Spoofing of the receiver address

  • Thread starter Thread starter Achoo
  • Start date Start date
A

Achoo

Every so often, I receive a spam email that has someone elses "to" address.
For example, if my email address is (e-mail address removed). I end up receiving and
email addressed soley to (e-mail address removed) (Note, these email examples are
totally fictitious, so dont try sending any email to them!)

Even in the header information, it shows the to address as someone other
than me, but it ends up in my inbox on Outlook Express. How is this
happening and what can be done to prevent it?

Don
 
Achoo said:
Every so often, I receive a spam email that has someone elses "to"
address. For example, if my email address is (e-mail address removed). I end
up receiving and email addressed soley to (e-mail address removed) (Note,
these email examples are totally fictitious, so dont try sending any
email to them!)

Even in the header information, it shows the to address as someone
other than me, but it ends up in my inbox on Outlook Express. How is
this happening and what can be done to prevent it?
Click to expand...

You're being BCC'd on the messages - nothing can stop that from happening in
the first place, but you can use antispam software to mitigate it.

Note:
This is a group to support Outlook from the Office group of programs.
Outlook Express is a part of Internet Explorer and is a quite different
program, despite its similar name..

You will probably get a faster and more expert answer if you post this to an
Outlook Express news group.

Try posting in one of these newsgroups:
microsoft.public.windows.inetexplorer.ie5.outlookexpress for OE 5.x
microsoft.public.windows.inetexplorer.ie55.outlookexpress for OE 5.5x
microsoft.public.windows.inetexplorer.ie6_outlookexpress for OE 6.x
microsoft.public.internet.outlookexpress.mac for OE for Macintosh

If those groups aren't carried on the news server that's carrying this group
try using msnews.microsoft.com (MS's public news server that's the source
for all the microsoft.public newsgroups).

If you're accessing the Microsoft newsgroups through the MS Product Support
Services Community Newsgroups web interface, click
http://communities.microsoft.com/newsgroups/default.asp?icp=InternetExplorer
to get to the Internet Explorer groups, then click the plus sign next to
your version of IE to see the link to the Outlook Express group for that
version number.

A good website for information on OE is:
http://www.tomsterdam.com/
 
This is going to be tough to explain but here goes...

An email client gets its display information from the internet header. This
header contains things like the From, To, Date, and the servers it travels
thru to get to you. These headers are not used by the servers to transfer
e-mail to each other. More or less when a server connects to another it
goes thru a greeting to introduce itself, issues commands to say who the
mail is from, who the item should be delivered to, and then sends the
internet headers + content of message. Therefore a server can issue a mail
from and deliver to that is not contained in the internet header or content
of message.

What can you do to stop this? Not a darned thing. Internet mail is not a
secure medium and it is profitable to those that send spam to everyone.
What can you do in the interim? Call your ISP and ask if the filter out
SPAM. If they don't, ask that they consider it as a feature to help protect
their customers. Use an antivirus/antispam solution on your desktop. The
desktop solution will definitely cut it down, but it won't eliminate it.
Remember, antivirus/antispam solutions are still a reactionary type deal
because the vendor develops the rule after the fact to detect and drop the
item before it is placed in the inbox.

FWIW, the technology sector is aware that this is an epidemic and is ruining
the use of electronic e-mail. There are two solutions on the horizon called
Caller ID and/or Sender Policy Framework. These two technologies are
designed to help curb the flow of crap you and I receive. More or less,
ISPs and companies will publish what servers they have that are authorized
to send mail for their domain. If an item is coming in that can't be linked
back to the authoritative server that is allowed to send for that From
address, then it can be dropped for policy reasons. Pretty cool eh?

I hope this helps...
/neo
 
Back
Top