[Chat] Re: [Discussion] email question

Emil Volcheck volcheck at acm.org
Sat Apr 10 18:47:21 EDT 2004


John,

Spammers and/or viruses are forging messages to make it look like
you sent those messages.  If the recipient address is not valid,
then the recipient mail server attempts to notify the sender.  Since your
address is falsely listed as the return address of these messages,
you receive the error reports, even though you didn't send the
messages yourself.  Jargon for this is spoofing the return address
on a message.

This method of forging is an attempt to fool recipients into
thinking the message is from someone they know, making it more
likely that the message will bypass spam filters and more
likely that the recipient will open the message and read it.

Some viruses or worms that infect a machine try to locate a user's
address book and then mail a copy of themselves to all entries.
To the recipients, it looks like that user sent the messages.
MS Outlook has suffered from these kinds of attacks in the past.
More recent viruses and worms scan webpages and mailing lists for valid
addresses and spoof messages from those addresses.  For instance,
a spammer could scan all postings to a mailing list, extract all
the addresses, then to each address send a message that appears
to be from another address on the list.

Does this make sense?

--Emil



On Sat, Apr 10, 2004 at 10:21:46PM +0000, John Spurrier wrote:
> ...
> For the past few days I have been receiving a lot of email with subjects 
> like "undeliverable..." or "delivery status notification". The messages 


-- 
Emil Volcheck
volcheck at acm.org
http://acm.org/~volcheck




More information about the Chat mailing list