Link back to course Welcome...
Last updated: 11/16/00

Agenda for Computers, the Internet, and Society Class #6 -- November 15, 2000

This agenda and class are for Computers, the Internet, and Society only.

Changes from original agenda:

1. Change in assignments - Essay 2 was deleted from the assignment schedule. I do not plan to change the web page on assignments, this late in the semester.
2. I passed out the Final Exam topics, and we went over them briefly. Each member of the class signed up to post something regarding one of the A-B-C topics for Release 2.1 under II on the exam topics. I hope that this will start a discussion of the textbooks online. I think that the list below is right, but I don't have my notes with me this morning:
   1. Earline Yelder
   2. Paul Mungar
   3. Thelma Blakely
3. We went over the handout "Forms of Computer Information. We got as far as starting graphics information, bitmaps only, and will continue this during the next (last) class. I will make a list of graphics encoding schemes. Generally, the bitmap or "paint" schemes divide the screen into "pixels" arranged in rows and columns, and then have an encoding scheme or way of describing the color of each pixel. These schemes start at the upper left corner of the picture and scan across the top or first row, then start over on the second row, and so on. For each pixel, color information has to be stored.
4. Another conference topic can be questions about the Final Exam topics, which include Quiz 1 and Quiz 2 topics.
5. The Final Exam will be Friday December 15 starting at 6:30 PM.
6. For uploading your personal web page,
   1. You can use either FTP or the web upload page.
   2. For either system the User Name is inetf00 and the password is stustu.
   3. Only Earline's personal web page is there now.

Original agenda:

1. Quiz 2 - one hour
2. Announcements
   1. If your name is listed below, puh-LEAZE go to the course web site and fill in the course information form.
      1. Nafeesah Abdullah
      2. Paul Mungar
      3. Mary Phelps
      4. Chandra Williams
   2. The computer tutor is available at no charge (paid directly by ISP). His name is Matta Vijay Kumar and he is available as follows:
      1. Tel 313-832-6585
      2. Lab hours (also lab is open and you can work in there): Fridays 10 - 12 and 3 to 7 PM
   3. Student Evaluation of Teaching for this course will be next class - December 6.
3. Reminder of what you should be doing online on a regular basis -- these are part of the grade
   1. Signin, from the lab, only on days for the class(es) you are taking
   2. Weekly course report (if you are taking both classes, a single report will do)
   3. Conference postings (one for eCommerce, two for Computers, the Internet, and Society, three if you are taking both). In order to count towards the requirement, postings should be (a) minimum of five lines and (b) about the course topic(s). What to post about? Here are some possibilities
      1. Quiz and Exam questions. Ask a question, but better yet try answering one. I will respond, and then you know that you can answer it.
      2. Readings. With fewer class meetings, the discussion goes in the compueter conference.
      3. Use of Word, Excel and Access
   4. Not required, but do it anyway - check your email on at least a weekly basis. Don't have email: use hotmail - it's easy and free. See me if you need help.
4. Last assignments - reminder (see syllabus and assignment schedule for details)
   1. Essays
   2. Personal web page
   3. Getting ready for Final - it will be cumulative
   4. Email
5. Review of Internet security
   1. Public key encryption
      1. Ways to use it
      2. Digital certificates
   2. Release 2.1
      1. Information broker
      2. Encryption at destination as well as en route
6. Internet - issues / Read the news!
   1. Just another technology?
   2. Will there be enough jobs for people?
   3. Permanent underclass?
   4. Racial / ethnic / cultural equality
   5. Invasion of privacy
   6. Relationships between Employees and Employers
   7. Falsifying information and/or the source of information
   8. Intellectual property rights
   9. Pornography and children
   10. Pollution and environmental degredation
   11. Dependence and the potential for disasters
       1. Y2K problem
7. IV.Internet trends
   1. What can we expect from the Internet in the near future?
      1. Continued rapid growth - doubling every year or so
      2. Increased speed - cable modems, Internet 2
      3. More services, e.g. movies
      4. It is not clear that security will be improved, although that could easily be done - there is little demand for it
      5. Decreased costs for connection ("Internet appliances" such as iNet)
      6. Making the web smarter - XML or Extensible Markup Language. This is a system for describing data so that it can be handled as the number ordered or currency, etc. This wil mean that web pages can incorporate data types, much like a database. Since this will make the web more useful, it should also make the web even more popular.
      7. ConvergenceMerging of several functions into one device. Example in class.
   2. Communications power shifting to the individual
      1. Can more easily choose between stores
      2. Can search for stores
      3. Can send messages to anyone connected to the Internet - also many services to find people
      4. Can easily and cheaply set up a web server to sell, inform, etc.
      5. There is no licensing authority
      6. There is no claim here that the Internet is a perfect communications medium for the individual. the claim is only that it gives more power to the individual, compared to earlier forms.
      7. For example, setting up a web server can cost $1,000 or less. Setting up a "brick and mortar" communications medium such as a newspaper, a TV station or a radio station costs $1,000,000 or more.
      8. Some people claim that big business will find a way to take over and control the Internet. This has been tried and so far it has failed. Customers will flee an ISP that does not give full access, for example. Since it is cheap and easy to become a small ISP, if this preference continues, big ISPs will have trouble if they try to restrict access. There are no guarantees, however.
8. Types of computer information - handout
9. Information security
   1. Passwords
      1. Your User ID is often public, so the password is your protection
      2. Everyone should have their own account, no sharing or borrowing
      3. Passwords minimum of six characters in length
      4. Do not use dictionary word - can use electronic dictionary easily
      5. On a case-sensitive system (Unix) use both upper and lower case
      6. Use alphabetic, numeric and special characters (!@#$% etc.) - this means that many password guessing programs will not work, and those that will work have many more combinations to search through
      7. Change your password when required
      8. If you have so many passwords that you must write them down, keep different passwords on different lists. Do not keep the lists out in the open. Each time you are required to change your password, write a new list, so that you don't reveal patters.
   2. Cookies
      1. A cookie is...
      2. Cookies are stored in the file
         1. Netscape 4: ~\Netscape\Users\<user name>\cookies.txt
         2. Netscape 3: ~\Netscape\cookies.txt
         3. Internet Explorer 3: Each cookie in its own file in ~Windows\cookies
         4. Internet Explorer 4: Each cookie in its own file in ~\Windows\Profiles\<user name>\cookies\

      3. A Netscape cookie file
         # Netscape HTTP Cookie File
         # http://www.netscape.com/newsref/std/cookie_spec.html
         # This is a generated file! Do not edit.
         
         www.convene.com    FALSE    /    FALSE     1293753383    EGSOFT_ID     141.217.142.125-1703054704.29172376
         .preferences.com    TRUE    /    FALSE     1182140414    PreferencesID     E2IdffK474DcHzHh+B35ja
         mspress.microsoft.com    FALSE    /    FALSE     1293753636    EGSOFT_ID     141.217.142.125-3471568240.29230935
         .imgis.com    TRUE    /    FALSE     1075947957    JEB2     035D4A55DB225B898DD98E7D3004A67F
         .yahoo.com    TRUE    /    FALSE     1271361591    B    1eg330u675o1i
         .doubleclick.net    TRUE    /    FALSE     1920499108    id    af7fdfa5
         .amazon.com    TRUE    /    FALSE     2082787192    x-main     cJf6dW@0qzPZl34oCBrxZg
         .amazon.com    TRUE    /    FALSE     2082787192    ubid-main     002-6336269-9683841
         .netscape.com    TRUE    /    FALSE     1293839881    UIDC     141.217.142.125:0932073186:810001
         www.courseweb.wayne.edu:5001    FALSE    /     FALSE    2137622208    CFTOKEN     55688078
         www.courseweb.wayne.edu:5001    FALSE    /     FALSE    2137622208    CFID     113
         .netscape.com    TRUE    /    FALSE     1293846050    HITO_VISITS     A4357A03B+1DA4CB*E15EE*1
         .track-star.com    TRUE    /    FALSE     978307151    tsid     M12.36762581891.15.12-160|11_36_105_12
         .pparadise.com    TRUE    /    FALSE     2051222282    SITESERVER     ID=56cc24c9b0788389a4f52729ffb27749
         www.pparadise.com    FALSE    /    FALSE     2145801482    NGUserID     c000008d-203-947110936-1
         www.pparadise.com:80    FALSE    /    FALSE     2145801482    NGUserID     c000008d-203-947110998-1
         .valueclick.com    TRUE    /    FALSE     953939705    b_s     a0015728&1&a0016486&1

      4. You can control how your Browser handles cookies. The method is slightly different for each Browser and version, but generally you can opt to:
         1. Accept all cookies with no notice (this is always the default)
         2. Accept no cookies
         3. Accept only cookies that can only be retrieved by the originating server (this may not be foolproof, but would prevent another server from looking at all of your cookies)
         4. Notify you and give a choice about accepting/rejecting each cookie (this can get annoying!)
            In Netscape, choose the menu item Edit / Preferences
            
            In Internet Explorer,
            
            Reportedly, new versions of Internet Explorer do not let you reject all cookies, because Microsoft's Active Server Pages (.asp extension) require cookies to work.
      5. Keeping track of your cookies
         1. You can view cookie files with Notepad or Wordpad in Windows, and probably with Teachtext for the Mac. Usually viewing a cookie will not do you much good, because only the web server that set the cookie will know what each part means, and how the information is encoded.
         2. Users say that you can delete Netscape cookies by deleting their line in cookies.txt, or by deleting the file for Internet Explorer. This despite all of the warnings in cookies.txt. In fact, you can reportedly delete Netscape's cookies.txt altogether, and all of the files in the cookies folder for Internet Explorer. They will be regenerated during the next start-up, less all of the individual cookies.
         3. "Cookie Utilities" are programs that you can download to manage your cookies. These are generally free for a trial period (say, thirty days) but may require purchase later. I have used Cookie Pal, but it doesn't seem to do much more than I have told you above.
            1. Cookie Crusher: http://www.thelimitsoft.com/cookie.html
            2. Cookie Pal: http://www.kburra.com/
      6. From the point of view of the cookie "setter" (the server which puts the cookie on the user's computer), cookies are both good and bad:
         1. The World Wide Web does not connect successive "hits" from the same user (the technical language is that the Web is "stateless"). This is necessary for transactions such as choosing an article from an online catalog, and then making the purchase, or for answering a series of questions for an online test. Without this state information, any kind of dialogue with a user is impossible - which user are you talking to? Cookies preserve the state and make dialogues possible.
         2. Cookies only identify the computer, not the user. For example, I have Amazon.com cookies on my home and office computers. I am the same person, but Amazon.com doesn't know this. Also, if someone else is using the computer, the server thinks they are the same person.
         3. There are alternate methods for preserving the state information on the Web. The cookie normally happens without notice to the user. Another method is requiring a login. This does identify the person, but many users are reluctant to do this, so web sites tend not to use it. Hidden elements can also be put in web pages to track the user, but savvy users can see this tracking information (View Source).
   3. Credit cards Vs debit cards over the Internet. You have much more control and protection with a credit card. Your losses are limited, and your credit card company is almost forced to take your side in a dispute with a merchant, since you haven't paid them yet.
   4. Encryption and Certificates. These two technologies make it possible to protect information such as a credit card number while it travels over the Internet, to identify which computer the information comes from, and that it has not been changed during travel, and to identify who the computer actually belongs to. These technologies are not absolutely foolproof, but neither are their IRL equivalents absolutely foolproof either. Security professionals claim that the digital forms are far more secure than their IRL equivalents.
      1. Encryption "scrambles" information before it is put on the Internet, and unscrambles it on the other end. Modern-day encryption systems use a "key" - a digital number - to scramble and unscramble. The length of the key determines how difficult it is to crack the code without having the key. Cracking the code is equivalent to guessing the key. Current standards are 40-bit and 128-bit keys. Cracking a 40-bit key is currently difficult for an ordinary person with a desktop computer. (My son-in-law the computer pro says that the cracker would probably do better with a gun.) 128-bit is the current standard for banking and equivalent information, but such a key was recently cracked by combining something like 100,000 computers for a year during their spare time. Of course, as computers get faster, these tasks will become easier for ordinary people, but each additional bit makes it twice as difficult to crack the code. So security professionals say that it is time to migrate to 512-bit keys. There are two basic forms of key encryption.
         1. Private-key or symmetric encryption. The same key is used to scramble and descramble. The problem is - how does the receiver get the key? If over the ordinary Internet, the key can be intercepted and used to read the message. This is not a secure system.
         2. Public key, asymmetric or public key/private key encryption. These keys come in matched pairs. One is the private key that the individual keeps secure, and the other is the public key that is given out. If either of these keys is used to encrypt a message, only the other can decrypt it. Cracking this system is equivalent to factoring a number with the number of bits of the key length. This is a workable scheme, and is the scheme currently in use. Here are some examples:
            1. You buy a book from Amazon.com. Amazon sends you its public key to encrypt your ordering information with. (Your Browser handles your end of this without your involvement. You can tell this is a secure transaction because the key in the lower-left hand corner, instead of being shown broken as is normal, is whole.) Use of the key is triggered by the method "shttp" (https is a less-common method). You are satisfied because you know that only Amazon's private key can decrypt your credit card number. You can trace amazon's public key back to a certifying agency which vouches that this is really Amazon. Amazon is satisfied because they know the credit card number was not altered during transmission. The credit card number is decrypted when it arrives, and stored in the decrypted form.
            2. You send a contract via email. You encrypt the contract with your private key. The other party decrypts it with your public key, which guarantees it came from you and was not altered during transmission. The other party can use your public key to identify you, equivalent to a notarized signature.
            3. Both parties to a communication can use both their private keys and public keys, guaranteeing that each is who they say they are.
         3. Digital Certificates are private key/public key pairs that come from a Certificate Authority (CA), which acts like a public notary. The public key contains the public key of the CA, and so tells your correspondent who vouches for your identity. Examples of CAs are Thawte, VeriSign (a subsidiary of Thawte) and Truste.
            Broken key icon and fixed key icon
            https URL
   5. Most computer security breaches are not due to unauthorized intrusion (cracking or hacking) but to unauthorized use by authorized users. Transmission encryption will not protect against this. Dyson in Release 2.1 writes that we should begin to require on-site encryption also. This would help, but continued commitment and training are also necessary. A lot of unauthorized use comes from human curiosity, such as the desire to see Bill Gates' income tax return, if you work in the IRS, or the curiosity perhaps to see a neighbor's grades if you work at a University.
   6. Identity brokers - see Release 2.1 on data intermediaries (Pg 282 ff)
      1. Dyson writes that individuals are afraid of being exposed to public scrutiny by wholesale breaches of their personal information. On the other hand, the complete opposite, anonymity, has problems also. She makes two points here:
         1. From the point of view of society, complete anonymity permits or at least does not restrain antisocial behavior. She cites the example of Internet communities that virtually destroyed themselves through complete anonymity. Some visibility may keep us close enough to the straight and narrow that society can be functional.
         2. The individual wants some information to be public, since this fosters trust and the ability to make deals, buy goods, trust information, and so on.
      2. Dyson predicts that there will be companies that manage this for you as a paid service, like your credit card company or the credit rating bureaus do. They will guarantee your credit, in the case of the credit card company. Dyson predicts this practice spreading to other areas. You would reveal yourself to you data management company, and in the future they would vouch for your credit, your trustworthiness, your moral character and so on, without revealing the information on which that is based. So you could subscribe for the level of service that you wanted. If the company lied about its ratings of you, it would lose its credibility, which is its source of value.
10. Antivirus protection
    1. Viruses
       1. What is a virus? A computer virus is a program that saves itself as a file on your computer and/or changes existing files. The end result is that almost anything bad can happen, depending on the type of virus. There are tens of thousands of known viruses that can delete files, change file extensions, cause your other programs to malfunction, and always try to get into other computers. Viruses spread via floppy diskettes and other portable disks, and via modem and network and Internet connections.
          
          Originally viruses were standard executable programs but with the advent of Microsoft's widespread and powerful scripting languages for Word and Excel, macro viruses have become common. (Access also is vulnerable, but it is not used often enough to attract virus developers.) Application scripting languages are not as powerful as regular programming languages, so macro viruses have so far not done as much damage.
       2. Until recently, email messages could not carry active viruses. Viruses can be contained as *.exe or .com in attachments, but the attachment has to be extracted and then activated before the virus can work its evil. But Microsoft Outlook has a scripting language that can be inserted in a message, and executed by simply opening the message to read it.
          
          Also, web pages now have scripting languages such as Java, JavaScript and VB Script. (VB script is not popular enough to attract virus developers.) These scripts run automatically when the page is viewed. Since it was recognized very early that this presented a danger, web scripting languages are generally only enabled for working within the Browser window. Microsoft's ActiveX controls are exceptions; their language is quite powerful. Microsoft has a program of certifying ActiveX controls as being legitimate, and this prevents uncertified controls from executing.
       3. What motivates people to develop viruses? Eastern Europe has many highly educated but underemployed computer programmers, who see their Western colleagues as rich and spoiled. Many viruses come from this region. Some viruses are more or less innocent experiments that get out of control. But most viruses are written to demonstrate the user's superiority over the common user, or the careless server administrator. Ultimately, the motivation of the virus developer is irrelevant. The user must protect him/herself.
          
          I can promise you that getting infected by a computer virus will/make you be good and protect yourself, at least for a year or two. But highly effective and easy to use protection is widely today, so there are few excuses. The best protection is a good anti-virus program that is updated regularly, and starting with other methods is not meant to steer anyone away from that. Here are some methods for protecting your computer.
          1. Be careful about whom you accept files from. Commercial "shrink wrapped" software is supposed to be very safe. Safety goes downhill from there.
          2. Watch for unusual operation after loading a new program on your computer.
          3. Applications with scripting languages should have settings for which you are warned before a macro can run. Make sure that these settings are enabled. Do not let the macro run if you have reason to doubt the source.
          4. The big one. Buy a virus program. The common ones are all excellent; Mcafee, Symantec (Norton) and IBM. As each new generation of viruses comes along, the programs must be rewritten, most recently to check email macros, so don't find an old program and recycle it. Plan on buying a new anti-virus program every year or tow. If you see "shield" in the name, that means that the program will put a virtual shield around your computer, and scan all files that you open, whether on a floppy or a network. And in addition, it should prompt you to scan all existing files regularly. Modern anti-virus programs also automate regular updating of the virus definition files, and free updating should come with the product. The program should prompt you regularly, say every two weeks, to check its home site for updates. The updates should be downloaded and installed automatically. When your anti-virus program tells you that it is time to update, let it do its thing.
       4. Recently, with the Babylonia virus, it has been demonstrated that Windows help files (extension .hlp) can also contain a virus. The following types of files can contain viruses:
          1. .exe
          2. .com
          3. .dll
          4. .doc, .dot (Word)
          5. .xl* (Excel)
          6. .mdb (Access)
          7. .hlp (Windows help)
       5. One additional point: corporate computers are extensively connected by LANs, and therefore make it easier for viruses to spread. Virus writers know this, and most viruses are found on corporate computers. Viruses on home computers are less common, but on the other hand, home computers do not have the extensive technical support, so viruses are harder to repair.
    2. Virus hoaxes are false warnings about computer viruses. Why do this? Creating a good virus can be difficult and can land you in jail. Creating a virus hoax is easy, and you probably would not go to jail if caught. And you can write a good scary email and sit back and watch it spread. Many virus hoax messages simply make small changes in a previous hoax and resend. I have gotten several virus hoax notices in these classes; hence this topic. A virus that destroys its host computer, or deletes all the files on its hard drive, cannot spread itself after it does that. Any notice of a virus that will destroy all of the files, destroy the computer, or something like that, is probably a hoax. A favorite phrase is that IBM, or AOL, or IBM and AOL, have verified that this hoax does all of those terrible things.
    3. To check out notices of viruses and hoaxes, I like the following web sites:
       http://www.av.ibm.com/BreakingNews/VirusAlert/
       http://www.av.ibm.com/BreakingNews/HypeAlert/
       http://www.mcafee.com/centers/anti-virus/default2.asp
       http://vil.mcafee.com/hoax.asp
       Network Associates (McAfee) http://vil.nai.com/villib/alpha.asp
       Computer Incident Advisory Capability (CIAC - US Department of Energy antivirus site) http://ciac.llnl.gov (find other anti-virus links here)
       CIAC Virus Hoax page http://ciac.llnl.gov/ciac/CIACHoaxes.html
    4. From Agenda 4: Protecting yourself from being taken over for Denial of Service attacks. An article in the New York Times' "Circuits" section today (2/17/2000, Pg D1) gave suggestions about how to protect your home computer from Internet-based attacks, or being coopted in a DDoS attack.
       1. A free Internet site, www.grc.com, called ShieldsUP! will scan your home computer for Internet vulnerabilities in the way that a hacker would, and tell you about them. The site also has a tutorial on Internet security.
       2. Internet vulnerabilities can be exploited to place computer files on your computer. The first line of defense, according to the article, is a good antivirus program with "Shield" capability and up-to-date virus definition files.
       3. The article lists several programs that you can run on your computer to set up a firewall that inspects all Internet traffic coming into your computer, and blocks unauthorized packets. More of these programs are expected on the market soon, but here are some available now:
          1. BlackIce Defender, $40 from Network Ice at www.networkice.com
          2. Norton Internet Security 2000, $55 from Symantec at www.symantec.com
          3. (Recommended by reviewer) ZoneAlaram 2.0, free download from www.zonelabs.com. Pops up an alarm if your system is being scanned for vulnerabilities. Also monitors your running programs to see which ones - legitimately or otherwise - are trying to send information back out to the Internet.
    5. Spam is bulk email, like junk mail, usually for advertising purposes. At its worst, Spam can overload a user's mailbox, making email unusable. Spammers are both amateur and professional.
       1. Spammers get addresses from UseNet news groups, and by scanning web pages with "mailto" links in them. Lists are posted to the Internet and exchanged.
       2. One line of defense is to look at the email headers to find out where the mail came fromand how it was passed. Directions for doing this vary widely among email programs. Consult http://digital.net/~gandalf/spamfaq.html for hints. Here is a sample set of headers:
          
          Received: from post.info.drugstore.com (post.info.drugstore.com [216.32.6.82])
          by mail1.wayne.edu (8.8.5/8.8.5) with ESMTP id KAA05623 for
          <d.r.bowen@wayne.edu>; Tue, 14 Mar 2000 10:37:06 -0500 (EST)
          Message-ID:
          <200003141537.KAA05623@mail1.wayne.edu>
          Received: from PickupDirectory by post.info.drugstore.com with SMTP
          (Microsoft Exchange Internet Mail Service Version 5.5.2448.0) id
          19TQ02D9; Tue, 14 Mar 2000 07:33:39 -0800
          From: "drugstore.com" <drugstore.com_000268@info.drugstore.com>
          To: <d.r.bowen@mail1.wayne.edu>
          Subject: Save the planet with great natural products
          Date: Tue, 14 Mar 2000 04:13:20 -0800
          MIME-Version: 1.0
          Content-Type: multipart/alternative;
          boundary="----=_NextPart_000_1DD030_01BF8D6B.A1E66030"
          X-Recipient_Key: 162568
          X-Cq_Job: 268
          X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3612.1700
          
          The goal is to pick out the address of the spammer's Internet Service Provider. Then email that ISP and complain. Since spammers are universally reviled, many ISPs will discipline clients who are spammers.
       3. There is software to filter out Spam, both at the user level and the ISP level (incoming and outgoing). Yous ISP may install this if you are victimized. Here is a list from Yahoo
          1. Anti-Spam Provisions in Sendmail
          2. BlackMail Anti Spam Mailer Daemon - a highly configurable SMTP mail filter that runs at a system level as a proxy to your existing mailer.
          3. Fight Junk Mail - two packages to help combat internet spam.
          4. Infinite Ink's Mail Filtering and Robots
          5. jmfilter
          6. junkfilter - a procmail-based junk email filter system. Filter junk from Cyber Promotions, Nancynet, Quantcom, and many more. End junkmail with falsified headers. Filter it!
          7. makebait - how to make your own bot bait.
          8. NewApps.com Anti-Spam Tools
          9. Procmail Filters Kit
          10. RBL Code
          11. S.C.S. Spam Mail Filter for NT - freeware for users of EMWAC's Internet Mail Software.
          12. Sam Spade - web interface to many network tools, including traceroute, dig, whois, secure web browser, URL decipherer.
          13. Spam Hater - free Windows software that helps you to hit back at the spammers.
          14. Spambam
          15. Spambot - stops robots from collecting you email from a web page.
          16. Spambot Beware - Help on how to hide your email address on web pages. Also shows ways to detect and harass spambots.
          17. Spammer Slammer
          18. Using check_* in sendmail 8.8 - rulesets for validating RCPT, MAIL, check_compat, etc.

    Most email clients will also filter out unwanted email. Here is an example of a filter dialog, from Netscape Communicator:
    
    This dialog defines a single filter; multiple filters can be combined. Other email programs will do this slightly differently, of course.