SPAM - I don't want to block my own email address.

[ThomasAJ]

Somehow the spammers are putting in my own email address as the 'from'
address. If I 'Add to blocked senders list' then won't I block myself?

eg In body of email near the top it says:
Joe Blow [[email protected]]
To: (e-mail address removed)

How the heck do they do that?

 

[N. Miller]

Somehow the spammers are putting in my own email address as the 'from'
address. If I 'Add to blocked senders list' then won't I block myself?

Yes, unless you create some conditional rules.

eg In body of email near the top it says:
Joe Blow [[email protected]]
To: (e-mail address removed)

How the heck do they do that?

They just type your email address into the sender field. There is no
technical way to prevent it, just as there is no technical way to prevent
you from using, '1600 Pennsylvania AV, Washington, D.C.' as a return address
on an postal envelope. But there is no Internet equivalent of the Secret
Service to track back to the abuser.

 

[VanguardLH]

Somehow the spammers are putting in my own email address as the 'from'
address. If I 'Add to blocked senders list' then won't I block myself?

eg In body of email near the top it says:
Joe Blow [[email protected]]
To: (e-mail address removed)

Do you often send yourself e-mails? If not, blocking on you in the From
means just that: you are blocking e-mails that pretend to be sent by
you. If YOU don't send yourself e-mails then those that say they are
from you never did come from you.

If you do send yourself e-mails, you'll need to use a rule that checks
for a passcode or special string in the Subject that you add when you
send yourself an e-mail or send yourself a copy of an e-mail. A rule
looks for that passcode and leaves the e-mail in the Inbox folder. If
someone ever violates your trust and uses the passcode (because you sent
them an e-mail and yourself a copy which means they got the passcode),
you can simply change the passcode later. Use a string that is not
likely to ever appear in non-spam e-mails. It can be anything, like
"[%TAJ^82%]".

- Passcoded message:
Apply this rule after the message arrives
with <passcode> in Subject
and stop processing more rules

- "Me in From" rule:
Apply this rule after the message arrives
with <your-email-address> in the sender's address
and delete it (or move it)
and mark it as read
and stop processing more rules

Make sure the passcode rule (that commits no action on the message in
your Inbox) is before your anti-spam rule. When you send yourself [a
copy of] an e-mail, include the passcode.

How the heck do they do that?

The same you can: just put anything you want to claim as your e-mail
address in the From header (in Outlook, look in the account you defined
and look in the E-mail field). The From header is not added by a
server. It is *data* that the sender's client adds to the message so it
is whatever the sender it is.

Not only do you use the passcode to make sure you get e-mails that you
sent yourself, but you can give out the passcode to trusted senders. If
the passcode rule is at or near the top of your rules, all the rest of
the rules are skipped (due to the stop-clause). E-mails with the
passcode don't have to pass through your gauntlet of anti-spam rules.
So make sure you really do trust whomever you give the passcode; else,
you'll be changing it.

 

[ThomasAJ]

Thank you very much - that was a stunning reply.
--
Regards
Tom

Somehow the spammers are putting in my own email address as the 'from'
address. If I 'Add to blocked senders list' then won't I block myself?

eg In body of email near the top it says:
Joe Blow [[email protected]]
To: (e-mail address removed)

Do you often send yourself e-mails? If not, blocking on you in the From
means just that: you are blocking e-mails that pretend to be sent by
you. If YOU don't send yourself e-mails then those that say they are
from you never did come from you.

If you do send yourself e-mails, you'll need to use a rule that checks
for a passcode or special string in the Subject that you add when you
send yourself an e-mail or send yourself a copy of an e-mail. A rule
looks for that passcode and leaves the e-mail in the Inbox folder. If
someone ever violates your trust and uses the passcode (because you sent
them an e-mail and yourself a copy which means they got the passcode),
you can simply change the passcode later. Use a string that is not
likely to ever appear in non-spam e-mails. It can be anything, like
"[%TAJ^82%]".

- Passcoded message:
Apply this rule after the message arrives
with <passcode> in Subject
and stop processing more rules

- "Me in From" rule:
Apply this rule after the message arrives
with <your-email-address> in the sender's address
and delete it (or move it)
and mark it as read
and stop processing more rules

Make sure the passcode rule (that commits no action on the message in
your Inbox) is before your anti-spam rule. When you send yourself [a
copy of] an e-mail, include the passcode.

How the heck do they do that?

The same you can: just put anything you want to claim as your e-mail
address in the From header (in Outlook, look in the account you defined
and look in the E-mail field). The From header is not added by a
server. It is *data* that the sender's client adds to the message so it
is whatever the sender it is.

Not only do you use the passcode to make sure you get e-mails that you
sent yourself, but you can give out the passcode to trusted senders. If
the passcode rule is at or near the top of your rules, all the rest of
the rules are skipped (due to the stop-clause). E-mails with the
passcode don't have to pass through your gauntlet of anti-spam rules.
So make sure you really do trust whomever you give the passcode; else,
you'll be changing it.

 

[ThomasAJ]

Thanks
But surely the header contains the originating email account regardless of
what the spammers put into the 'visible' part.
--
Regards
Tom

Somehow the spammers are putting in my own email address as the 'from'
address. If I 'Add to blocked senders list' then won't I block myself?

Yes, unless you create some conditional rules.

eg In body of email near the top it says:
Joe Blow [[email protected]]
To: (e-mail address removed)

How the heck do they do that?

They just type your email address into the sender field. There is no
technical way to prevent it, just as there is no technical way to prevent
you from using, '1600 Pennsylvania AV, Washington, D.C.' as a return address
on an postal envelope. But there is no Internet equivalent of the Secret
Service to track back to the abuser.

 

[N. Miller]

But surely the header contains the originating email account regardless of
what the spammers put into the 'visible' part.

The only part of the header with useful information is the "Received: from x
by x" line which shows the connection of the MTA relaying the email to your
domain gateway (MX) server. No email address in the headers is used for
delivery, unless your email service provider is one of the rare few who add
an "X-Delivered-To:" header line including the SMTP 'RCPT TO:' email
address.

 

[VanguardLH]

Thanks
But surely the header contains the originating email account regardless of
what the spammers put into the 'visible' part.

There is nothing that must be placed in the headers to identify the
account for the sender. The Recieved header added by the sender's mail
server *might* have the sender's account info, like their username, but
it is not required. All it might have is the IP address of the sender's
host. Or it might have the IP address of a relay host that is internal
to the e-mail provider to which the sender connected. There is nothing
in SMTP that requires the actual sender be identified. That is why spam
thrives because of the trust model on which SMTP was constructed.