The one of most interest to me was the suggestion that, when sending e-mails to multiple recipients (that is, a mailing list), that the e-mail addresses be hidden. One of the easiest ways to do that is by using BCC: (blind carbon copy, sometimes called blind courtesy copy).
Why do I think this is a good idea? Simple. If my e-mail address is in the TO: section or the CC: section, it's visible to all recipients. And to any malicious software that any of those recipients may have on their machine.
Like most people, I feel my personal computer is safe and protected. I keep my software up-to-date, and have software that is generally considered high-quality on my computers.
However, think about this for a second: I got virused one time because I happened to be one of the first people hit with a virus.
How? Well, let's run through it. Someone writes a new "zombie" virus that is released. Virus companies like Zone Labs, McAfee (Network Associates), Norton (Symantec), and others get reports and rush out updates to keep people safe.
Where did they get those reports from? From someone who got hit by the virus!
So, as quick as the major players get updates out, the first people hit are, well, screwed if the virus is different enough.
All that to say this. If I send an e-mail to a mailing list, and if I don't hide the recipients, and if even one of those recipients has a computer that's compromised, then the e-mail address of everyone on that mailing list is compromised.
And you will get stuff like this:
Received: from imp4-q.free.fr (imp4-q.free.fr [220.127.116.11])
by postfix3-1.free.fr (Postfix) with ESMTP id 338F11734AE;
Fri, 29 Jul 2005 19:34:57 +0200 (CEST)
Received: by imp4-q.free.fr (Postfix, from userid 33)
id 9A96756DDE; Fri, 29 Jul 2005 17:15:06 +0200 (MEST)
Received: from 18.104.22.168 ([22.214.171.124])
by imp4-q.free.fr (IMP) with HTTP
for <firstname.lastname@example.org>; Fri, 29 Jul 2005 17:15:06 +0200
Date: Fri, 29 Jul 2005 17:15:06 +0200
From: Madam Adele Mbonjo <email@example.com>
Subject: Urgent Message
Content-Type: text/plain; charset=ISO-8859-1
User-Agent: Internet Messaging Program (IMP) 3.2.5
I am Madam.Adele Mbonjo,the former manager of the Central African Republic's former President Ange Felix Patassé. I'm presently in house arrest here in Bangui the state capital, after the military's putch. I found your address in the commercial directory we have in our Chamber of Commerce.
First of all, I'm very sorry for the way I get in touch with you for such a matter. But because of poor or un-reliable communication technology and the confidentiality of this business, are the reasons that prompted me to do so. I would like to have a partnership with you, in order to invest a sum of thirty five Million USD(35,000,000 USD) in profitable sectors in your country, as long as you are interested in my offer.
I got this money from cash donations by foreign contractors I've granted many contracts in my department. As a close aide to the former President, I couldn't use our banking system to transfer such an amount without a trace. This could cause me a serious problem . Even presently, the new President has decided to freeze all the abroad banking accounts of all those who were close to Mr. Patassé. We are placed under security close watch while my travelling papers are seized.
During my tenure in government, I used the government decoy system to carry out this money abroad where know one know about in packaged box. I will inform you as soon as we progress for future claims due to the instability in politics here presently. The security holding company are not aware of the contents hence I coded it as Gold Bar/Personal Effect.
So I'm now without any source of Income. The situation above has lead me to ask for your co-operation for the claiming out of the security holding company for further safe-keeping of these funds, for solid and reliable projects of investment. I respectfully suggest a gift of 20% of this sum for your help and your efforts. I mean USD $7,000,000 Million. I rely on you as a respectful and honest person to take care of this transaction with sincerity, confidence and confidentiality.
I've decided to look for a confidential co-operation with you in this business, despite the fact that we've never met. I hope you will keep this as a great confidential business because of the nature of this transaction. I will make sure you take possession of the funds, by providing a process without difficulties.
I would like to hear from you on receipt of this mail, by showing me your good will and possibilities, so that I can give you more details. This matter requires a particular attention and an absolute confidentiality from you.
I will be expecting your response to this mail, whatever the decision you come up with, let me know through this my private email
I won't be sending e-mails to mailing lists without hiding the addresses. Not saying I haven't. I'm saying I won't. Because I don't what stuff like this happening to people.
I get e-mails from some who don't BCC: my address. They leave it in the CC: or sometimes in the TO: when they send to a list. I really don't mind people notifying me of posts that they think would be of interest. But I wish they'd hide the e-mail addresses in BCC: but they don't. And now I get e-mails like that.
And I don't like it.