Helping people with computers... one answer at a time.

Among the spam we all get are messages that we appear to have sent ourselves. From-spoofing is just a way spammers try to get their email delivered.

I get email from:

someone@somedomain.com <myemail@hotmail.com>

where "someone@somedomain.com" is someone I don't know, but "myemail@hotmail.com" is, in fact, my email address. It as if the email was sent by me, but I did not send it.

How do I stop these email from coming into my box? It's usually for drugs or financial services that I don't need or would never be interested in. How can they use my own email? I can't block them as it says it is illegal to block my own email.

I'll start with the bad news: there's almost nothing you can do.

This is spam, pure and simple. Abusing your email address is only one of many techniques spammers use to throw their garbage into our mail boxes.

The remedies are pretty standard, albeit less than 100% effective.

What you're seeing is called "spoofing" or more correctly "From-spoofing" - sending email that appears as if it's coming "From:" someone that its not.

Spoofing is a technique that is used in just about every bit of spam you see today. Spammers are trying to hide where the email comes from and are doing so very effectively. The From: address is meaningless on spam - it tells you absolutely nothing. It requires more detailed analysis of the email headers, and even then at best you might be able to get the IP address of the computer sending the email. As I've discussed ad nauseam, the IP address is pretty much useless to you and me.

The fact that you're seeing your email address used in the "From:" field shouldn't alarm you. It might be annoying, but there's no need to worry about it. You're already on spammers lists to get spam and they're using that same list, or variations of it, to select which addresses to use when spoofing. And there's currently no effective way to stop them from spoofing.

"The From: address is meaningless on spam - it tells you absolutely nothing."

When you see your own address spoofed in the From: field of spam, it's happening for one of two reasons:

  • They're trying to spam you, and know that it's unlikely you'll block email from yourself. In fact, as you've seen, it's not even always possible, but I'd consider it a bad idea even if you could do it. It'll prevent certain types of legitimate email from reaching you.

  • They're trying to spam someone else, and what you're seeing is a bounce message indicating that the original spam was rejected by its intended recipient. Since the email looks like it came "From:" you, you get the bounce message.

Now, as to why the "someone@somedomain.com <myemail@hotmail.com>" where the two email addresses don't match, or the more common "Name <myemail@hotmail.com>" where the name is obviously unrelated to the email address, I can only speculate. My guess is that it's either intentional confusion to perhaps boost the chance that recipients will open the email, or a side effect of the tools that spammers use that may not be able to put together a proper name/email address pair.

"But what do I do?"

First, realize there's nothing you can do to prevent From-spoofing. Eventually your email address is going to show up in the "From:" field of spam that you had nothing to do with. In fact as you've seen, it probably already has.

The only thing you can do is to keep doing whatever it is you do to control spam. I run two levels of spam filters, and even then some gets through. It's a juggling act because I don't want to risk marking something as spam that isn't - hence a little more spam gets through. Depending on your mail program and your mail provider, you may have similar or additional options available.

Article C3131 - August 27, 2007 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

49 Comments
J.Haring
August 28, 2007 2:11 PM

Leo,
Thank you for responding to my question. I wish we could do something about this, but now I know that it isn't unusual or serious. Maybe one day hotmail will be able and willing to do something about this problem. J. Haring

Renato Morbach
August 31, 2007 6:43 PM

There's one way to redirect those messages to the SPAM folder, as long as you use Outlook 2007. Create a RULE to apply on messages arriving. The rule is messages from myname@myDomain and sent to myname@myDomain move to SPAM. You may choose to delete, instead of moving to SPAM, but I like to double check.

Atleast they are not within the valid messages anymore.

renato

catmoves
September 2, 2007 12:30 PM

You might suggest to J. Haring that he/she get a gmail address from Google. Google email has an automatic spam drop that works well. It also learns from the user's actions which additional email is classified as spam. Works great for me.

Bisser
September 8, 2008 11:32 AM

It is harmless until Yahoo cancels your email account for "SPAM Abuse" because somebody was spoofing your email address....which happened to me.

Dave
November 10, 2008 4:46 AM

Why not have a do not e-mail list much like the do not call list? Most of the opt out options in e-mails don't work,they just bring me to a blank page.I am wondering why more of us (people on the net) don't get together and push for something more to be done.I mean my ISP has already blocked my account once for spamming and I knew nothing about it until I tried to get online and was blocked.I had to call them just to get my internet back and was told if it happens again my account will be canceled.I mean all this has gotten way out of hand and no one even wants to try to do something about it!!!
Dave

Spammers would simply ignore a "do not email" list. And by clicking on "opt out" links in spam, you're likely getting MORE spam as a result.
- Leo
10-Nov-2008

Nelson
December 1, 2008 9:09 AM

Good article. I have a Gmail account and I think that they do a great job of preventing spam, but I also get annoyed by the e-mails from myself, that are really not from myself.

This is even doubly annoying, because sometimes I do send myself. Like sending myself an attachment at work, so that when I get home I can quickly download it. Gmail is simple to use because they give you up to 20MB for an attachment.

But Google also added a cool little feature that may be beneficial here. You can add a "+" and any verbiage after the "+" as a tag to your e-mail address. In other words, you can address an e-mail to a gmail user like this: user+thisisatag@gmail.com. How this can be used is to send e-mails to yourself by addressing it as self+fromself@gmail.com. When you register your id at a site, register the e-mail address of self+ebay@gmail.com. This address will appear in the "to" field and you can easily create a filter to grab these and labels to them. Anything sent to you that doesn't have a label will either be caught by your spam filter or end up in your inbox and easily spotted.

The other option would be your own domain and creating "forwarding" e-mail addresses that you would register in much the same way as i described above. In other words, ebay@mydomain.com or paypal@mydomain.com or any other site you subscribe to. This will help you to quickly separate the legit e-mails from the false one's. It's tedious but stops all the guessing. The key is switching all of your existing accounts.

Just my 2-cents.

js
December 7, 2008 10:04 AM

How often you will send an email to yourself, I keep my sent emails in my sent folder for records, I never cc myself, so, why not just block the email sent from myself?

Rathi
December 9, 2008 6:59 AM

So, i get that there isnt anything that anyone can do about this, but let me get this straight, i'm sending a bunch of people mail from my address, right? can't i ask my mail provider to monitor my account activity or something? I'm a little more concerned that i'm sending a bunch of people dumb stuff.

No. You are not sending anything. Spammers are sending things from wherever they send things that look like you, but are not you.
- Leo
09-Dec-2008

Chris Robertson
December 16, 2008 12:28 PM

There are some things you can do. There is a little program called Xxxxbully (xx out because we don't want to advertise for anyone) that will elimininate most spam, even those with your own name on it. This is if you don't "whitelist" yourself. (Not always desired though). Most email failures will come from your isp server, "service@youisp.com"
Now for users with Outlook or outlook express, you have a pop&smtp account. Contact your isp about secure SMTP server. This requires you to have a username and password to send email OUT. The account information you put in originally was only for RECEIVING your email. Anyone can send our your email server.
Now if your a yahoo or hotmail user, you just gotta lie there an take it. Many have a premium email feature that allows you to whitelist and create filters too.

Chris Robertson
December 16, 2008 12:32 PM

Just a side note. Here are the top money makers;
*Pills (viagra, cialis etc)
*Gambeling
*Porn
*email address collection so they can send you the above.

Spammers love chain letters. They can get one email from one person, (from a hijacked computer) and it is lible to have 100 email addresses!!!
So from now on, repeat after me, "I will learn to use the BCC button". Why? It hides everyone's email address in the body of the email.
From this last chain email I got, I could make 100 dollars from selling YOUR email addresses.

Clare
December 30, 2008 1:34 PM

One day someone will invent a requirement that IP addresses are required to send email. That should take care of it - only being able to send emails from IP to IP.

Phillip
January 9, 2009 11:46 AM

One can set a "filter" in the Thunderbird email client to divert this kind of message into your junk folder.

Steph
January 11, 2009 6:24 PM

I have all my email accounts hooked up through gmail, and there is an aggressive spoof spammer sending messages to one of the accounts i have linked under my domain. If i click "report spam", will gmail think that my domain is a spam domain and block us? They are sending spam to me from my business, and i dont want to accidentally blacklist myself!

maria
January 13, 2009 8:50 AM

I understood from the article that the spoof emails are not actually from me... but I replied to one of them just to make sure, and the reply showed up instantly in my inbox. It seems that it really is me.

It is not you. The spoof makes it look like it came from you, and that also fakes out your mailer when you try to reply.
- Leo
14-Jan-2009

Richard Barnes
February 3, 2009 7:00 AM

Using Spamassasin there a few rules that deal with self signed or spoofed emails. We have put rules in place that people on a specific list can send emails (the white list). They can send mails to others on the domain, only if the mail originates from our Exchange server. The spamassasin rule blocks all email from outside from anybody on the white list. The fallout from this is that if someone wants to send email outside the domain to an email address in the domain they have to use the Exchange web client to send it for it must originate from inside the network.

My personal belief is that until there is a financial cost associated with email we will never get rid of SPAM. I would pay 1 or 2 cents an email. It would amount to a small amount for most of us. That one or two cents though would be hundreds of thousands of dollars for a spammer thus making the marketing ploy not cost effective.

Andrea
March 2, 2009 3:24 AM

I can't block my own email address, as on my website I have a booking form which sends to my email from my email (well that is what it looks like)...I know that booking forms will appear the way they do, but I still get other companies, ie drugs, insurance, etc cloning my email address to spam me.

Ireene
May 7, 2009 8:33 AM

Would ithelp if I changed my email address? Or are the spammers working with other parameters over which I have no control?

Changing your email address may help for a short while, but the spam "from" yourself will return at your new address as well. I wouldn't bother.
- Leo
08-May-2009

Doug
May 26, 2009 10:27 AM

Here's my Thunderbird filter
Set to require 'all' lines
1. From - contains - my_real_email_address
2. To - contains - my_real_email_address
3. Subject - does not contain - test

Do this: mark as Junk

The third requirement allows me to send myself
a test message, if I think there is some problem
with the email service.

I don't automatically delete junk.

Spamhater
June 4, 2009 12:51 AM

Well Firstly I have to disagree. I understand the spoofing, but in general, when you start getting spam from you own *account*@hostname.com the chances of a bug/hijack application is pretty high. That's something you can check out.

Alan
June 25, 2009 6:58 AM

Is the fact that my email address is in the FROM box going to get me added to a SPAM Blacklist?

Best I can say is "maybe". There are SO MANY blacklists, and they all follow different rules. Hopefully most realize that the from address is a bad way to determine what is and is not spam, but still ... I'm sure some do.
- Leo
25-Jun-2009

Lou
August 10, 2009 6:36 PM

Is there a way of blocking e-mails that contain a keyword in the body of the e-mail? e.g. Viagra. I notice that most of these spams never mention the word in the header.

That depends entirely on the services your email provider includes, and what specific email program you use.
Leo
11-Aug-2009

Blushin
October 13, 2009 12:47 PM

I think most of the problem occurs with the fact that when sending mail to ourselves the sender is labeled " me " If Gmail would allow us to change this ( and not just when sending to someone else ) then the spam wouldn't irritate us so much. If I sent a mail to myself and it said " blushin " on it, I'd know it was from me, when I recieve one that says from " me " I would block it. But Gmail makes it impossible to do this.

bluebellsofs
November 6, 2009 12:23 AM

I get tons of spam "from" myself, thankfully my email filters it out very effectively. My question is whether or not the spammers are able to send these spoof emails to OTHERS with MY email address in the "from" field. Are they able to spam others and make it look as if the spam was sent from my address?

Yep.
Leo
06-Nov-2009

Tracy
November 16, 2009 3:32 AM

it is so frustrating to me as it has now happened twice via my hotmail address - spam being sent to me and all my adressees - some of my addressees have warned me and I have profusely apologised, but am afraid I will be blacklisted. How can I stop the spam from reaching those on my addressee list? I dont care about myself. It is just embarrassing - particularly to those I have subscribed to their newsletters....

Jim Houghton
December 7, 2009 11:05 AM

Please explain why blocking mail from my own address will prevent me from receiving legitimate emails. I don't get that -- I never send myself mail, the only mail I get with my email in the "from" is from spoofers.

It varies based on how people use emails, but for example people often "CC:" themselves on messages that they want to somehow see or act on again later from their inbox. For some people "blocking yourself" might be OK. Also realize that the display name might be your email address, but the email address actually being used (in < >) might be someone else - in which case blocking yourself won't work.
Leo
08-Dec-2009

Marcin
February 18, 2010 2:56 PM

So why isn't there a way to report IP addresses (those are not as easy to fake) and/or domains from which the spoof emails are coming from.

Someone needs to put this in place so that people can get this [edited] to stop. It's irritating.

There have been blacklists - both for IP addresses and domains - for years. They're decreasing in effectiveness, as botnets - which use hunreds of thousands of computers spread out around the world - now distriubute the task of sending spam. Block those IP addresses and you could well be blocking your friends or even yourself as IP addresses get reassigned to various users.
Leo
19-Feb-2010

Nick Daniels
February 22, 2010 11:55 AM

I get spam "from myself" too. And, unfortunately they're sending it to people in my address book. How did they accomplish that? Is my address book compromised too? I use AOL.

Robert Baker
March 15, 2010 12:13 PM

Today I received a message which was supposedly "from" my brother Philip, telling me all about the wonderful new phone he's bought and the online store he got it from. The only problem with this is, I know Philip was found dead two months ago! (And the spammer who's hijacked his account and address book had the usual poor spammer English; another patent giveaway.)

Samir
April 15, 2010 2:48 AM

Hi, I am Samir from http://www.indianetcraft.com
I am regularly getting spams from my own email id, it may possible they can send email to others as well from my email. Is it possible that my email got listed as spam origin? If yes it will be a real disaster for my business. Please let me know if I can do something to stop them.

Briuan Bickell
May 21, 2010 6:19 PM

I have to disagree with you Leo, my tecnique works 100% of the time.
The easiest way to fix this is to use OUTLOOK Rules and Alerts. You want it to look for the sending email address is the same as your email address. If so DELETE it.
You can also use Rules and Alerts to check for specific words like Sex, Porn, Erotic, Pharmacy, Pfizer, Viagra, watches, Replica etc. Note you may have to enter some twice because the case (upper or lower) makes a difference. After 45 years in the computer industry I am very familiar with most of the techniques these people use. However I still check with Leo first in case it is something I have not come across before.

epale
August 5, 2010 11:41 AM

Recently a bad roommate moved out and sure enough 2 days later I noticed spam going out from one of my e-mail addresses to all MY contacts!! this was horrific... how did this person do this? I was able to change my password and still have my account, when I went into the sent box the messages were there as if they were sent from my account.

epale
August 5, 2010 11:53 AM

2 - just notices that some of the contacts that were sent the spam were not in my contact list, so does this mean that another contact list (OUTLOOK) may have been breached?

Steve from Montana
August 7, 2010 5:44 AM

I solved this problem simply. My email address is all caps and most programs automatically convert to lower case, which works anyway, but spammers use the lower case. I blocked the lower case address and the upper case I use to send memos or information to myself still goes throug just fine. I have AOL and was able to do this very simply by adjusting my email settings. Hope this helps.

Chell
August 20, 2010 7:31 AM

I sent just a quick test return email back to an email that supposedly came from me, and guess what? It sent it to my inbox. So they aren't just spoofing my email address, they're somehow actually using it! I changed my password. Hopefully that will help.

Your test does not indicate that they're using your account. All your test proves is that email you send to your email address ends up in your inbox - as it should.
Leo
20-Aug-2010

andyinamood
August 21, 2010 2:58 AM

I have just started to receive emails 'from myself' on a Hotmail account after my first email account with the original provider I joined years ago has had them for ages. Surely other people are getting them as well, and they will think the emails are from me as it's my email address on them? It doesn't matter that they aren't actually coming from me. Recipients will think they are.

If anyone complains, point them at this, or Someone's sending from my email address! How do I stop them?! or any of hundreds of other articles on the internet that describe "From Spoofing" and how you cannot rely on the "From:" line, particularly when it comes to spam.
Leo
21-Aug-2010

Kate in RP
August 31, 2010 8:43 AM

I route all mail coming to my name@domain address through SpamCop before it comes to my ISP mail address. That cleans out a lot of junk, including ones spoofing my address. Of course, you have to list with SpamCop ALL the legitimate addresses you have set up in your domain, so it does not report you as a spammer. It knows how to parse the headers to report spammers.

Mike
September 2, 2010 3:32 PM

It isn't so much that MY address book has been hijacked as someone else's address book has been hijacked, and one of the addresses in it happens to be mine.

The issue for me is not how to block spam coming to me from "myself", but when it goes to others. They see it as the spam that it is, and then block me. No problem by itself. But some of those spam blockers utilize an internet database, and so I'm blocked all over the internet.

I do BCC: myself along with all other recipients to ensure that my emails get through. And I'm constantly having to UNspam myself on Gmail.

And it's not just me. I've had to unspam known good emails on Gmail from others who use AOL, Comcast, and SBC email providers. I'm envisioning the day when no legitimate emails get through, and only spammers can get through.

Krla
September 8, 2010 1:20 PM

thank you so so much for the information you are giving us. I was so worried because this email adress I have has been hacked a few years ago by someone with whom i've talked and that has given it back ( an explanation is needed: he got my email and password with the help of some virus that i don't have on my computer anymore) meaning that he gave me the password he used so that i could log in and change it after the virus was removed and so i got my adress back. so I'm always concerned that he is trying to steal it again or that he already succeded, so your explanation is very reassuring. but do you think I should still be concerned about the vulnerability of my adress? and sorry if something doesn't really make sense, english is not my native language

Krla
September 8, 2010 3:03 PM

Hi, it's me again :) I want to thank you again for how much you are helping all of us understand how things work and how to solve problems, I love your website! I read all I could in the email category but I can't find what I'm interested in so I think it hasn't been asked before. I might seriously missunderstand how yahoo works but I am extremely allarmed by something. I have myself in my contacts and messenger list and today, when I logged in on the yahoo mail page, I've noticed that, in the "chat & mobile text" box, under the mobile contacts there's my own id followed by my phone number! my phone number which I have never added to my account information, or anywhere else.Why is it there? Can anyone else see it? If my account were to be hacked, the hacker would see it, how do I erase it? I have used the internet from my mobile phone (it must have been a year since then) and I got to the yahoo web page and logged into my internet accounts (I have more then one) but I don't think this is the cause of the problem, or is it? and if so, why doesn't this happen with my other accounts? have you ever heard of this before? Has anyone else in here? Please, share any information you have on the topic. It might be a 'normal' feature that I just don't know about, especially since I'm using yahoo US and things are different there (I'm from Romania), but it's very inconvenient for me and I need to have that phone number erased. I hope I explained the problem clearly. Any help from anyone would be much appreciated. Thank you!

Bert
December 11, 2010 2:21 PM

After receiving bounce back spoofing email, I contacted everyone in my address book to let them know that any email coming from me soliciting jobs or products are not coming from me.

Amanda
February 9, 2011 1:31 PM

If the email goes to my junk mail, but is says it's from my email address and to my email address, could they be sending the same emails (saying it's from my email address) to others in my address book? I've received spam emails from friend's accounts saying that it's from them, but it's trying to sell Viagra or something. Could the same thing be getting sent to my contacts also???

They could certainly be sending to other addresses, but your contacts may or may not be involved at all.
Leo
09-Feb-2011

Margarita
February 28, 2011 7:21 AM

Hello Leo,

I have read your explanation about this happens. However, in my case the name and the e-mail address do match. Also because it is a hotmail account and when I am connected to my webmail it shows whether I am online on messenger/space/profile etc it shows that on the email. I receive spam of myself in the junk folders with my name and email matching. Also, I have blocked emails that came of myself into my junk folder but they keep on coming in my junk on occassions. The way you described spoofing seems like it only happens when they only spoof either the name or the email address? I dont really know what to do and whether I am spamming other people with these spam emails. What would u recommend and what do you think is the problem..
Thank you.

Spammers can certainly spoof both name and email address - it could still be random spam. That being said, ask some of your contacts if they've gotten spam from you. You can also consider changing your password and everything else associated with your account: Is changing my password enough?
Leo
28-Feb-2011
Charles
June 11, 2011 1:44 PM

Alright. Email looks to have been sent from me, to me and everyone in my address book, including my work email. That is, the address in the from is my personal address, and in the "to" is all my address book contacts, and my work email.

Checked the sent folder to see if it was there, and it was not.

Checked my work email, and my work email did not have the email from my personal email address.

Spoof or Hack? I've changed my password and personal credentials (the people who use this address already know who I am, so no real need for a "profile") just in case, but I'm curious.

Furthermore, it had no subject line, and their was a link in the body of the email. The link went to a numeric IP address.

Your help would be greatly appreciated in understanding what is likely going on here.

Thanks,

Charlie

However,

My work email never got any email

Mark J
June 11, 2011 2:08 PM

@Charles
If people in your address book or contact list are getting spam that appears to be from you it's very likely that your email account has been hacked or otherwise compromised.
You'll find more in this article:
http://ask-leo.com/someones_sending_email_that_looks_like_its_from_me_to_my_contacts_what_can_i_do.html

Charles
June 11, 2011 2:23 PM

That's the wierd thing. The names in the To: did not get any email. As an example, my work email address was in the To: but did not recieve the email.

Escherichia coli
July 20, 2011 3:14 AM

The simplest way to stop spams is delete completely your emails after backing up important emails and contacts. It's not worth to keep the email address if it is affected.

Barb
July 21, 2011 6:06 AM

I setup a message rule to delete messages which come from me, AND which contain certain words in the subject line.

Lucien den Arend
April 2, 2012 8:52 AM

Shouldn't it be possible, when they are selling something, to contact the distributor/actual seller of the product and tell them people are getting annoyed by way of their product is being marketed?

j matt
August 30, 2012 2:32 PM

Hey Leo..

I discovered a new scam.... On facebook... I created a 2nd account one day and decided to try to locate friends. The mini app requests my email account title and PW and like a dummy I do so. Within seconds the app is perusing my address book and I can't stop the routine quick enough. Overnight I get hate/angry emails from some of my contacts asking "WTF" Then lately I am receiving emails from myself using the unique "pseudonym" I used to create that 2nd FB account. So my conclusion is that it sourced from the creator of the FB app...(is it Zuckerberg? That little Turd!!)

I knew FB sucked pretty bad this confirms that FB is a waste of electricity.


Anyways I use AOL as my actual main email account and the email controls there allow me to AUTODELETE any spams I set up in the powerful word/phrase list as well as sender list... both lists allow "wild cards" and I can even reject emails from myself. I confirmed that by attempting to send myself an simple safe generic email and indeed I received the MailerDeamon rejected letter notice.....

Spammers hate me

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.