and how can you prevent it from happening? I know how to view the headers, but I don’t really know how to decipher them. To report the abuse to my ISP, I have to forward the message to them, but I don’t want to report myself. The same situation applies to Spam Cop. I am using Outlook Express 6 and IE 6 on Windows ME.
If your only contributuion to the thread will be along the lines of <superior tone>“That’s what you get for using crappy Micro$oft products”</superior tone> :rolleyes: then please don’t bother to reply.
Actually, if I prepare a message in Outlook, and put “johhnypebs@whatever.com” in the BCC: field, instead of the TO: field, when you receive it, it’ll appear to be FROM: johhnypebs@whatever.com. This isn’t something spammers do, it’s just what Outlook does when there are no TO: addressees, only blind copy (BCC) addressees. I’ve never quite figured out why, though I’ll wager there’s a rational explanation for it. Maybe someone else can chime in and come up with a plausible explanation.
There is nothing you can do to prevent people from putting you email address in email that they make.
Basically the from field is whatever you want it to be. Much like the return address on an envelope. The post office does not verify that the letter is from who is on the return address. Email programs do not verify that the from address either.
It’s also more likely that it is a virus that is the culprit, rather than a spammer. Are you sure the email is spam and not a virus email?
If it is a virus, then the problem lies with an aquaintance of yours, or a friend of a friend, who has your address in their Outlook someplace.
If it is spam, then you’ll probably find that only you get the spam with your address as the ‘From’. Some spam generators put the same address in the ‘from’ and ‘to’ headers in each email. This helps disguise where the spam has come from and prevents the recipient doing a reply.
No, it’s not a virus. It’s really easy to make a fake e-mail. SMTP has headers called rcpt-to and mail-from. The spam program being used probably runs though a list of generated or collected e-mail addresses, then uses the same variable for the to and from fields.
Maybe, but my point is that it’s much more likely to be spam than a virus. Every day I get upwards of 100 spams, but no virus. All other things being equal, and the only symptom you’re seeing is your e-mail address in the FROM: field, it’s most likely not a virus.
Why don’t you filter out anything that appears to come from yourself. I haven’t done that yet because I don’t see it that often. But I have filtered out everything that has my name in the subject line and that has cut down substantially on spam. Also everything with “breast”, “penis”, “!!”, and a couple other things. I wish I could filter out all Nigerian mail, but it does not show Nigeria anywhere on it.
Thanks for the insight. My biggest concern is that other people out there -whether I know them or not- may be receiving “INCREASE YOUR PENIS AND/OR BREAST SIZE USING HERBAL VIAGRA THAT YOU CAN ORDER FROM OUR ILLEGAL TEEN LOLITA BEASTIALTY SITE!!!” from what looks like my email address. But if I read these replies correctly, I’m the only one getting these right?
Unfortunately people may well be getting spam with the return address showing your email address. Most of the Herbal Viagra spam that I get has return addresses from hotmail or yahoo mail. The few headers I have inspected have shown that the mail did not come from hotmail or yahoo. I don’t know if the people listed in the from feild are just made up or they are using some poor guys address.
that is the problem.
there should be a standard for email protocol that includes verifying that the return sender address is valid and from the same server.
Since the US Govt. will not do a thing to stop spammers (“Parliament of Whores” and all that), this is the only viable alternative. A new protocol for email exchange has to be set up by the major players. Lot’s of rules about exchanging only with certified servers, verifiable account info, stringent anti-spam rules, etc. Otherwise email is going to die.
The trick of sending an e-mail with identical to and from addresses is sneakier than it looks. Here’s why:
The spammer doesn’t want to show his real return address. That makes it easier for some group like SPAMCOP to identify him and block him out.
He could instead generate a fake return address that is just gibberish (like ddfjks@gjiojd.com), but there’s a catch. Some mail servers do a reverse-dns lookup on the originating domain name. If it doesn’t show as valid, it gets thrown out.
To avoid this, the spammer needs to use a fake e-mail address from a valid domain, like hotmail, yahoo, or what have you. But there’s one final catch. What if your firewall or mail client is filtering out certain domains? The spam won’t get through.
The answer: use the address you want to send the message to as the return address! This slows down the SPAMCOP-type companies, since the true return-address is hidden. It is a valid domain name (yours) so a reverse DNS lookup won’t get it thrown out. And finally, who would think to filter e-mail coming from your own domain name?
If you’re using Outlook Express, click Tools -> Message Rules -> Blocked Senders List, and enter your own email address. The spam will be moved to your deleted items folder upon receipt.
Outlook Express is the same. Just add a new account, and you can put anything in the outgoing name. It won’t work exactly the same for you as a spammer though, because your real email name will appear somewhere in the header block. But a spammer can use less restrictive software that changes that into a string of digits so you don’t recognize it.
When you receive such a mailing, some mail programs, like Yahoo will note it as “supposedly from” or “may be forged”, but this is sort of buried in the header block text.
I have on occasion gotten spam “returned” to me as undeliverable. Pisses me right off, too! Some spammer used MY address as the From field, and sent it to a bad address. So it gets returned to me with the subject “Delivery error: unable to deliver” or somesuch. I’ve forwarded them to Yahoo! (my email provider) and the host that bounced it to me (Hotmail, most recently), but I’ve never gotten a response.