For the last few weeks I’ve been receiving sporadic emails from mailer-daemon. No big deal if I had actually written the email that it’s saying it can’t send. The body of the notice will explain that the email couldn’t be sent to so-and-so (always another aol member, but never the same name) because of a virus. It also tells me the subject lines are things like “test” and “hello”. In each case I’ve tried to find the profile of the intended recipient to no avail. :dubious:
I called AOhell and they were baffled. Told me to change my password. It was six sentimental numbers and without a bot probably couldn’t have been guessed. Anyway, I changed my password a few days back and just this morning got another email from that nasty mailer guy.
Here’s the factual question: How can someone spoof my email address so it results in my getting these messages? Why would they want to? For what purpose? How did they do it again so quickly? Since it’s telling me the mail can’t be sent due to the virus am I correct in assuming that the virus is on the spoofer’s computer?
I’m hoping for a good IS/IT definitive answer. thx!
whether or not they spoofed your address, it sounds like the culprit is one of those ‘worm’ things that send to all edresses from a given mailbox and the person who initiated it has an edress very close to yours - this is just my opinion since i have no practical experience - but I get nasty evil bulk mail all the time, sent to a dozen or so recipients, and my actual email is not on the list, but randomly generated bot edresses that resemble mine are
Unfortunately, email is ridiculously insecure. Anybody can send an email pretending to be from your account. A good analogy is normal mail - anybody can write your name and address on the envelope as the return address. When the email bounces, it’s returned to your account. There’s really nothing you can do other than delete the emails.
Rysto has it: Nobody broke into your account, and nobody has to to send emails that look (to the naïve) like they came from your account. If the person on the other end is smart enough to read headers, the ruse falls flat very quickly. But few people are, and none of the programs that send automatic bounce responses are.
The worm is on some else’s computer, and it is using your address to hide precisely where it is. Spammers do the same thing for much the same reason, and also to make it impossible to kill spam by simply filtering out a (relatively) stable set of email addresses.
The worm can do it again and again regardless of what you do, unless you take an ICBM and do something relatively nasty to the city the computer resides in. As nuclear fallout tends to offend, this is not the canonical response to problems like these. There is little to nothing you can reasonably do to stop this crap.
A “daemon” in computer terms is a task that runs in the background on a unix machine. They are named after the daemons of greek mythology, which ran around and did tasks that the gods couldn’t be bothered with. The name became especially popular because of the connotations of evil and impishness that go along with daemons, and background tasks sometimes seem to get a life of their own and behave in mysterious, impish ways. The mailer-daemon task on a unix machine is the task that processes mail. If something farts with the mail on a unix machine, you’ll get a message from the mailer daemon explaining what the error is.
There are two possibilities here. One is that someone spoofed your e-mail address, which as was previously pointed out, is rediculously easy to do. All e-mails have a header, which may or may not be very easy to display in your e-mail software (I think in outlook you can select "view full header’ or some such). To spoof the e-mail, all you need to do is change the “from” line to whatever you want. Outlook won’t let you do it, but many e-mail programs will. One of the reasons that a spammer or hacker might want to spoof your e-mail is that they are sending things out to computers that might query the sender’s computer to see if it’s a valid address or not. In other words, it’s a way to get around spam filters.
The second possibility is that you weren’t spoofed at all, but instead are the victim of an e-mail address harvester. These programs send out messages with an official sounding source. They’ll often claim to be a mailer daemon or a site administrator account (or something else with an “official” sounding name), and they’ll have some sort of message that makes you want to open the e-mail, like in your case, where it’s a virus warning. Once you open the e-mail, the sender knows it has a valid address and adds you to the list. This list gets sold to the spammers, and voila, your e-mail box fills up with spam.
You’d think something as simple and common as this wouldn’t baffle the tech support guys at AOHell. Maybe all the good techs were busy munching on that cake that the woman in the commercial brought in.
Daemons did come from ancient Greek mythology, but the mailer-daemon probably was named after “Maxwell’s daemon” from the early days of thermodynamics. It’s worth looking up.
If it is from an address harvester and you have HTML-in-messages enabled, opening the mail can load a Web page from the sender’s site. (It’s probably a 1x1 pixel image the same colour as the background.) The link is unique so the harvester can match it with your address and sell you to the highest bidder. I have HTML turned off.
Do you have any kind of cite for this? I’ve read the Jargon File and FOLDOC, usually good sources for these things, and I’ve never once heard any connection between Maxwell’s daemon and the background jobs on *nix machines.
This is from FOLDOC’s entry on demon, not daemon. And daemons and demons can be two different things, even though they are usually synonyms these days.