Blackholing My Email

In my own experience, it’s not particularly often that you find yourself asking your email provider to blackhole your primary, personal email address. But in 2002, a unique series of turn-of-the-millennium events had me doing exactly that to prevent our broadband account from being terminated.

Back then, I was the owner of [email protected] - proudly so, as all other acceptable variations of “Dave”, “DaveJ”, and my firstname/surname appeared to have been taken by other subscribers to our ISP. To find an available 2-letter username that was vaguely similar to “Dave” felt lucky.

The early 2000s were challenging for email, thanks to the emergence of highly-transmissable email worms. Perhaps most famously, the “ILOVEYOU” worm earned international attention as thousands of computer networks, schools, businesses and communities were brought down - in some cases destroyed - by virtue of this destructive virus deleting files and emailing itself to everyone who happened to be in the address list of any unfortunate (albeit Outlook-using) recipient. Even in 2000, that was millions upon millions of people.

By 2002 these worms had evolved to become considerably more sophisticated - and sneaky - as their authors attempted to spread wider and faster. One of the most devastating changes - at least for my poor, poor inbox - was the ability to source email addresses of potential targets not just from the users address book, but from any and every text-like file on the user’s hard disk.

At this point I was onto my fourth official CS map - Dust 2 - which meant at least 4 mentions of my personal email address in every CS installation. An email address that would pop up every time someone connected to a server running one of my maps, as part of the mission briefing:

Dust - Bomb/Defuse
by DaveJ ([email protected])
textures by Macman ([email protected])
Counter-Terrorists: Prevent Terrorists
from bombing chemical weapon crates.
Team members must defuse any bombs
that threaten targeted areas.
Terrorists: The Terrorist carrying the
C4 must destroy one of the chemical
weapon stashes.
Other Notes: There are 2 chemical
weapon stashes in the mission.
(Press FIRE to continue)

This was de_dust.txt - equivalents existed for Dust 2 and Cobble, plus the overall readme.txt. All contributors to CS had their email listed somewhere in every single installation of the most popular multiplayer FPS of the time, a title primarily installed onto internet-connected computers, during a period of highly virulent email worms that spread exclusively via the internet.

You see where this is going…

My [email protected] account soon started receiving tens, and then hundreds, of emails a day from worms such as “Klez” - so many that Outlook (mine was patched, thankfully) could no longer load my inbox anymore. I had to use a dedicated POP3 tool that would let me rapidly scan and remove troublesome emails beforehand to let the legitimate ones through. Mercifully, trashable emails were easily identified by common patterns in the subject line, so this only took a few minutes a day to restore inbox access.

Alas, this didn’t last. Before long those few hundred emails a day I was receiving became thousands of emails a day, which easily occupied the entirety of the at-the-time generous 15MB (megabytes!) of mailbox space so gracefully bestowed to me by BT, our ISP. Worst still, worm authors had become somewhat more creative with their email structure to evade bulk identification and removal, utilising randomly-constructed subject lines, bodies, feigned headers, stolen file attachments, and - most annoyingly - using spoofed sender addresses, again using harvested data from whatever address books and files they came across.

My dad (the actual account holder) started to receive warnings about email usage. Our broadband account faced the risk of closure. The game was up. My precious 2-letter email address was unusable - any valid emails were being completely lost amongst all the infected ones, my inbox was too full to receive new emails, and even many of the valid ones that did get through were accusations of me sending them a worm (remember those spoofed headers?) I had little choice but to ask BT Customer Service to blackhole [email protected] to save our account, to protect their email service, and to prevent creating a storm of unexpected bounced emails to the poor souls whose addresses had been randomly chosen as the spoofed “from” address.

24 years later, and my dad’s BT Internet account is still around. Out of curiosity, I tried to log in and see if I could find the current state of [email protected] - but that functionality was removed some years ago, and it’s not possible to create new inboxes anymore. I tried sending an email to it - and got a regular “User unknown” reply back, indicating that at some point the blackhole was removed, and the account simply became non-existent.

I’d be curious to know if it is still receiving any email worms all these years later.