they > named a different web site for each article of spam sent and > the named web site corresponds to the spam article sent to > your email address only. Do spammers do things like that? As you've already surmised, no. However, they do create a site, make a mass mailing, and then once the site is shut down due to complaints, just move the content on to the next site they've registered. The same content can be moved through dozens of sites as the ISPs "chase" him along. The best way to figure out how spammers verify your active address is to simply look at what they send you. In Arachne, F6 (IIRC) or in PINE, hit "H." -- Steve Ackman http://twoloonscoffee.com (Need green beans?) http://twovoyagers.com (glass, linux & other stuff)
