Spam Emails

I’ve lately been getting an increased slew of spam emails. A couple of questions about them.

  1. They all seem to have email addresses which consist of a lot of random letters and numbers along with a few dashes thrown in for good measure. The thing is that any time I click to block the email address, the same exact emails keep coming back, presumably from other email addresses. It’s hard to imagine that there’s some program which generates zillions of workable email addresses. So I suspect that these email addresses are spoofed, and that they have some program which generates random strings and uses those as the spoof, and the email program (both gmail, and the company email program that my gmail forwards to) are blocking these spoofed addresses and not the real address. Questions are 1) is this correct, and 2) if so, is there a way for the email programs to recognize the underlying actual address and block that?

  2. In the “To” line of the new slew of spam emails, they don’t have my email address. Instead, they say “Mike@AOL.com”. “Mike” (not the actual name) happens to be the name of my son, but I doubt if this is connected. Questions are 1) how are these emails getting to me, and 2) what would be the motivation for having a spoofed “To” line?

I’ve run my own personal server, with mail and web protocols. The way I set it up, any mail sent to any address to my domain would be accepted and all sent to the same inbox, so I’d whip up custom addresses to see what lists I’d get on. I essentially had infinite e-mail addresses, though they all came from “acierocolotl.com” (not the actual domain). If they’re actually running the target server, they surely have something similar in place–where all that really matters is the target domain and not the individual e-mail addresses.

There’s no point in blocking individual mail addresses in the “from” field. They are easily faked with the current mail protocols and you can put whatever you like. Where they’ll need to be accurate is any internal links if they actually want to deliver a useful payload. That’s where you can get 'em. Even these targets can change from time to time, and some spammers obfuscate the target as much as possible.

For 2, they may be hitting all their targets with a BCC (blind carbon copy) list. You won’t see the actual addressees here, you’ll just get the mail. They can then put whatever they want in the “to” field which, again, can be easily spoofed to read whatever they want.

Thanks. That suggests another question. Is it possible in Gmail and/or Outlook to automatically spam/junk any email which has a certain addressee in the “To” field? This way I could spam/junk anything addressed to Mike@AOL.com.

In gmail’s webclient, open the mail. In the upper right of the window are three vertical dots. Click that. Select “Block [person]” where the person would have been “Mike@AOL.com”.

I’m not sure what “gmail’s webclient” is - possibly I don’t see this because I generally access gmail over the phone (my employer blocks gmail on their computers).

But I see you can do it in Outlook by right-clicking the email and selecting “rules”, then telling it to always move emails addressed to Mike@AOL.com to “junk”.