email issue

Discussion in 'Computer Security' started by Theprof, Jan 18, 2008.

  1. Theprof

    Theprof Petabyte Poster

    4,607
    83
    211
    Jan 18, 2008 #1
    Remove Advertisement - Premium Membership
    Hey everyone,

    I was wondering, how would I go about checking an email problem that a user is experiencing where he is receiving spam email from himself.

    In the from field of the email it says his name and in the to email it says his name. What does that usually indicate?

    Thanks.
     
    Certifications: A+ | CCA | CCAA | Network+ | MCDST | MCSA | MCP (270, 271, 272, 290, 291) | MCTS (70-662, 70-663) | MCITP:EMA | VCA-DCV/Cloud/WM | VTSP | VCP5-DT | VCP5-DCV
    WIP: VCAP5-DCA/DCD | EMCCA
  2. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    Jan 18, 2008 #2
    Remove Advertisement - Premium Membership
    It indicates that the spammer has harvested his email address from somewhere, and is spoofing the headers. Quite common.

    First thing to do is examine the full set of headers.

    But there is probably not much you can do otherwise.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  3. Theprof

    Theprof Petabyte Poster

    4,607
    83
    211
    Jan 18, 2008 #3
    I don't know much about this but I would assume that this happened because probably somewhere recently the user must of entered his email on a spammer site not knowing what's happening in the back round?

    Also changing the password won't do much?
     
    Certifications: A+ | CCA | CCAA | Network+ | MCDST | MCSA | MCP (270, 271, 272, 290, 291) | MCTS (70-662, 70-663) | MCITP:EMA | VCA-DCV/Cloud/WM | VTSP | VCP5-DT | VCP5-DCV
    WIP: VCAP5-DCA/DCD | EMCCA
  4. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    Jan 18, 2008 #4
    No, the spammer isnt actually using the account, they are just setting the mailheaders to look like it came from that address, so changing the password wont do anything for it.

    There could be no shortage of reasons for it. For instance, it could simply be that they are setting the To and From addresses to the same address when sending the email. Its as good a system as any for a spammer. As for getting the email address, its not necessarily because they entered their details. My last work got well over 8000 spam emails a day. Theres no way enough people did things like that. Spammers try various methods to send spam emails. The first is simply randomly generating email addresses against a domain, and sending them all.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present

Share This Page

Loading...
Remove Advertisement - Premium Membership
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...