Smart People Against Stupid Mail

SPASM works as a buffer between your mail server and your email reader (MS Outlook). It provides increased protection when reading attachments and allows you to manage your email accounts in a proper way.

Current email viruses share a common property. They are all binary files or scripts. SPASM scramble all binary attachments and the scripts before making them available to your email reader. If the attachment is a picture, a piece of music or a video clip you can still see a portion of it. However, executable or zipped files cannot run. Once you have safely open the scrambled attachment and made your decision you can read the entire file.

In addition, you can check your POP3 mail before downloading to your computer and determine if the messages are safe to retrieve. You can block, delete or even look at the messages before delivering them to your email reader. For every email message downloaded SPASM creates a file that can be accessed using Outlook Express, Notepad, WordPad or other email programs.

SPASM is a small portable program. You can take it on the road, run it from a floppy disk and access your mail without leaving any trace or change settings on someone else's computer.

Version 1.0 works with POP3 mail accounts only. It does not support Web accounts (Hotmail, AOL, etc).

How SPASM works

STEP1 - Check your email server

When you check your mail, all email files residing in your server and their contents will be shown. However, no files are downloaded to your computer at this time. While the REMOTE side (server) shows your messages the LOCAL side (your computer) is empty. If you don't like some of the messages displayed you can select and delete them from the server.

If you are curious however about a message that may not look OK, right click on it and select WordPad. WordPad allows you to read the text portion of the message and to see what's in it. The message will not be saved in your computer. Once you cleaned up your mail box you can use your email reader to retrieve the messages.

A visual indication is provided for all messages to attention you of their contents.


STEP 2 - Retrieve your mail

Now you have two options: either retrieve the entire mail or select only the messages of interest.

So if you're in a hurry and don't want to loose time checking the server you can just click and retrieve all mail. If you have multiple accounts the mail is simultaneously downloaded from all accounts. Blocked messages are not downloaded.

During download, you can see the LOCAL side being filled with the names and contents of the email files. Downloaded files are saved as regular Windows files. They are not delivered to your email program until you click on them.


STEP 3 - Read your email

Here comes the trick.

Say you click on a file that has one or more attachments (like I did here for "alex"). The attachment is listed as GIF (picture) but you never know what's in it. SPASM detected that this is a binary file which could be an executable containing a virus. A message box pops up asking you if you want to see the file normal or scrambled.

Since "alex" may be known to you and he may have sent you pictures in the past select "YES" to scramble the attachment. What you see now is the text and part of the picture (right). Since the attachment is safe to open you can come back and select the normal mode to see the entire picture (left).


This was a happy ending but now look at a more serious problem. I clicked on selwin_arrow. The message has the attachment "yourmail.pif" which by the way contains one of the most malicious viruses in existence. Selecting the scrambling option (75% scrambling) and then clicking on the attachment shown by Outlook produces the system error displayed below.

This is because executable files cannot run if their content is scrambled.



February 20th, 2004