biz.vanrein.org / essay / privmail

Wrong use of email helps spammers

If you read this, you have probably spread my email address too liberally. Below, I explain how this helps spam to grow in volume, and how you can avoid that in the future.

What you've done wrong

The privacy laws in most countries protect personally identifying data, including email addresses. It is "not done" to spreak such information freely. Of course there are gray areas, but if I sent you a reference to this page then you've clearly been wrong. A common mistake, which does not make it any less bad, is sending email to many people who hardly know each other, in such a way that each sees the others' mail addresses.

Before privacy laws protected this, there has always been so-called netiquette, which (among others) comes down to mindfulness when handling someone else's privacy. These rules were founded on good reason, and in fact prescribed generally acceptable behaviour.

By ignoring these matters, you give evidence of a certain degree of neglect to these principles. So don't be surprised if at some point you receive a sharp response from someone who understands how email and spam operate on the Internet. They understand the problems caused by behaviour such as yours.

There are worse situations; some people make the additional mistake of writing to many people "so at least enough will see it", for example by posting to an email list that includes the intended recipients, as well as others. This results in (many) readers having to decide that the email is not intended for them, and the only reason for that work is that the sender was too lazy to address the right people directly. This is in fact a waste of someone else's time. Luckily this is not very common.

How you helped spam to grow

We all know spam as the annoying problem of unsolicited offers sent to our mailbox. Those who use a spam filter know that this is only a partial solution; sometimes a good email gets blocked and discarded.

Spam works by sending a message to masses of people, and this is possible because email is a free medium. Since the expenses are zero, there are no boundaries to the number of people that can be addressed, so a spammer will aim to post to every mail address on the planet.

The commercial model of spam works so well that it has ignited a secondary market, on which email addresses are sold. This market is serviced by parties who write computer virusses just to collect email addresses. Such virusses are not even very hard to write; most people use the default setup from their computer sales channel, already happy to have gotten that to work. These same people are not always good at updating their virus-scanning software either. Furthermore virus scanners always chase after the fact, because a virus must be out in the open before it can be caught. The raprid spread of a new virus on the internet makes it possible for them to do a lot of damage, or collect a lot of information, before they are stopped.

When you link relatively unknown people by sending them each other's email addresses, you expose them to quite a lot of extra chances of being shown to such virusses, which is precisely why it is important to practice some caution before sending one person's email address to someone else. We shouldn't let the world come to a grinding halt, but submitting lists of email addresses to people who don't know each other is plain carelessness. It is paving the way for spammers.

How this can be avoided

Interestingly, there are quite a few solutions to avoid this problem, but neverthless the is a continuous flow of people who screw up. After having seen how it works people tend to understand, but in fact this is too late if this is in reaction to a mail mistake. Towards the future it is better to learn the right behaviour, and perhaps spreading this knowledge could help to make up for a mistake that cannot be reverted.

Use Bcc.
The simplest solution is not to mention lists of mail addresses as To or Cc addresses, but to use Bcc instead -- blind carbon copy, meaning recipients that are not mentioned in the email. Behind To you could put your own email address. This is the simplest solution, which works without a need to setup anything.
Forward email.
Another option is to send an email to yourself, and forward it one by one to the intended recipients. This is not as handy as the foregoing, but it can be used if you cannot find Bcc. You can also use this if you forgot to send mail to someone in your original email.
Email lists.
Almost as long as there is email there have been email lists, and their addressing is specifically designed with privacy of the recipients in mind. Have a look at an email from a list, and you will see that only your address and that of the sender are visible, plus a list email address. Replies usually go to the list, so everyone sees them. If you regularly mail with a certain bunch of people, an email list is your best option.
Link people through the web.
Sometimes it is interesting to couple people, and an email is a good way to get that started. What may work quite well is not to send around email addresses, but websites of the people you intend to couple. On a website, people make a conscious choice to publish information, and that usually includes a contact mechanism of their choosing. Aside from providing much richer information, a web address is in several other ways a good method of bringing people together.
Do not assume...
It will be clear by now that not everyone appreciates the same level of exposure to informal or unsolicited email. A direct email is usually not a problem to anyone, but spreading someone's email to others is very clearly something to handle with some caution. Even if most people are unaware of the relation to spam, it would still be a service to them to not subject them to the problem.


©2010 Rick van Rein -- do with this what you like, but always send the link instead of a copy of the document to others.