johnnom12 Posted April 10, 2008 Posted April 10, 2008 Hi Guys I'm new and probably haven't read as many FAQs and previous posts as I shld've before posting so be forgiving. I got an email addressed to someone else offering me pictures of Britney's private bits. I'm careful with my email address as I want to avoid such glories but it looked to me as if the spammers had found a way of getting by the the email server with some kind of bot. Just to get to me. I phoned my provider Virgin who told me I'd been the victim of a BCC spam. I had no idea what this meant and I suspect that the young guy on the other end of the phone who was relaying his info from 'second level' support didn't either. I DONT WANT FIRST LEVEL SUPPORT WHEN I"M PAYING PREMIUM RATES! Anyway : I did a bid of googling and wasn't happy that this was the case - mainly because when I opened the properties>details>>message source in OE6 there was not a line: BCC: my email address (should there have been?). There was however a line: X-Envelope-To: my email address. What does all it mean? I'm confused, tired and probably overly angry at that F***[at] rich B[at]*** Branson. Please help John
StevenUnderwood Posted April 10, 2008 Posted April 10, 2008 There was however a line: X-Envelope-To: my email address. This shows there was an email with your address as one of the recipients (RCPT TO: <your email address>). The To: and From: fields are just text entered by the spammer.
rconner Posted April 10, 2008 Posted April 10, 2008 I phoned my provider Virgin who told me I'd been the victim of a BCC spam. I had no idea what this meant and I suspect that the young guy on the other end of the phone who was relaying his info from 'second level' support didn't either. Nice piece of jargon, but a rather meaningless one as it turns out. Actually, and you may find this surprising, the To, CC, and BCC fields have nothing to do with how e-mail gets delivered to you. As Steve points out, they can be easily forged by the spammer in order to sow confusion (which we can see that they do, even among "second level support"). Your address does not even have to appear in these fields at all; the only place where it is passed is during the "conversation" that accompanies the handoff of the mail. Whether your address appears in the message at all depends upon many factors. As you discovered, it was included in the "invisible" part of the header, in an X-field. Also, even if you take pains to keep your address out of circulation, spammers can still GUESS it during a directory harvest attack. Refer to this wiki page for more info on this. -- rick
Miss Betsy Posted April 10, 2008 Posted April 10, 2008 Although spammers have been known to 'personally' reply to reporters in the past, I haven't heard of any credible reports lately. Spammers are so automated with the botnets that they probably don't even see much more than the command they use to start a spam run. If it wasn't a dictionary spammer, then it was probably a correspondent (or a correspondent of a correspondent who received a forward of a really 'interesting' email) who got infected by a trojan that then harvests all the email addresses in that computer. That's the last way I started getting spam. Your best bet is to buy a filtering program like Mailwasher (but if you get it, do NOT use the bounce - that will make an accessory spammer). If your ISP offers it, you can get spam filtered by them. Depending on what kind of personality you are, you will either opt for deleting anything that looks like spam or having it tagged for delivery to you so you can delete it after examining it for legitimate email. Miss Betsy
johnnom12 Posted April 12, 2008 Author Posted April 12, 2008 Hi Guys Thanks for your replies they were much appreciated I'm still not sure where I am with this in terms of what I do next - thanks for the info on Mailwasher Betsy I'll give it a try. I'm currently getting to grips with the terminology and processes detailed in the message source so where this will take me God knows - its never going to be worth the effort though May the Force etc. John
Farelf Posted April 12, 2008 Posted April 12, 2008 ...I'm currently getting to grips with the terminology and processes detailed in the message source so where this will take me God knows - its never going to be worth the effort though Heh heh. Well Rick (rconner) is probably too modest to say but have a look at his website (referenced in his sig, earlier post).
rconner Posted April 13, 2008 Posted April 13, 2008 Heh heh. Well Rick (rconner) is probably too modest to say but have a look at his website (referenced in his sig, earlier post).Well, I do hear that there's a good glossary there, plus a lot of other possibly useful info. Just passing on what I hear --> http://www.rickconner.net/spamweb/ <-- -- rick
Recommended Posts
Archived
This topic is now archived and is closed to further replies.