1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

email issue

Discussion in 'Computer Security' started by Theprof, Jan 18, 2008.

  1. Theprof

    Theprof Petabyte Poster Forum Leader

    4,570
    68
    196
    Hey everyone,

    I was wondering, how would I go about checking an email problem that a user is experiencing where he is receiving spam email from himself.

    In the from field of the email it says his name and in the to email it says his name. What does that usually indicate?

    Thanks.
     
    Certifications: A+ | CCA | CCAA | Network+ | MCDST | MCSA | MCP (270, 271, 272, 290, 291) | MCTS (70-662, 70-663) | MCITP:EMA | VCA-DCV/Cloud/WM | VTSP | VCP5-DT | VCP5-DCV
    WIP: VCAP5-DCA/DCD | EMCCA
  2. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    It indicates that the spammer has harvested his email address from somewhere, and is spoofing the headers. Quite common.

    First thing to do is examine the full set of headers.

    But there is probably not much you can do otherwise.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  3. Theprof

    Theprof Petabyte Poster Forum Leader

    4,570
    68
    196
    I don't know much about this but I would assume that this happened because probably somewhere recently the user must of entered his email on a spammer site not knowing what's happening in the back round?

    Also changing the password won't do much?
     
    Certifications: A+ | CCA | CCAA | Network+ | MCDST | MCSA | MCP (270, 271, 272, 290, 291) | MCTS (70-662, 70-663) | MCITP:EMA | VCA-DCV/Cloud/WM | VTSP | VCP5-DT | VCP5-DCV
    WIP: VCAP5-DCA/DCD | EMCCA
  4. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    171
    211
    No, the spammer isnt actually using the account, they are just setting the mailheaders to look like it came from that address, so changing the password wont do anything for it.

    There could be no shortage of reasons for it. For instance, it could simply be that they are setting the To and From addresses to the same address when sending the email. Its as good a system as any for a spammer. As for getting the email address, its not necessarily because they entered their details. My last work got well over 8000 spam emails a day. Theres no way enough people did things like that. Spammers try various methods to send spam emails. The first is simply randomly generating email addresses against a domain, and sending them all.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present

Share This Page

Loading...