Summary: Among the spam we all get are messages that we appear to have sent ourselves. From-spoofing is just a way spammers try to get their email delivered.
I get email from:
someone@somedomain.com <myemail@hotmail.com>
where "someone@somedomain.com" is someone I don't know, but "myemail@hotmail.com" is, in fact, my email address. It as if the email was sent by me, but I did not send it.
How do I stop these email from coming into my box? It's usually for drugs or financial services that I don't need or would never be interested in. How can they use my own email? I can't block them as it says it is illegal to block my own email.
•
I'll start with the bad news: there's almost nothing you can do.
This is spam, pure and simple. Abusing your email address is only one of many techniques spammers use to throw their garbage into our mail boxes.
The remedies are pretty standard, albeit less than 100% effective.
•
What you're seeing is called "spoofing" or more correctly "From-spoofing" - sending email that appears as if it's coming "From:" someone that its not.
Spoofing is a technique that is used in just about every bit of spam you see today. Spammers are trying to hide where the email comes from and are doing so very effectively. The From: address is meaningless on spam - it tells you absolutely nothing. It requires more detailed analysis of the email headers, and even then at best you might be able to get the IP address of the computer sending the email. As I've discussed ad nauseam, the IP address is pretty much useless to you and me.
The fact that you're seeing your email address used in the "From:" field shouldn't alarm you. It might be annoying, but there's no need to worry about it. You're already on spammers lists to get spam and they're using that same list, or variations of it, to select which addresses to use when spoofing. And there's currently no effective way to stop them from spoofing.
When you see your own address spoofed in the From: field of spam, it's happening for one of two reasons:
-
They're trying to spam you, and know that it's unlikely you'll block email from yourself. In fact, as you've seen, it's not even always possible, but I'd consider it a bad idea even if you could do it. It'll prevent certain types of legitimate email from reaching you.
-
They're trying to spam someone else, and what you're seeing is a bounce message indicating that the original spam was rejected by its intended recipient. Since the email looks like it came "From:" you, you get the bounce message.
Now, as to why the "someone@somedomain.com <myemail@hotmail.com>" where the two email addresses don't match, or the more common "Name <myemail@hotmail.com>" where the name is obviously unrelated to the email address, I can only speculate. My guess is that it's either intentional confusion to perhaps boost the chance that recipients will open the email, or a side effect of the tools that spammers use that may not be able to put together a proper name/email address pair.
•
"But what do I do?"
First, realize there's nothing you can do to prevent From-spoofing. Eventually your email address is going to show up in the "From:" field of spam that you had nothing to do with. In fact as you've seen, it probably already has.
The only thing you can do is to keep doing whatever it is you do to control spam. I run two levels of spam filters, and even then some gets through. It's a juggling act because I don't want to risk marking something as spam that isn't - hence a little more spam gets through. Depending on your mail program and your mail provider, you may have similar or additional options available.
Related:
-
Ask Leo! - Someone's sending from my email address! How do I stop them?!
-
Ask Leo! - How do I get rid of all this spam?!?!
-
Ask Leo! - Why are email addresses sometimes in angle-brackets?
Article C3131 - August 27, 2007
I can't block my own email address, as on my website I have a booking form which sends to my email from my email (well that is what it looks like)...I know that booking forms will appear the way they do, but I still get other companies, ie drugs, insurance, etc cloning my email address to spam me.
Posted by: Andrea at March 2, 2009 3:24 AMWould ithelp if I changed my email address? Or are the spammers working with other parameters over which I have no control?
08-May-2009
Here's my Thunderbird filter
Set to require 'all' lines
1. From - contains - my_real_email_address
2. To - contains - my_real_email_address
3. Subject - does not contain - test
Do this: mark as Junk
The third requirement allows me to send myself
a test message, if I think there is some problem
with the email service.
I don't automatically delete junk.
Posted by: Doug at May 26, 2009 10:27 AMWell Firstly I have to disagree. I understand the spoofing, but in general, when you start getting spam from you own *account*@hostname.com the chances of a bug/hijack application is pretty high. That's something you can check out.
Posted by: Spamhater at June 4, 2009 12:51 AMIs the fact that my email address is in the FROM box going to get me added to a SPAM Blacklist?
25-Jun-2009
Posted by: Alan at June 25, 2009 6:58 AM
Is there a way of blocking e-mails that contain a keyword in the body of the e-mail? e.g. Viagra. I notice that most of these spams never mention the word in the header.
11-Aug-2009
Posted by: Lou at August 10, 2009 6:36 PM
I think most of the problem occurs with the fact that when sending mail to ourselves the sender is labeled " me " If Gmail would allow us to change this ( and not just when sending to someone else ) then the spam wouldn't irritate us so much. If I sent a mail to myself and it said " blushin " on it, I'd know it was from me, when I recieve one that says from " me " I would block it. But Gmail makes it impossible to do this.
Posted by: Blushin at October 13, 2009 12:47 PMI get tons of spam "from" myself, thankfully my email filters it out very effectively. My question is whether or not the spammers are able to send these spoof emails to OTHERS with MY email address in the "from" field. Are they able to spam others and make it look as if the spam was sent from my address?
06-Nov-2009
Posted by: bluebellsofs at November 6, 2009 12:23 AM
it is so frustrating to me as it has now happened twice via my hotmail address - spam being sent to me and all my adressees - some of my addressees have warned me and I have profusely apologised, but am afraid I will be blacklisted. How can I stop the spam from reaching those on my addressee list? I dont care about myself. It is just embarrassing - particularly to those I have subscribed to their newsletters....
Posted by: Tracy at November 16, 2009 3:32 AMPlease explain why blocking mail from my own address will prevent me from receiving legitimate emails. I don't get that -- I never send myself mail, the only mail I get with my email in the "from" is from spoofers.
08-Dec-2009
Posted by: Jim Houghton at December 7, 2009 11:05 AM