Aug. 20, 2003 — Reporters often post their e-mail addresses so readers can provide feedback — a move that violates a key principle of Internet 101: If you put your address on the Web, spammers and virus writers can snatch it up and appropriate it to send their stuff. So when another round of the Sobig virus came along Tuesday, it sucked several of us at MSNBC.com into the spam vortex.
The virus used our addresses to spray a thick layer of virus-ridden e-mail, but responses came back directly to several reporters here. While our co-workers who keep their addresses off the Web received perhaps a half-dozen extra mails, those of us with our names out for the world to see received thousands and thousands. We even received mail spoofed with addresses of co-workers across the newsroom.
Sure, we were unduly slammed by autoresponders and antivirus hunters, but let’s just call it a learning experience. For a day, we got see how the spam-senders get treated.
On balance, things were pretty respectful; the spam responses contained few words that can’t be printed on a family Web site. We received messages from all sorts of folks: companies, universities and a bunch of state and local governments — even one from CERT, the group that hunts down Net security issues. Many other journalists, it would seem, have e-mail addresses floating around on the Web, waiting to be spammed (as though we didn’t already know this.) In that respect, we share at least one misfortune with public-relations reps.
Most often, antivirus and antispam software stopped us (well, not quite “us”) in our tracks. While technical writers and consultants may be in force to help explain how to use software, the error messages and automatic replies in mail software seem less polished and more colorful, perhaps because they are written by an unheralded engineer who is mostly concerned with how well the software is working, not what it’s telling us.
Many systems breathlessly noted there was something wrong, a “FILE QUARANTINED” or our “TRANSACTION FAILED.” We were DELETED and PURGED and DESTROYED. One even kept us in suspense for a line break or two before it unveiled the offense:
The virus was reported to be:
the W32/Sobig.f@MM virus !!!
BellSouth offered a terse, two-sentence note to stop us in our tracks. Others were even more curt, limiting the bulk of their messages to subject lines — one from the Navy said it “detected and quarantined a virus in a message you sent.” (The Coast Guard, incidentally, was checking mail on a server one IT wag named “auntie-virus2.”)
Many responses were accusatory, insisting we were infected and brusquely telling us we were being hauled to e-mail jail. Others, like one from the Wisconsin state government, gave us the benefit of the doubt, saying our mail was merely “suspected of containing a virus.” Still another broke the alleged crime and punishment into particulars:
At the same time, some divulged perhaps more than they should have. Several told us exactly where our messages were found, perhaps in “IMC Queues\Inbound located at TPWD/TPWD/TPWD-MX,” or which file server the offending data was being quarantined on.
Other systems tried to explain that, no, really, it wasn’t us, it was them. “I’m afraid I wasn’t able to deliver your message to the following addresses,” said those using the Qmail program, almost contritely. “This is a permanent error; I’ve given up. Sorry it didn’t work out.” For that matter, one lucky guy on Match.com was denied our mail because we weren’t paying customers.
Spam primerThe Interscan antivirus system invoked the existential tang of Hemingway as it told us it had done all it could: “Attempted to clean the file but it is not cleanable. It has been deleted.” Another from Caltrans, California’s transportation agency, offered an almost Orwellian logic. “Files that have been successfully cleaned are delivered,” it explained. “Files that cannot be cleaned are not delivered.”
A Web site for “Airwolf” star Jan-Michael Vincent thanked us and told us it would be back online “just as soon as we can clear all the legal hurdles.”
Many messages seemed destined for customer service inboxes, waiting for human intervention (“We have received your message and a Service Representative will be contacting you within two business days”), presumably to be zapped by someone wielding their delete key as fast as we wielded ours. Some tried to suggest easier ways to find what we wanted. “If your message involves a question to be researched or a complaint to be handled, we will try to provide that information or assistance to you as soon as possible,” the Arkansas Public Service Commission told us.
An eDiets doctor reminded us that “Your wellness is very important to me,” while Weight Watchers seemed to still be juggling a previous crisis: “Due to the power outage in the Northeast, our response times will be slower than usual.”
One overlooked our virusy gift and simply exhorted us to “Have a Great Day!”
Some systems assumed none of this was our fault, and tried to give basic lessons in virus cleaning. The National Park Service tried to explain what happened. “Please note,” its mail server pointed out, “that if you did not send a message to our user, a number of computer viruses make it appear that the author of a message is someone else.” Several others, all using the same software, opted to deliver that message in blank verse:
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it.
The folks at the Internet Movie Database were not only polite but amazingly helpful, given the situation. They thanked us for our message before delivering the bad news: “Unfortunately, your message has been discarded! Let’s explain ... Your message appeared to be wholly unsolicited e-mail!” But then they acknowledged that it “could be an unfortunate mistake” and suggested how to deliver a legitimate message. No harm, no foul.
The Bangkok Post was as kind as it could be while telling us, in essence, to beat it. “Please, do not respond to *this* message you’re reading now — your response will be lost,” it said. “I, the antivirus program, will be unable to read your response, sorry... :)”
A Canadian government server suggested we “perform a virus scan on your computer, clean any infected files, then resend this attachment.” By contrast, a Virginia public health agency spewed forth some jargon, then told us curtly it “detected a hostile content in this email and removed it.”
When mail got through to actual folks, many were out of the office or unwilling to accept them. Some were on vacation. Several were using software such as Spam Arrest to verify that we were, in fact, real people trying to send them mail. At least a couple kindly informed us the folks in question had left their jobs.
Another, from an editor at The Nation, told us he would be out of the office until after Labor Day, and added that ”[y]our e-mail ... will not be kept, so please resend it then.” One from a law firm that handles domain-name disputes was designed to dissuade bulk mailers: “Due to the Receipt of a tremendous amount of SPAM, I have changed my email address. My new email address is my first name @ my web site domain name. You should know what my first name and domain name are.”
Other folks blocked off their mailboxes for a different reason: They were already full.
Finally, a handful actually made it into inboxes of real people who took the time to respond. Most, amazingly, were quite polite. One told us simply, “This has a virus.” Someone else said she had gotten several mails from MSNBC accounts and asked us to “please stop sending.”
If only we could.
MSNBC.com’s Jon Bonné would like to receive your e-mail, but his inbox is rather full. Sorry it didn’t work out.
© 2013 msnbc.com Reprints