Vous êtes sur la page 1sur 13

Bulk mailers

Atomic email studio is a multifunctional bulk mailer capable of managing all aspects of a spam campaign. It has features that allow the user to create, send, manage mailing lists and harvest email addresses. As shown in the diagram above the software allows for the extraction of email addresss from a variety of source websites, files, whois databases, newsgroups, bowsers and the option to purchase email addresses.

In the diagram above program is given two websites on which to conduct a search the first is University of Westminster at address www.wmin.ac.uk and a total of two email addressed are acquired one is admissions@wmin.ac.uk and is located at the following URL

http://www.wmin.ac.uk and the other is course-enquiries@wmin.ac.uk and is located at the following URL http://www.wmin.ac.uk/page-33. A total of 51 web pages were searched inorder to get the two email addresses. The second search or harvest was conducted at the British broadcasting corporation website at www.bbc.co.uk and a total of 10 email address were collected with associated URLs. As the program examines the web pages for email addresses it shows the number of web pages that it has examined and the ones that it still has yet to examine, as shown in the diagram above at the botton left it has examined 722 pages but still has 5722 pages left to examine.However after a short period of time the number of pages still to be examined increased from 5722 to 7206 and also the number of email addresses increased. Therefore it seems that more email webpages are being searched the more websites are found within the links.

When attemping to export the emails that have been harvested and send a mass email. The researcher is prompted to purchase the software.Therefore the harvested emails couldnt be exported using the trial version of the software.

Inorder to send emails using the software account creation was required which included the user name, email address and company name. These were the intitial steps in configuring the account to send mail.

Since the program did not allow for any of the harvested emails to be saved. The researcher had to use email addresses derived from his own personal contact list. The emails used to test the sending capabilities of the program can be seen in the diagram above.

Ir The next option that is presented is the SMTP server selection. It allows emails sent by the program to use an external SMTP server or to sent the mail directly to the recepients email server bypassing the ISP. The difference is that ISPs usually impose restrictions on the amount of mail that can be sent to one user. Therefore if the mail is set directly using the internal SMTP it can bypass those restrictions.

Email tracking was enabled inorder to monitor the progress of the emai campaign also to observe the effectiveness of the email tracking feature. An email address and password was required inorder for the tracking report to be sent to designated email account. However the email tracking was not succesful as error message was shown when attempts to intitiate it were made.

The copy of the test email that was sent.

All of the 22 emails are sent. However three emails were successfully sent which were all Gmail accounts, two were invalid email addresses and seventeen had send error. The rest of the email address had send error more likely to the fact that there are being blocked by service providers due to the fact that there use and internal SMTP.

The sent message has been received in the users mailbox.However it has been received in the user spam folder. Which can more likely be attributed to the fact that the mail was sent by an internal SMTP.

Delivered-To: p.mapfumo@gmail.com Received: by 10.229.227.21 with SMTP id iy21cs42627qcb; Fri, 10 Sep 2010 09:38:36 -0700 (PDT) Received: by 10.213.101.17 with SMTP id a17mr425477ebo.32.1284136715534; Fri, 10 Sep 2010 09:38:35 -0700 (PDT) Return-Path: <deputydog@hushmail.com> Received: from PHIL-01 (cpc2-finc7-0-0-cust220.4-2.cable.virginmedia.com [81.97.220.221]) by mx.google.com with ESMTP id v8si5911827eeh.26.2010.09.10.09.38.34; Fri, 10 Sep 2010 09:38:35 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning deputydog@hushmail.com does not designate 81.97.220.221 as permitted sender) client-ip=81.97.220.221; Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning deputydog@hushmail.com does not designate 81.97.220.221 as permitted sender) smtp.mail=deputydog@hushmail.com Message-Id: <4c8a5f0b.887b0e0a.7654.6763SMTPIN_ADDED@mx.google.com> From: "Deputy Dog" <deputydog@hushmail.com> Subject: New message To: "p.mapfumo" <p.mapfumo@gmail.com> Content-Type: multipart/alternative; boundary="PcnLhswJ2YuB7x1uJ89IBE5CFJWQpm5=_G" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Organization: The Dog Pound Date: Fri, 10 Sep 2010 17:38:22 +0100 This is a multi-part message in MIME format --PcnLhswJ2YuB7x1uJ89IBE5CFJWQpm5=_G Content-Type: text/plain ; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Dear Sir/Madam The page that you are looking for cannot be found. But how about a game of Global Thermo Nuclear?=20 Or go to joke.com homepage? Regards (Director of operations) Deputy Dog Junior Sent by trial version of Atomic Mail Sender --PcnLhswJ2YuB7x1uJ89IBE5CFJWQpm5=_G Content-Type: text/html ; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <HTML><HEAD> <META content=3D"MSHTML 6.00.2800.1106" name=3DGENERATOR></HEAD> <BODY> <P>&nbsp;Dear Sir/Madam</P> <P>&nbsp;The&nbsp;page that you are&nbsp; looking for cannot be found.= </P> <P>But how about a game of&nbsp; Global Thermo Nuclear? </P> <P>Or go to joke.com homepage?</P> <P>Regards</P> <P>&nbsp;(Director of operations)</P> <P>Deputy&nbsp; Dog Junior</P><BR><BR>Sent by trial version of Atomic =

Mail Sender</BODY></HTML> --PcnLhswJ2YuB7x1uJ89IBE5CFJWQpm5=_G--

The header information from the received emails shos that the receiving server has identified the fact that the domain name used in the email address field did not originate from that particular users domain it claims it was sent from.

Results from bulkmailer


The experiment that was conducted on the bulkmailers show that there are; Bulkmailer vendors are aware of restrictions that are imposed on the number of email that can be sent at any one time and therefore have provided a means to bypass the ISP by sending mail thorough an internal SMTP. This is view is also supported by Cournane and Hunt (2003). Vendors of bulkmailers have also developed software that the capable of sending mass emails as well as harvesting them this demostrated by the Atomic mail tool that was tested for this experiment. This view is also supported by a study on spam tools conducted by Stern (2008) Even though the trial versions of bulkmailers have limitations there provide a means of testing the software to assess its abilitie. However since the tools fuctionality was restricted it was difficult to access whether its ability to manipulate header information.Which is has been reported to be possible in a study conducted by Cournane and Hunt (2003). The tracking ability of the software could not be assessed even though numberous attempts were made to reconfigure it. Even though the tracking abilities could not be accessed there is evidence that some of the tools analysed have this ability allowing to track the success of the spamming campaigns. Only Google email accounts were the only accounts that accepted emails from the bulkmailer but all the other email service providers rejected all mail sent from the bulkmailers.The email that was received in the resaerchers Google account revealed that the Googles email filters detected that the email did not originate from the email address that it claimed it origined from. This suggests that Google mail is willing to

accept email even if it suspects some form of fradulent behaviour, whilst other email service providers reject suspect emails. Bulkmailers abilites to personalise mail, text and HTML support, and message obfusication techique to invade detection were not investigated in this experiment due to time constraits and restrictions applied to the evaluation version of the software used. However some of the sofware vendors offered mailing lists that could be purchased, which brings the researcher to question whether the email addresses for sale were obtained in an ethical manner. This seems probable as the software vendors made not attempts to warn against the dangers of spamming and violating spam laws. This experiment has demostrated the functionality of the bulkmailers to send mass mail and also their crawling abilities, therefore this suggests that even if botnets send the majority of spam there are automated tools disguised as marketing tools that are also responsible for sending spam by private individuals who maybe or not involved in criminal activities. There are also bulkmailers and crawling tools that are mainly used by professional spammers such as Send safe,Reactor mailer and Darker mailer that the reseacher was not able to get hold of due to fact that some of them are known to contain malicious software and there are very expensive. .