[conspire] Creepy Web 2.0-service sales come-on

Sean Berry berry at housebsd.org
Wed Jan 18 08:47:53 PST 2006


I've sent a few of these, and it does make me somewhat uncomfortable, but 
would it be that much better if it instead came from a generic sending 
address?  In Linkedin in particular, you do have the option to change or 
rewrite the message: most people simply do not bother.

-- 
Sean Berry
berry at housebsd.org
414 331 5718

On Wed, 18 Jan 2006, Rick Moen wrote:

> Here's a verbatim example of something I talk about near the beginning
> of http://linuxmafia.com/faq/Essays/winolj.html , my "Rick Moen
> INOLJ-OOW2.0C (Is Not On LiveJournal Or Other Web 2.0 Cults)" essay.
> Maybe it's just me, but it strikes me as a pretty damned creepy
> sales come-on.
>
> I've altered the example to protect my friend's privacy, but imagine you
> know Sam Jones, his mail addres, etc. reallly well.  Most people don't
> view full SMTP headers, so it really does seem to be personal mail from
> Sam, recommending an "interesting business tool".  He starts out with
> "Rick," closes with "-- Sam", and the sender "From:" SMTP header is
> _forged_ to use Sam's real e-mail address.
>
> Note that latter point:  It uses some of the same forge-mail techniques
> that the spammers use to hide themselves.  Only the (normally hidden)
> Return-path envelope header and Received headers are valid.
>
> Yes, Sam undoubtedly did in _some_ sense authorise the sending of this
> "invitation" mail on his behalf -- but he sure as hell didn't write it
> or send it from his personal e-mail address, as is falsely claimed.




More information about the conspire mailing list