Bulk Mailers

7/31/2019 Bulk Mailers

1/13

Bulk mailers

Atomic email studio is a multifunctional bulk mailer capable of managing all aspects of a

spam campaign. It has features that allow the user to create, send, manage mailing lists and

harvest email addresses. As shown in the diagram above the software allows for the

extraction of email addresss from a variety of source websites, files, whois databases,

newsgroups, bowsers and the option to purchase email addresses.


2/13

In the diagram above program is given two websites on which to conduct a search the first is

University of Westminster at addresswww.wmin.ac.uk and a total of two email addressed

are acquired one is [email protected] and is located at the following URL

http://www.wmin.ac.uk and the other [email protected] is located at the

following URL http://www.wmin.ac.uk/page-33. A total of 51 web pages were searched

inorder to get the two email addresses. The second search or harvest was conducted at the

British broadcasting corporation website atwww.bbc.co.uk and a total of 10 email address

were collected with associated URLs. As the program examines the web pages for email

addresses it shows the number of web pages that it has examined and the ones that it still has

yet to examine, as shown in the diagram above at the botton left it has examined 722 pages

but still has 5722 pages left to examine.However after a short period of time the number of

pages still to be examined increased from 5722 to 7206 and also the number of email

addresses increased. Therefore it seems that more email webpages are being searched the

more websites are found within the links.
http://www.wmin.ac.uk/http://www.wmin.ac.uk/http://www.wmin.ac.uk/mailto:[email protected]:[email protected]:[email protected]:[email protected]://www.wmin.ac.uk/page-33http://www.wmin.ac.uk/page-33http://www.bbc.co.uk/http://www.bbc.co.uk/http://www.bbc.co.uk/http://www.bbc.co.uk/http://www.wmin.ac.uk/page-33mailto:[email protected]:[email protected]://www.wmin.ac.uk/


3/13

When attemping to export the emails that have been harvested and send a mass email. The

researcher is prompted to purchase the software.Therefore the harvested emails couldnt be

exported using the trial version of the software.


4/13

Inorder to send emails using the software account creation was required which included the

user name, email address and company name. These were the intitial steps in configuring the

account to send mail.


5/13

Since the program did not allow for any of the harvested emails to be saved. The researcher

had to use email addresses derived from his own personal contact list. The emails used to test

the sending capabilities of the program can be seen in the diagram above.


6/13

Ir

The next option that is presented is the SMTP server selection. It allows emails sent by the

program to use an external SMTP server or to sent the mail directly to the recepients email

server bypassing the ISP. The difference is that ISPs usually impose restrictions on the

amount of mail that can be sent to one user. Therefore if the mail is set directly using the

internal SMTP it can bypass those restrictions.


7/13

Email tracking was enabled inorder to monitor the progress of the emai campaign also to

observe the effectiveness of the email tracking feature. An email address and password was

required inorder for the tracking report to be sent to designated email account. However the

email tracking was not succesful as error message was shown when attempts to intitiate it

were made.


8/13

The copy of the test email that was sent.


9/13

All of the 22 emails are sent. However three emails were successfully sent which were all

Gmail accounts, two were invalid email addresses and seventeen had send error. The rest of

the email address had send error more likely to the fact that there are being blocked by

service providers due to the fact that there use and internal SMTP.


10/13

The sent message has been received in the users mailbox.However it has been received in

the user spam folder. Which can more likely be attributed to the fact that the mail was sent by

an internal SMTP.


11/13

Delivered-To: [email protected]: by 10.229.227.21 with SMTP id iy21cs42627qcb;

Fri, 10 Sep 2010 09:38:36 -0700 (PDT)Received: by 10.213.101.17 with SMTP id a17mr425477ebo.32.1284136715534;

Fri, 10 Sep 2010 09:38:35 -0700 (PDT)Return-Path:

Received: from PHIL-01 (cpc2-finc7-0-0-cust220.4-2.cable.virginmedia.com[81.97.220.221])by mx.google.com with ESMTP id

v8si5911827eeh.26.2010.09.10.09.38.34;Fri, 10 Sep 2010 09:38:35 -0700 (PDT)

Received-SPF: softfail (google.com: domain of [email protected] does not designate 81.97.220.221 as permittedsender) client-ip=81.97.220.221;Authentication-Results: mx.google.com; spf=softfail (google.com: domain oftransitioning [email protected] does not designate 81.97.220.221 aspermitted sender) [email protected]: From: "Deputy Dog"

Subject: New messageTo: "p.mapfumo" Content-Type: multipart/alternative;boundary="PcnLhswJ2YuB7x1uJ89IBE5CFJWQpm5=_G"MIME-Version: 1.0Content-Transfer-Encoding: 8bitOrganization: The Dog PoundDate: Fri, 10 Sep 2010 17:38:22 +0100

This is a multi-part message in MIME format

--PcnLhswJ2YuB7x1uJ89IBE5CFJWQpm5=_GContent-Type: text/plain ; charset="iso-8859-1"Content-Transfer-Encoding: quoted-printable

Dear Sir/MadamThe page that you are looking for cannot be found.

But how about a game of Global Thermo Nuclear?=20Or go to joke.com homepage?Regards(Director of operations)

Deputy Dog Junior

Sent by trial version of Atomic Mail Sender

--PcnLhswJ2YuB7x1uJ89IBE5CFJWQpm5=_GContent-Type: text/html ; charset="iso-8859-1"Content-Transfer-Encoding: quoted-printable

Dear Sir/Madam

Thepage that you are looking for cannot be found.=

But how about a game of Global Thermo Nuclear?

Or go to joke.com homepage?

Regards

(Director of operations)

Deputy Dog Junior

Sent by trial version of Atomic =


12/13

Mail Sender

--PcnLhswJ2YuB7x1uJ89IBE5CFJWQpm5=_G--

The header information from the received emails shos that the receiving server has identified

the fact that the domain name used in the email address field did not originate from that

particular users domain it claims it was sent from.

Results from bulkmailer

The experiment that was conducted on the bulkmailers show that there are;

Bulkmailer vendors are aware of restrictions that are imposed on the number of emailthat can be sent at any one time and therefore have provided a means to bypass the

ISP by sending mail thorough an internal SMTP. This is view is also supported by

Cournane and Hunt (2003).

Vendors of bulkmailers have also developed software that the capable of sendingmass emails as well as harvesting them this demostrated by the Atomic mail tool that

was tested for this experiment. This view is also supported by a study on spam tools

conducted by Stern (2008)

Even though the trial versions of bulkmailers have limitations there provide a meansof testing the software to assess its abilitie. However since the tools fuctionality was

restricted it was difficult to access whether its ability to manipulate header

information.Which is has been reported to be possible in a study conducted by

Cournane and Hunt (2003).

The tracking ability of the software could not be assessed even though numberousattempts were made to reconfigure it. Even though the tracking abilities could not be

accessed there is evidence that some of the tools analysed have this ability allowing to

track the success of the spamming campaigns.

Only Google email accounts were the only accounts that accepted emails from thebulkmailer but all the other email service providers rejected all mail sent from the

bulkmailers.The email that was received in the resaerchers Google account revealed

that the Googles email filters detected that the email did not originate from the email

address that it claimed it origined from. This suggests that Google mail is willing to


13/13

accept email even if it suspects some form of fradulent behaviour, whilst other email

service providers reject suspect emails.

Bulkmailers abilites to personalise mail, text and HTML support, and messageobfusication techique to invade detection were not investigated in this experiment due

to time constraits and restrictions applied to the evaluation version of the software

used. However some of the sofware vendors offered mailing lists that could be

purchased, which brings the researcher to question whether the email addresses for

sale were obtained in an ethical manner. This seems probable as the software vendors

made not attempts to warn against the dangers of spamming and violating spam laws.

This experiment has demostrated the functionality of the bulkmailers to send mass

mail and also their crawling abilities, therefore this suggests that even if botnets send

the majority of spam there are automated tools disguised as marketing tools that are

also responsible for sending spam by private individuals who maybe or not involved

in criminal activities. There are also bulkmailers and crawling tools that are mainly

used by professional spammers such as Send safe,Reactor mailer and Darker mailer

that the reseacher was not able to get hold of due to fact that some of them are known

to contain malicious software and there are very expensive.

.

Documents

Bulk Mailers