ErioServices

E-mail

E-mail is the instantly productive part of Interent operations. However it does make many people nervous because it has become the popular way by which viruses are introduced into machines and propagated.

E-mail ADDRESSES

Generally speaking an e-mail address consist of two parts - the bit before the @ and what follows. The address you get is set up by your Internet Service Provider (ISP).

With some (such as Freeserve) the bit before the @ is not relevant. Thus you could have what appear to be multiple mailboxes, if only so that you can identify the subject matter at a glance. Thus the following e-mail addresses are all the same, indeed you can put anything in front of the @ symbol.

Albert@the address.company.what
Sales@the address.company.what
Spares@the address.company.what
Support@the address.company.what

If you are not sure whether your ISP allows this, just send yourself a couple of e-mails with different bits before the @ and see if they get back to you.

What this scheme does not give is privacy. In the following, Albert, Barry, Chris and Debbie might be able to identify mail that is relevant to them but they can all read each others mail.

Albert@theaddress.company.what
Barry@theaddress.company.what
Chris@theaddress.company.what
Debbie@theaddress.company.what

If you need individual privacy then you need a multiple address mail-box set up with your ISP. This can vary between different ISPs so is beyond the scope of this general document. Obviously in such arrangements, the bit before the @ symbol is 'locked' so that it becomes relevant with the rest of the address.

Another possibility is to set up an account with any of the organisations that offer a web based mail system such as HOTMAIL (www.hotmail.com). Generally these e-mail schemes are accessed as normal internet pages which then connect to a series of forms and are thus a little restricted on 'normal' mail operations. However it is a great scheme for students and others who are away from home since mail can be read or sent from any internet connection.

Nowadays most ISPs do have a mechanism that allows you to retrieve your mail from any computer via a web page. However there can be problems with sending e-mails from such systems, when using a different ISP to your registered one.

E-mail SECURITY

The propagation of viruses is usually done by embedding links within the body of an e-mail or by attachments. It follows that if you never link from the e-mail you will have some protection. This is a good policy to follow. You can always copy and paste what you see on the screen if you need to follow the link. No other explanation is given but you might get an insight in the other document, 'Protecting your data'.

If a mailing contains an attachment, with some browsers this is quite obvious since the e-mail will include a box with details of the attachment. With others look for a paper-clip somewhere in the e-mail and click on that.

Thus if you never click on an e-mail body link or never accept an attachment, viruses from e-mails will not occur. This would be somewhat self-defeatist because e-mails are a powerful vehicle by which documents, pictures and even programs can be sent to others.

It is best not to activate any attachments that you are not expecting. However it is also unrealistic to expect that they all will be pre-announced. You therefore need to pay attention to the origins of any attachments. Best not to open an attachment directly from the invitation but save it to disk for examination first.

TXT name extensions are safe to open as are graphic files in the recognised formats such as extensions PCX, GIF, BMP, WMF and others.

There is a problem in that it is easy to have an attachment that hides itself by pretending to be one of the above. This happens because later versions of Windows do allow a 'double extension', in other words a full stop is allowed as part of the name. Thus you might receive an attachment with a name such as THETEXT.TXT and think that it is safe to open. If your machine is not set up to view extensions, you would miss the fact that the file is really called THETEXT.TXT.EXE.

You must therefore proceed with caution. This is what I suggest:-

Ensure that Windows Explorer is set to show all files and extensions. You do this by selecting View - Details. Then select View - Folder Options... - View - and ensure that under Hidden files the 'Show all files' is set and that 'Hide file extensions for known file types' is clear. You should now see any files listed in the Windows Explorer right hand pane complete with file extensions.
Save attachments for examination off-line. I stick all Internet downloads in a single folder called ADUMP.
Using Windows Explorer, examine the file name. Ensure that the last full stop is followed by an extension that is safe to open.
If you have any doubts do question the validity of the attachment with the sender - bear in mind that someone you know may have a corrupted machine and is propagating the virus without knowing.

If you must send someone an attachment which is a program, a zipped file or a .doc extension, make sure that it is expected. Similarly, don't open such a file yourself unless you are expecting it.

One recent virus worked itself into other machines by examining received mail and then responding to it with a message in the lines of......

"Will answer your e-mail shortly. In the meantime I enclose some files that I thought you should see."

Thus recipients would think that the above is in direct response to something they sent originally! The answer must be to put in the mailing enough descriptive information so that the recipient can be sure it is not a mechanically created e-mail. Alternatively use a pre-arranged code. I still think it is best to send an advanced warning e-mail explaining what the attachment to follow will be.

In general the most likely products that will allow viruses into your machine are those from Microsoft. This is because Microsoft have made it easy to be able to transfer information between different programs. In itself this is a good thing because it allows you to work on a variety of material without having to think how you are going to transfer say, a spreadsheet extract into a document. However it does make systems vulnerable to attack from outside communications and of course, once in your machine, the virus has little problem propagating itself.

Windows does have a very conveninet feature in file associations. As you know, double clicking on a data file will usually open the appropriate program for manipulating that data. Stopping this from happening will at least make you think whether you really should let a particular e-mail attachment launch. Thus if you click on say, a file with the spreadsheet .xls extension, nothing will happen. If you really want to open this file you would open your Excel program and load the .xls file from there.

It may therefore suit your work style to relinquish some of the file associations. It is really a balance between how much e-mail activity you have and thus potential risk, and how much time you spend exploring files in your machine and thus the nuisance of having to open programs in order to 'see' the contents of a file. I would suggest that if the latter, you really need to consider whether the names you allocate to files are meaningful enough so that you know what the file is about from the title.

If you want to dis-associate file extensions from programs, I would suggest you concentrate on the most vulnerable. This will be script files and templates.

They are:-
.DOT Microsoft Word template
.GZ Compressed files
.MPT Microsoft Project template
.TAR Compressed files
.UU E-mail programs
.VBS Visual Basic scripts
.XLM Microsoft Excel macro
.XLT Microsoft Excel template

To dis-associate you need to open Windows Explorer.
Choose View - Folder Options - File Types
In the list shown, highlight the file extension type then click the Remove button. Answer Yes when prompted.
Repeat for each file extension you want to dis-associate.

It is difficult to know what to do with other extensions such as the spreadsheet .xls and the .doc one. These probably form the bulk of your working life so it may be too inconvenient.

Who is DAEMON?

When you send e-mail, your ISP server (the computer to which you are directly connected) will check that the address exists and then forward the mailing to the recipient's server. Although e-mail has a low priority on the internet, the chances are that your mail arrives at its destination within say, 5 minutes.

However there are times when the receiving server might be out of action, or addresses are changed etc. so that your server cannot deliver. In such cases the mail is forwarded to one of various servers whose function is to try and rationalise what is wrong. DAEMON is one of these computers. If DAEMON can resolve the problem, you will hear nothing about it. Occasionally you may get a rather technical document from DAEMON giving the route of the e-mail and the reasons for its non-delivery. In short, all it means is that your mailing did not get delivered!

By the same logic it follows that if you do not hear from DAEMON, your mail has been delivered. It may have been delivered to the wrong address (your fault) or it might be there in the recipeints server unread but it has been delivered. In general if you do not receive a DAEMON e-mail within three hours you can be sure it has arrived somewhere!

How can you guarantee that that the mail has been read? The answer is you cannot. Most mail servers allow you to ask for a receipt when mail arrives, when it is read and so on. The trouble is that the recipient can refuse to allow such a confirmation to be sent back to you. Furthermore if you have a high volume of e-mail, you will be receiving one or two (in some systems even more) receipts for each e-mail you send!

E-mail SCAMS

There are many e-mail scams doing the rounds. Armed with a list of addresses, it is very easy to set up. Many of them are dependent on content and should be easy to spot. Others are a bit more frightening because although dependent on content, they seem to come from a legitimate organisation with which you have dealings.

One way of minimising the propagation of your e-mail address would be to switch off everything in your e-mail reader other than plain text. No pictures, no fancy text etc.. The reason for this is that often, opening an e-mail will connect to a different server where the supporting picture is held, and this one would trap your address. That is all - but now 'they' know that this address is genuine and active. So it can go onto the spam database.

Now if you did switch everything off, you would gain some protection but if you get quite a number of e-mails, life would be very boring. All would look the same. Gone will be letterheads. Gone would be pictures of goods from some firm you have had stuff from and which might be of interest.

To my mind a better thing to do is to look at the list of e-mails. Look at the Sender and Recipient columns. If your address is not shown exacly as you know it, do not open the e-mail. If the sender is not someone you recognise do not open the e-mail.

Granted that, if you are in business, especially with a web presence, you may get e-mails from people you do not know. At least expect them to have identified themselves and the nature of the e-mail clearly in the Sender and Subject headers. Better still - do not have an e-mail address on your web-site. Arrange to have a form just as you see on this site.

Probably the worst of the current e-mail scams is phishing. Phishing is where a mailing purports to come from some organisation such as eBay or Paypal or your bank. It tells you that because of some technical or unusual activity, you must follow the link in order to restore normality/not have your account suspended. If you don't life and the universe as you know it, will cease to exist.

It will look good - if you are are going to take the trouble to cheat you make sure that your page looks like the real thing.

There are things you could watch out for, 'Dear Member' rather than your name etc., but there is no need to go to into all this study. If you suspect the e-mail might be genuine, simply go to site of the organisation concerned and check. DO NOT follow any links in the e-mail supplied 'for your convenience'. Better still, just delete such e-mails.

If the organisation you deal with are putting out genuine e-mails that look like phishing, which you ignore, and if by reason of this, some action is taken to your disadvantage, you would have good cause to create a very public merry hell!

So to re-iterate what all major organisations say: if they need to bring something to your attention they would suggest you contact them through your normal channels and not as a response or link via the e-mail. At no time will an e-mail ask you for personal details such as passwords or memorable words. Pity that, when say, the bank phones you, the rules that they have in place for e-mails do not seem to apply - the telephone inquisition does take place.

What can you do if as a concerned individual, you feel you should report an attempted phishing e-mail? Most organisations do have a mechanism to which you can report these. Trouble is that how they deal with it is very variable. If you decide to to use the system, always FORWARD (Fwd) the e-mail in question. Do NOT just copy and paste it. By Forwarding, the full header is maintained and it is this that they would use to trace back to the source.
Back to Computing Basics

Erio Services Home page

Page last modified on 20th July 2006 - Total re-write