Spamming has undergone several changes by binding to both equipment hardware, and the discovery of the vulnerability of software used.
We have gone from simple email which was sent to identify who had so easily curb blacklisted the account or IP (internet protocol) address of the sender, the use of malware (software containing malicious code).
These software are inoculated within the computer object of attack by trojan horses or Trojan Droppers (Trojans), backdoor (programs that allow the opening, user unintended victim of ports from which it will You can access your computer, etc.).
With such software, the fraudster will be able to take control of infected computers, or may receive directly from your e-mail account the full report on the web browsing (web sites visited, passwords entered by either typing keyboard using the mouse).
must not fall into the trap of having identified the sender of the spam emails just from the email. In fact, as mentioned earlier, we are available to the spammer software able to be a different account than the real one or even automatically generate e-mail account is solely because the initial domain. Also, many spammers manage to find the mail servers are open (open SMTP relay) which allow sending mail without being authenticated.
Unfortunately, at present, precisely because the most modern techniques, it is very easy to block the arrival of these "annoying" email.
not always filter mail through the IP, the account of the sender or items allegedly found in the subject line or body of the electronic missives. In fact, besides the use of a formal trust account, spammers Fragment keywords that could be used as a filter, so even if the body of the email or article will present the words that we have Viagra and Cialis used as a filter for spam, these words are probably been included as images that were written in a different way from how it is displayed. For example, the word VIAGRA could have been written like this: V and I b A t h G R and A, where the letters in red, with certain instructions, but are not made visible that together allow you to bypass the spam filter that we inserted.
Before delving into the speech with spam techniques, I try to explain how "travels" an email on the Internet.
An email account and 'consists of the name of' user (ie sender) and a domain name (eg miodominio.it). Between the user and the domain name is the symbol "@" (pronunciato " et "). Quindi, in questo caso, il mio indirizzo di posta elettronica sarà: " mittente@miodominio.it ".
Quando invierò la mia email a " destinatario@suodominio.it ", il primo step del percorso della posta elettronica sarà il server di "miodominio.it" definito SMTP (Simple Mail Transfer Protocol). Questo server chiederà al server DNS (Domain Name Server) l'indirizzo IP corrispondente al dominio "suodominio.it".
Se il DNS conosce l'IP di "suodominio.it", allora il server SMTP mittente spedirà il messaggio al server del destinatario altrimenti, verrà indicato un ulteiore server DNS in grado di aiutare il server SMTP mittente translated into IP address of the recipient's domain. It will go on like this until you correctly identify & access to the IP "suodominio.it.
At this point, the receiving SMTP email, will read the first part (the left of "@") e-mail address, then " recipient @suodominio.it, directing message to the private user "recipient". But we must clarify one thing: if you want to transfer mail from your local connection to the SMTP server (our computer), you must use the POP (Post Office Protocol ) at which the SMTP traferirà la posta ricevuta. Infatti per poter utilizzare i software di posta elettronica (es. msoutlook, outlook express, Thunderbird, Incredimail, Pegasus Mail, ecc.) è necessario configurare oltre al SMTP, anche il POP o IMAP ( Internet Message Access Protocol ). Le differenze tra POP e IMAP stanno nella possibilità, per il secondo, di poter leggere da diverse postazioni la posta elettronica (sarà quindi necessaria la connessione ad Internet sia per la lettura che per la scrittura delle email), mentre con il POP si scarica in locale la posta svuotando quindi il server. La lettura e la scrittura, in quest'ultimo caso sarà possibile anche offline necessitando della connessione solo per l'invio e lo scarico della posta.
Let's see in detail the techniques used by spammers to reach their destination these fastidisiose email:
Open SMTP relayThe sender of the email, clicking on the "submit" button, it will start the mail from the need resides on SMTP your mailbox (if I have an email account registered on the domain "libero.it", my email server will use as a starting one of those run by "free".
The recipient will receive the above email at the mail server its domain.
Normally the servers used by ISPs (Internet Service Provider) for some form of authentication to ensure that the user is an ISP account. I server open relay non controllano se l'utente è autenticato o meno dando la possibilità a chiunque di inviare posta elettronica, rendendo più difficile rintracciare lo spammer.
Spamming per interposta persona
Lo spamming per interposta persona è un mezzo più subdolo utilizzato sfruttando l'ingenuità di molta gente. Per l'esattezza si intende di solito l'invio di Email commerciali ad alcuni destinatari conosciuti e magari regolarmente iscritti ad una newsletter dello spammer invitandoli a far conoscere una certa promozione ad uno o più persone conosciute dall'ingenuo destinatario, invogliandolo magari con qualche piccolo compenso.
Grazie a questo sistema the recipient will be naive to "spam" other mailboxes of his acquaintances, and then covering him behind and that will gain from this behavior.
To send e-mail en masse, you can use Telnet (for those who know the commands) or software interface much easier to use. With these products, you can bring up an address other than the one that really sent the mail.
