|
Summary: Among the spam we all get are messages that we appear to have sent ourselves. From-spoofing is just a way spammers try to get their email delivered.
I'll start with the bad news: there's almost nothing you can do. This is spam, pure and simple. Abusing your email address is only one of many techniques spammers use to throw their garbage into our mail boxes. The remedies are pretty standard, albeit less than 100% effective. • What you're seeing is called "spoofing" or more correctly "From-spoofing" - sending email that appears as if it's coming "From:" someone that its not. Spoofing is a technique that is used in just about every bit of spam you see today. Spammers are trying to hide where the email comes from and are doing so very effectively. The From: address is meaningless on spam - it tells you absolutely nothing. It requires more detailed analysis of the email headers, and even then at best you might be able to get the IP address of the computer sending the email. As I've discussed ad nauseam, the IP address is pretty much useless to you and me. The fact that you're seeing your email address used in the "From:" field shouldn't alarm you. It might be annoying, but there's no need to worry about it. You're already on spammers lists to get spam and they're using that same list, or variations of it, to select which addresses to use when spoofing. And there's currently no effective way to stop them from spoofing. "The From: address is meaningless on spam - it tells you
absolutely nothing."
When you see your own address spoofed in the From: field of spam, it's happening for one of two reasons:
Now, as to why the "someone@somedomain.com <myemail@hotmail.com>" where the two email addresses don't match, or the more common "Name <myemail@hotmail.com>" where the name is obviously unrelated to the email address, I can only speculate. My guess is that it's either intentional confusion to perhaps boost the chance that recipients will open the email, or a side effect of the tools that spammers use that may not be able to put together a proper name/email address pair. • "But what do I do?" First, realize there's nothing you can do to prevent From-spoofing. Eventually your email address is going to show up in the "From:" field of spam that you had nothing to do with. In fact as you've seen, it probably already has. The only thing you can do is to keep doing whatever it is you do to control spam. I run two levels of spam filters, and even then some gets through. It's a juggling act because I don't want to risk marking something as spam that isn't - hence a little more spam gets through. Depending on your mail program and your mail provider, you may have similar or additional options available. Related:
Article 11784 | Posted August 27, 2007 |
Popular & Hot How do I make a new MSN Hotmail account? How do I delete history items from my Google tool bar? My desktop Recycle Bin has disappeared - why, and how do I get it back? I accidentally deleted my Recycle Bin in Vista - how do I get it back? New & Important How can I get the old Windows Live Hotmail back? Internet Safety: How do I keep my computer safe on the internet? Are free email services worth it? Would you please recover my password? My account has been hacked or I've forgotten it.
Stay Informed Archives Advertisers |
|
•
Leo,
Posted by: J.Haring at August 28, 2007 2:11 PMThank you for responding to my question. I wish we could do something about this, but now I know that it isn't unusual or serious. Maybe one day hotmail will be able and willing to do something about this problem. J. Haring
There's one way to redirect those messages to the SPAM folder, as long as you use Outlook 2007. Create a RULE to apply on messages arriving. The rule is messages from myname@myDomain and sent to myname@myDomain move to SPAM. You may choose to delete, instead of moving to SPAM, but I like to double check.
Atleast they are not within the valid messages anymore.
renato
Posted by: Renato Morbach at August 31, 2007 6:43 PMYou might suggest to J. Haring that he/she get a gmail address from Google. Google email has an automatic spam drop that works well. It also learns from the user's actions which additional email is classified as spam. Works great for me.
Posted by: catmoves at September 2, 2007 12:30 PMIt is harmless until Yahoo cancels your email account for "SPAM Abuse" because somebody was spoofing your email address....which happened to me.
Posted by: Bisser at September 8, 2008 11:32 AMWhy not have a do not e-mail list much like the do not call list? Most of the opt out options in e-mails don't work,they just bring me to a blank page.I am wondering why more of us (people on the net) don't get together and push for something more to be done.I mean my ISP has already blocked my account once for spamming and I knew nothing about it until I tried to get online and was blocked.I had to call them just to get my internet back and was told if it happens again my account will be canceled.I mean all this has gotten way out of hand and no one even wants to try to do something about it!!!
Dave
10-Nov-2008
Posted by: Dave at November 10, 2008 4:46 AM
Good article. I have a Gmail account and I think that they do a great job of preventing spam, but I also get annoyed by the e-mails from myself, that are really not from myself.
This is even doubly annoying, because sometimes I do send myself. Like sending myself an attachment at work, so that when I get home I can quickly download it. Gmail is simple to use because they give you up to 20MB for an attachment.
But Google also added a cool little feature that may be beneficial here. You can add a "+" and any verbiage after the "+" as a tag to your e-mail address. In other words, you can address an e-mail to a gmail user like this: user+thisisatag@gmail.com. How this can be used is to send e-mails to yourself by addressing it as self+fromself@gmail.com. When you register your id at a site, register the e-mail address of self+ebay@gmail.com. This address will appear in the "to" field and you can easily create a filter to grab these and labels to them. Anything sent to you that doesn't have a label will either be caught by your spam filter or end up in your inbox and easily spotted.
The other option would be your own domain and creating "forwarding" e-mail addresses that you would register in much the same way as i described above. In other words, ebay@mydomain.com or paypal@mydomain.com or any other site you subscribe to. This will help you to quickly separate the legit e-mails from the false one's. It's tedious but stops all the guessing. The key is switching all of your existing accounts.
Just my 2-cents.
Posted by: Nelson at December 1, 2008 9:09 AM