The first rule of free email-based services

September 29, 2007

The first rule of free email-based services is simple:

Spammers will exploit any way of sending user-supplied text to random email addresses.

Let me repeat that: any way. Any way at all. Spammers are very ingenious, and it does not matter what you call the actual feature; if they can put in user-supplied text and then mail it off to people, they will use it to spam. Since it is 2007 and spam through free webmail providers is not exactly a surprising new development, if you create a feature that allows people to do this and do not give it very good spam protections, you are a moron (or worse).

(It also does not matter if you wrap the user-supplied text in some other text. If the spammers have enough room for even a brief advance fee fraud spam text, they will use it.)

The latest offender here is Google Calendar's 'send a calendar entry to some random email address' feature, but there have been others, including greeting cards ('hi I am sending you this greeting card in the name of MRS MARIAM ABACHA of Nigeria'), invitations to join mailing lists, and even Yahoo's similar feature with their free calendaring service.

(Google Calendar really irritates me, both because blows you off with an autoresponder claim that no machine emits spam (blatantly false in this case) and because it is probably too important to just block outright.)

Written on 29 September 2007.
« Phase objects: simple decent error reporting for Python programs
Weekly spam summary on September 29th, 2007 »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Sat Sep 29 17:27:14 2007
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.