Berkeley Lab CISDepartment
Lab A-Z index
Search
Phone Book
Help Desk
 
Ernest Orlando Lawrence Berkeley National Laboratory

Spam: background information

Question

At 05:17 PM 4/10/02 -0700, [a user] wrote:

I am getting a lot more spam lately, one was concerning pornography. I have been deleting them without opening them. This is getting annoying. I don't even see my specific address on most of the junk mail. Here is one that is addressed to "@postal1.lbl.gov". What is the "postal1" list. I checked with a couple of people here and they didn't get this piece of junk mail. How do I get off this "postal1.lbl.gov" list? Another junk mail was addressed to "kittieracina4999@swirve.com". I dno't know how this got to me as I can't see any connection with LBL in the address.

Is possible to block email that is coming from outside the lab that doesn't explicitly have my lab email address?

Answer

Many pieces of unsolicited commercial email can be outright confusing. In most cases, this is exactly what the spammers want: they want it to be difficult for you to contact them, confusing to determine how they obtained your address, and impossible to interfere with their ability to continue to inundate you with junk email.

Email addressing is a strange and wonderful thing that has been carried over from a kinder, gentler day. in reality, anyone can "forge" email with a variety of incorrect or confusing information. the issues you describe with email addressed to @postal1.lbl.gov or addresses like kittieracina4999@swirve.com are often used to confound people and mailing software. while friendly, ordinary folks put real values in their To: fields, spammers usually don't.

Postal1.lbl.gov is [currently] [one of the] real names of the lab's primary email server. The reason this address may show up in some unsolicited emails is that the spammer's mass-mailing software doesn't properly format their outgoing email. They send out email that appears to be addressed like this:
To: MyMassMailingList
which isn't a valid internet address. The lab's email servers, wanting to be friendly, fill in their own address, because they've been tricked into believing someone is sending email to a local, LBL address. So the address above becomes
To: MyMassMailingList@postal1.lbl.gov
This serves the spammers purpose, because now, folks such as yourself take the issue up with the local people, instead of the spammer's ISP.

Similarly, due to some technical issues with the way email is actually sent from one place to another, it is just as easy for our unfriendly spammer to change the address to something else, too, such as:
To: MyMassMailingList@swirve.com
which probably is not the real address they were sending to. they are exploiting a neat trick, which is the same trick used to send email to mailing lists. They are making use of the fact that the address "inside" an email can be different from the address on the "envelope" of the email. The "envelope" address always needs to be a valid email address, such as yours, in order to reach a real destination; but, the address inside the email itself can be anything. this is similar (but not identical) to the case where people send to email lists (e.g. level1-lbl@lbl.gov): the email list name will appear in the To: field, but the envelope address for the mail arriving at your inbox will be addressed to your personal email address.

To answer some of your other specific questions:

Q: What is the "postal1" list?
A: There is no such thing. I hope the rather lengthy explanation above helped explain how "postal1" can show up.

Q: I checked with a couple of people here and they didn't get this piece of junk mail.
A: Many pieces of unsolicited email are directed only to a small group of folks at the lab at any given time. Other spam may be sent to large numbers of staff at the lab. It is difficult to tell from one to another how broad a swath it will cut through the lab.

Q: Is possible to block email that is coming from outside the lab that doesn't explicitly have my lab email address?
A: Yes, although this may have unintended and undesirable side- effects. You could use the power of Netscape Messenger Message Filters to sort all of your email into "things addressed to your EPO" and "everything else" folders. you can read more about them here: http://www.netscape.com/browsers/using/messenger/organizing.html If you were to create a Personal folder and an Other folder, and filter incoming email based on a "To or CC" with your address into your Personal folder, and everything that doesn't contain that string in the To or CC, you might be able to more quickly sort through things like this.


ITSD

Copyright 2001 Lawrence Berkeley National Laboratory
Page Owner:  help@lbl.gov

Last modified Fri Aug 2 15:39:45 PDT 2002