Oh the spammers!
Always are they trying to come up with clever little plots to get me to read their spam! A while back I started seeing my e-mail address in the “Sender” column of my In Box. For the sake of this Thread, let’s say my e-mail address is “bienville@gogoboots.com”.
I had noticed “bienville@gogoboots.com” in the “Sender” column of my In Box. This got my dander up and in a rage I clicked on the Subject line to see just what these devils were up to with my e-mail address. Turned out they somehow had it set up so that “bienville@gogoboots.com” was the name of the Sender but that the e-mail address from which it was sent was something different entirely.
Now, however, something much more sinister is going on. . . in my In Box, twice in the last few days, I saw mail from a Sender “bienville@gogoboots.com”. I thought this was the same scam, but no! Looking at the e-mail it shows “bienville@gogoboots.com” as the e-mail address from which it was sent!!! Running a test I hit “Reply” (I did not actually send the reply, as I’ve always thought replying to spam brought more trouble), I hit reply to see what e-mail address would show up in the “To” field of my reply e-mail. Sure enough, there it was “bienville@gogoboots.com”.
Now were I to actually send the reply, I can’t see how it would end up anywhere other than my own In Box. So if Dopers think it a safe experiment, I’ll try it and report the results.
But how is this happening???
How are the spammers sending e-mails that show my account as the sender???
Does everyone only see their own e-mail address as the sender, is the the point of the scam, or is it possible that other people are receiving spam that looks like it is coming from me???
Header spoofing. We have it happen at my place of business all the time. Basically, the spammer fakes the sender address on his message to match up with the receiving address. That way, who are you going to complain to about the spam?
Spoofing an address is really easy if you have a small knowledge of SMTP. The spammers probably don’t but have a program that handles that for them.
The “From” address in an email is just like the “Return Address” on a letter. Whoever sends the letter can write whatever return address they like on the letter – there’s certainly no guarantee that it exists, or that the address actually belongs to the sender.
Not only is it practically a sure thing, it’s happened! I was wondering who this bloke “bienville@gogoboots.com” was. Now I know. And why are you Spamming me!!
Wait, I’m not getting it.
If “spoofing” the e-mail address is achieved by matching up the sender address and the receiving address, then wouldn’t everyone who receives mail from this spammer see their own address as the sender?
I’m most worried about people getting hit by this spammer thinking they’re getting hit by me, but I still don’t see how it’s possible for someone to send e-mail from my address without sending it from my account.
As to the Return Address analogy, I would understand that as an explanation for the previous scam I had described- my e-mail address was listed in the “Name of Sender” field, but the sender’s e-mail address was clearly something different entirely.
If the Return Address analogy still applies, I need it better explained. The actual e-mail address from which the spam was sent is exactly my actual e-mail address. Other than the “spoofing” described by diku, in which the sender address mirrors the receiving address, I don’t understand how someone could send out e-mails from my address without using my account.
As others have said, it’s pretty much guaranteed that other people will be receiving messages they think are from you.
And it gets worse…
Be prepared to get a flood of bounce-back messages from servers rejecting “your” spam. This happened to me about 5 years ago and there was virtually nothing I could do about it. Some jerkwad spammer forged his email headers with my address and I got flooded with bounce-back messages. I got at least 2 or 3 dozen a day for the first week or so, and then they gradually tapered off over time. At the peak of the traffic, I was seriously considering get a new address but I struggled through it. I did change my address a few months afterwards, though, because I was sure that at least some servers had blacklisted my address.
Keep your fingers crossed and be prepared to weather the storm
Spammers harvest email addresses and then use them for all sorts of purposes. Often they’ll just use any random address as the purported originator of the mail and just change that often. If you got mail purported to be from you, you can be assured that others did as well.
In my experience, spammers don’t bother with sophisticated methods like making sure all their spam shows up as from the address of the person reading the mail. It’s possible, but not worth the effort. Instead, they send tons and tons of mail from tons and tons of possible addresses.
Spammers don’t need access to your email account to make an email look like it came from you. Forging an address header is as easy as writing a fake return address on an envelope. Sadly, under current email protocols, there’s no way to authenticate email senders.
When a computer sends an email. It sends a bunch of text. Some of this text is the header fields. Like to to address and the from address the cc address etc. The computer sending this mail can put whatever it likes for any of the text. The to address needs to be accurate otherwise the mail will not get to the intended recipient. But all of the others fields can be anything at all. The computer receiving the mail does not verify that from from address is correct. The analogy of the regular letter is a very good one. The post office does not check that the letter came from what is printed on the return address. I can mail myself a letter from a distant city and put my home address for both the to address and the return address and the letter will get to my house.
Email programs that we use like outlook, Eudora and Thunderbird will put our return address in the mail as a convenience to us. It is like getting pre printed envelopes to save the hassle of writing the return address on your letters.
That’s not what the spammer HAS to do. It’s what a lot of them do. They could just as easily stick your email address on every spam message to everybody else as well, or make up a totally fictitious one (though that’s open to automated software checking for actual existence of said user). I’m not going to agree with the “highly likely” statement, though. The bottom line here is that the “return address” analogy is a good one. The spammer can stick anything they like in the header.
Next time you get one of those, look at all of the headers, and you will notice that there’s most likely a chain of “Received” headers that will reveal that the mail didn’t actually come from your mail server. That can be faked, too, but it’s more difficult, as all the servers enroute automatically add one.
Heck, I consider ability to fudge the “From” line a very desirable feature in any mailer I use, and I’m annoyed if it doesn’t support it. It has uses other than spamming people. I tend to forward any mail accounts I have into a single place because I HATE reading multiple mailboxes. Sometimes, it’s nice to be able to respond to somebody from the account they thought they sent the message to, rather than the one you are actually reading it from. You can set a “Reply-To” header which is supposed to cover that situation, but simply spoofing the “From” line is less confusing in that it doesn’t reveal the existence of an account that the other guy doesn’t need to know about.
