Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    eBook    Contact

Site Navigation
Bookmark and Share

Internet Worm SMTP Engines Explained

It is very common to encounter a phrase such as "uses its own SMTP engine" when reading virus descriptions. I often use such a phrase when discussing Internet worms in the Hoax-Slayer Newsletter. Reader feedback indicates that the meaning of "uses its own SMTP engine" may be somewhat obscure to many computer users, so I've put together the following brief explanation.

"SMTP" stands for Simple Mail Transfer Protocol. A "protocol" as it relates to the computing field, is a formal set of rules that describe how to transmit data. As the name suggests, SMTP is a protocol for transferring e-mail messages and is used legitimately and effectively (along with other protocols) by email programs such as Outlook Express, Pegasus Mail and others. SMTP is quite old by Internet standards but is still relatively efficient and easy to implement. These qualities make it a valuable tool for virus writers intent on wreaking maximum havoc. Many modern Internet worms have SMTP engines built directly into their code and can bypass existing email programs completely. Basically, such a worm comes loaded with everything it needs to establish a connection with a mail server and send itself to any email addresses it has harvested from the infected computer. Since the worm does not use an existing email application, the operator of the infected computer might not even be aware that a worm is propagating itself.

The above is a very simple overview of a quite complex subject area. You can read a much more thorough treatment of the subject via the link below:

With viruses and worms continually increasing in complexity, it is more important than ever to maintain a secure computing environment.

Write-up by Brett M. Christensen