I'm getting email that doesn't identify which of my email IDs it's being sent to

[ThurstonHowl]

Hello, I have a spam management system whereby I have a large number of
email addresses, and different businesses I deal with each use
different email addresses to send me email. That way, if I get spam,
I can tell by looking at which of my email address it was sent to,
which business has sold my email address.

But lately, I'm starting to get email that I think is spam, posing as
my internet ISP. But I can't tell which of my email addresses it's
being sent to.

I realize that sometimes the spammers trick me by using bcc: but even
then I should be able to open headers and see X-apparently to: <email
address>

But even that is not working successfully. Here's some sample headers
from one of my spams:

From: "SBC Yahoo! Mail Virus Protection <[email protected]>"
To: (e-mail address removed)
Date: Wed, 04 May 2005 21:36:35 UTC
Subject: "Alert: Virus Detected but not Cleaned - Attachment Removed"
[FwD: Your email was blocked]
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="0-1673466929-1115242813-19291"


(e-mail address removed) does not match any of my email addresses, so this
is not how the email found its way to me. Can any of you offer any
advice or tricks on how I can find out which of my email addresses was
used for this?

 

[Ben M. Schorr, MVP]

But lately, I'm starting to get email that I think is spam, posing as
my internet ISP. But I can't tell which of my email addresses it's
being sent to.

They probably BCC'd the message to you. Not much you can do about that,
I'm afraid.

--
-Ben-
Ben M. Schorr, MVP-OneNote/Outlook
Operations Coordinator
Stockholm/KSG - Honolulu
http://www.scgab.com

 

[Gerhard Fiedler]

I realize that sometimes the spammers trick me by using bcc: but even
then I should be able to open headers and see X-apparently to: <email
address>

But even that is not working successfully. Here's some sample headers
from one of my spams:

From: "SBC Yahoo! Mail Virus Protection <[email protected]>"
To: (e-mail address removed)
Date: Wed, 04 May 2005 21:36:35 UTC
Subject: "Alert: Virus Detected but not Cleaned - Attachment Removed"
[FwD: Your email was blocked]
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="0-1673466929-1115242813-19291"

This doesn't seem to be the complete headers. There is missing the part
that usually comes before the From: header. Something like this:

Return-path: <[email protected]>
Envelope-to: (e-mail address removed)
Delivery-date: Wed, 04 May 2005 13:46:01 -0700
Received: from ...
Date: Wed, 04 May 2005 16:45:52 -0400 (EDT)
Message-Id: <[email protected]>

Look for the Envelope-to: header, for example.

Gerhard

 

[ThurstonHowl]

Thank you. I'm revealing the headers in Outlook 2003 by doing
<View><Options> Yet, as you say, the complete headers are not there.
Do you know if there's some other command in Outlook that would reveal
the full headers?

 

[ThurstonHowl]

As I said above, there is indeed something I can do about BCC, and I've
successfully handled this in the past. I have a rule that examines
headers and looks for 'X-apparently to', since that what's normally
present in cases of BCC

 

[Brian Tillman]

I realize that sometimes the spammers trick me by using bcc: but even
then I should be able to open headers and see X-apparently to: <email
address>

No necessarily. Mail routers don't have to include any X- headers.

Can any of you offer any
advice or tricks on how I can find out which of my email addresses was
used for this?

Not based on the headers you posted. Why not configure SBC Yahoo! to put
messages like that in the Bulk Mail folder and then exclude that folder from
the download?

 

[Brian Tillman]

I have a rule that
examines headers and looks for 'X-apparently to', since that what's
normally present in cases of BCC

You are mistaken believing that that header is "normally" included.

 

[ThurstonHowl]

The reason I don't use the Bulk mail folder feature is because I'm
worried that sometimes (probably rarely thought), a legitimate email
might get routed there. If only I could identify which email address
of mine the mail got sent to, I could be 100% confident that anything
deleted automatically is mail I don't want.

 

[Brian Tillman]

The reason I don't use the Bulk mail folder feature is because I'm
worried that sometimes (probably rarely thought), a legitimate email
might get routed there.

So what? You can always jump online every now and then and check it. I've
been using it for over two years and have had maybe two misfiled messages.

If only I could identify which email address
of mine the mail got sent to, I could be 100% confident that anything
deleted automatically is mail I don't want.

If you examine it online at Yahoo! you can configure Yahoo! to display all
the headers.

 

[ThurstonHowl]

But I get a huge amount of bulk mail, and it would be a lot of work to
look over all of it. My rules used to work perfectly until this.

By the way, I just got another of these emails, and earlier today I
told Outlook to stop deleting the mail from the server. So I logged
on to Yahoo! and looked at full headers, and now I see which email
address it went to. Apparently, Outlook must be stripping off part of
the headers as it downloads. Is there a way to stop Outlook from
losing the header information?

Unfortunately, the email address this is being sent to is the primary
email address of my account. Yahoo won't let me delete it, but if the
headers would download completely (instead of partially) into Outlook,
I could use an Outlook Rule to take care of it.

 

[Brian Tillman]

But I get a huge amount of bulk mail, and it would be a lot of work to
look over all of it. My rules used to work perfectly until this.

So do I (fifty or more a day) and it takes all of 20 seconds to scan the
subjects and senders to see if it's something misfiled.

By the way, I just got another of these emails, and earlier today I
told Outlook to stop deleting the mail from the server. So I logged
on to Yahoo! and looked at full headers, and now I see which email
address it went to. Apparently, Outlook must be stripping off part
of the headers as it downloads. Is there a way to stop Outlook from
losing the header information?

Nope, or at least I don't know it.

 

[Gerhard Fiedler]

By the way, I just got another of these emails, and earlier today I told
Outlook to stop deleting the mail from the server. So I logged on to
Yahoo! and looked at full headers, and now I see which email address it
went to. Apparently, Outlook must be stripping off part of the headers
as it downloads.

It may not be Outlook. It may be Yahoo when you fetch the email through
their POP interface, or it may be something that you can configure in your
filters or whatever there.

Is there a way to stop Outlook from losing the header information?

I actually haven't seen a single message in Outlook with headers stripped.
Every time I had to check headers, I saw all the headers I did expect. My
only gripe is that the header information is so clumsy to get to.

Gerhard

 

[ThurstonHowl]

After talking to a couple of SBC/Yahoo reps, who seemed not very smart
(One of them actually told me that headers do not get captured by
Outlook at all - a complete falsehood), they escalated it to a
supervisor, and he did something to my account. I gave him permission
to log on to my account, and he changed some setting, and now I seem to
be cured. I have no proof that I'm cured, but I haven't received any
mail in Outlook since then that has not had full headers.