Spoofing "TO" Address in email

Discussion in 'Computer Security' started by Phil Nospam, Nov 18, 2005.

  1. Phil Nospam

    Phil Nospam Guest

    I'm not sure if this is the right forum for this...if not please point me in
    the right direction.

    I'm receiving email that is addressed to someone else. Not using any real
    emai addresses here, but here's an example: my email address is
    but the email is addressed to . I've checked the headers and my
    email address/name doesn't appear in there ANYWHERE. I talked to my ISP, I
    have Time Warner's Road Runner service, and they said that the sender is
    spoofing the "TO" address. The things he said just didn't make any sense -
    granted I'm not a security expert, but I've got a little common sense.

    First he said that the email would be addressed to the proper person, but
    some software would then change the value in the "TO" field after it was
    sent. I asked and he confirmed that he didn't mean software on my PC would
    change the TO value (running daily AV). I then asked if it would be on the
    Road Runner server...he said no, on the sender's server. What I don't
    understand is how the email can be sent to the recipient address, then the
    recipient address be changed on the server before it is sent. He said that
    was a form of "spoofing". I've searched the web and can only find info
    about spoofing the RETURN address.

    Now I realize that he could have used some kind of mailing list, but the TO
    address was another Road Runner email address...and they don't allow that
    type of forwarding (or so they say). I thought that maybe I was a "BCC"
    recipient, but other emails I've received like have had my correct email
    address in the header somewhere.
    Phil Nospam, Nov 18, 2005
    #1
    1. Advertising

  2. Phil Nospam

    Harri Mellin Guest

    In article <vpsff.1386$>,
    "Phil Nospam" <> wrote:

    > I'm not sure if this is the right forum for this...if not please point me in
    > the right direction.
    >
    > I'm receiving email that is addressed to someone else. Not using any real
    > emai addresses here, but here's an example: my email address is
    > but the email is addressed to . I've checked the headers and my
    > email address/name doesn't appear in there ANYWHERE. I talked to my ISP, I
    > have Time Warner's Road Runner service, and they said that the sender is
    > spoofing the "TO" address. The things he said just didn't make any sense -
    > granted I'm not a security expert, but I've got a little common sense.
    >
    > First he said that the email would be addressed to the proper person, but
    > some software would then change the value in the "TO" field after it was
    > sent. I asked and he confirmed that he didn't mean software on my PC would
    > change the TO value (running daily AV). I then asked if it would be on the
    > Road Runner server...he said no, on the sender's server. What I don't
    > understand is how the email can be sent to the recipient address, then the
    > recipient address be changed on the server before it is sent. He said that
    > was a form of "spoofing". I've searched the web and can only find info
    > about spoofing the RETURN address.
    >
    > Now I realize that he could have used some kind of mailing list, but the TO
    > address was another Road Runner email address...and they don't allow that
    > type of forwarding (or so they say). I thought that maybe I was a "BCC"
    > recipient, but other emails I've received like have had my correct email
    > address in the header somewhere.
    >
    >
    >


    add in the TO field
    add the rest of th email adresses in the BCC (Blind Carbon Copy)

    and every one gets a email with in the TO field

    --
    -------------------------------------------
    Swedish Webcams <http://www.webcams.zap.to>
    -------------------------------------------
    Harri Mellin, Nov 18, 2005
    #2
    1. Advertising

  3. Phil Nospam

    Bit Twister Guest

    On Fri, 18 Nov 2005 22:16:59 GMT, Phil Nospam wrote:
    > I'm not sure if this is the right forum for this...if not please point me in
    > the right direction.
    >
    > I'm receiving email that is addressed to someone else. Not using any real
    > emai addresses here, but here's an example: my email address is
    > but the email is addressed to . I've checked the headers and my
    > email address/name doesn't appear in there ANYWHERE.



    Yes, common method by spammers. Your email address is in the BCC field
    which is why you can not see how you received it.

    I make sure any email name I chose cannot be found with a search
    engine.

    I do not get any spam in any of the 8 email addresses I have picked.

    Spammers collect email addys, strip the domain and add all the major
    ISP names and shoot out the spam.

    Change your email addy to something like p3hil_8_nospam and your
    spam problem will clear right up. Just never post you email on usenet
    and only hand out throw away addresses like
    .

    You need to use a third party news reader instead M$ apps.
    Also seperate email/browser apps.
    You might visit a site which ask your browser for annonymous ftp which
    provides your email addy as password. Now they can sell it to
    spammers.
    Bit Twister, Nov 18, 2005
    #3
  4. Phil Nospam

    Moe Trin Guest

    In the Usenet newsgroup alt.computer.security, in article
    <vpsff.1386$>, Phil Nospam wrote:

    >I'm not sure if this is the right forum for this...if not please point me in
    >the right direction.


    It'll do.

    >I'm receiving email that is addressed to someone else. Not using any real
    >emai addresses here, but here's an example: my email address is
    >but the email is addressed to . I've checked the headers and my
    >email address/name doesn't appear in there ANYWHERE. I talked to my ISP, I
    >have Time Warner's Road Runner service, and they said that the sender is
    >spoofing the "TO" address. The things he said just didn't make any sense -
    >granted I'm not a security expert, but I've got a little common sense.


    %telnet mail.your.isp 25
    Trying 198.15.1.25 ...
    Connected to mail.your.isp
    Escape character is '^]'.
    220 mail.your.isp ESMTP Sendmail 8.11.6/8.11.6; Sun, 18 Aug 2002 21:21:03 -0500
    HELO south.pole.hq
    250 mail.your.isp Hello south.pole.hq, pleased to meet you
    MAIL FROM:<>
    250 <>... sender ok
    RCPT TO:<>
    250 <>... recipient ok
    RCPT TO:<>
    550 <> mailbox unavailable
    RCPT TO:<>
    250 <>... recipient ok
    DATA
    354 Enter mail, and end with "." on a line by itself
    From: Your favorite place to buy
    To: Our valued customers
    Date: Some random date-string
    Subject: Have I got a deal for you!!!

    Buy your pills from http://www.some.wankers.website.org/sucker.html
    ..
    250 UAA01441 Message accepted for delivery
    quit
    221 mail.your.isp closing connection
    Connection closed by foreign host.
    %

    and what you may see if you know how to find the raw mail (looking at the
    headers and all that):

    Return-Path: <>
    Received: from south.pole.hq (host54.zombie.isp.com [[192.0.2.54])
    by mail.your.isp (8.11.6/8.11.6) is ESMTP id UAA01441
    Sat, 22 Nov 2003 15:42:28 -0700
    Message-Id: 200311222242.mail.your.isp
    From: Your favorite place to buy
    To: Our valued customers
    Date: Some random date-string
    Subject: Have I got a deal for you!!!

    Buy your pills from http://www.some.wankers.website.org/sucker.html

    So, where did the crap come from? Certainly not what it says in the
    "From:" header (which doesn't even _have_ a valid mail address here).
    Some comments: 1) Notice the receiving mail server didn't blink when
    the 'MAIL FROM:' didn't match the domain of the remote host. 2) In
    the 'Received:' header, this receiving host did a lookup of the IP
    address that the sending host was using - the PTR name is within the
    parenthese, the actual IP within the square brackets. 3) Notice that
    the To: and From: headers serve _no_ purpose in the delivery of the
    mail - that's handled solely by the 'RCPT TO:' command to the Mail
    Transfer Agent (MTA - or your mail server). 4) Because there were
    multiple 'RCPT TO:' names, your name did not appear in the 'Received:'
    header added by _your_ mail server (it would be just before the date
    value in that 'Received:' header if you were the only recipient).
    5) Notice the receiving mail server returning a 250 to "valid" names
    of recipients, and a 550 when given an invalid name - in normal mail,
    this would cause an error message back to the senders mail tool, but
    a spammer ignores this, or never sees it.

    For a lot more information, see http://www.stopspam.org/email/headers.html

    Old guy
    Moe Trin, Nov 19, 2005
    #4
  5. Phil Nospam

    Phil Nospam Guest

    "Bit Twister" <> wrote in message
    news:...
    > On Fri, 18 Nov 2005 22:16:59 GMT, Phil Nospam wrote:
    > > I'm not sure if this is the right forum for this...if not please point

    me in
    > > the right direction.
    > >
    > > I'm receiving email that is addressed to someone else. Not using any

    real
    > > emai addresses here, but here's an example: my email address is


    > > but the email is addressed to . I've checked the headers and

    my
    > > email address/name doesn't appear in there ANYWHERE.

    >
    >
    > Yes, common method by spammers. Your email address is in the BCC field
    > which is why you can not see how you received it.
    >
    > I make sure any email name I chose cannot be found with a search
    > engine.
    >
    > I do not get any spam in any of the 8 email addresses I have picked.
    >
    > Spammers collect email addys, strip the domain and add all the major
    > ISP names and shoot out the spam.
    >
    > Change your email addy to something like p3hil_8_nospam and your
    > spam problem will clear right up. Just never post you email on usenet
    > and only hand out throw away addresses like
    > .
    >
    > You need to use a third party news reader instead M$ apps.
    > Also seperate email/browser apps.
    > You might visit a site which ask your browser for annonymous ftp which
    > provides your email addy as password. Now they can sell it to
    > spammers.
    >


    Thanks for all the great tips.

    As a test, I sent myself an email without addressing the TO field at all,
    and placing my email address in the BCC field (using Outlook Express 6). I
    received it with the TO field blank, and when I examine the header I do see
    the email address it was addressed to in the BCC field (it doesn't say it
    was the BCC field, but I know it was because I sent it).

    I performed the same test sending it from a free Netscape account to my Road
    Runner account and saw the same thing. Doesn't the recipient's email
    address have to be in the header SOMEWHERE in order for the recipient to
    actually receive it?

    Here's a copy of part of the header that shows how I can tell I'm receiving
    an email as a BCC recipient if sent from Road Runner email address or
    Netscape email address:

    Return-path: <>
    Received: from ms-mta-02-eri0 (ms-mta-02-eri0 [10.25.8.235])
    by ms-mss-05.southeast.rr.com
    (iPlanet Messaging Server 5.2 HotFix 2.08 (built Sep 22 2005))
    with ESMTP id <> for
    ; Sun, 20 Nov 2005 20:48:58 -0500 (EST)

    The end of that "Received: from" statement says that the email is "for
    ". I replaced the real email address with
    "aBCCrecipient", but you see my point. The spam email I receive doesn't
    have anything like that in it. So how does it know it's for me and end up
    in my Inbox?

    Here's the same part of the header from the spam email I received that was
    addressed TO somebody else:

    Return-path: <>
    Received: from ms-mta-02-eri0 (ms-mta-02-eri0 [10.25.8.235])
    by ms-mss-05.southeast.rr.com
    (iPlanet Messaging Server 5.2 HotFix 2.08 (built Sep 22 2005))
    with ESMTP id <>; Mon,
    14 Nov 2005 13:19:35 -0500 (EST)

    See... there's nothing there to show who it is going to.
    Or maybe it's there and encrypted in the next to the last line where it says
    ?

    Thanks again for your assistance.
    Phil Nospam, Nov 21, 2005
    #5
  6. Phil Nospam

    Moe Trin Guest

    In the Usenet newsgroup alt.computer.security, in article
    <d1agf.2796$>, Phil Nospam wrote:

    >As a test, I sent myself an email without addressing the TO field at all,
    >and placing my email address in the BCC field (using Outlook Express 6).
    >I received it with the TO field blank, and when I examine the header I do
    >see the email address it was addressed to in the BCC field (it doesn't
    >say it was the BCC field, but I know it was because I sent it).


    Your concept is correct, but spammers and bulk mailers do not use user
    level tools like Outlook Express.

    >Doesn't the recipient's email address have to be in the header SOMEWHERE
    >in order for the recipient to actually receive it?


    No. ALL mail delivery is based on the 'Envelope Recipient' and that
    value may not show up in any header.

    >Here's a copy of part of the header that shows how I can tell I'm
    >receiving an email as a BCC recipient if sent from Road Runner email
    >address or Netscape email address:


    Now, send a mail to TWO (or more) people at once at the same address
    (meaning '' and '', and then notice the difference
    in the headers. NEITHER NAME WILL APPEAR, but the crap will be delivered
    just the same.

    >The end of that "Received: from" statement says that the email is "for
    >". I replaced the real email address with
    >"aBCCrecipient", but you see my point. The spam email I receive doesn't
    >have anything like that in it. So how does it know it's for me and end up
    >in my Inbox?


    Because it is being delivered to more than one person at rr.com, the
    header does not show the individual addressees. In the conversation
    between the sending mail server (ms-mta-02-eri0 in the case you show)
    and receiving mail server (ms-mss-05.southeast.rr.com in the case you
    show), the "MAIL FROM" term gets into the 'Return-path:' header (but
    that name is under control of the sender, and can be faked), and the
    "RCPT TO:" which is what actually controls delivery only gets passed
    to the mail you see if there is only ONE instance and in that case
    alone is it put in the "Received: header.

    >Here's the same part of the header from the spam email I received that
    >was addressed TO somebody else:


    That's no help - you need to look at more than that one line. In this
    case, it was actually sent to two OR MORE people at rr.com. See
    http://www.stopspam.org/email/headers.html for more details.

    >See... there's nothing there to show who it is going to.


    Yup - the ENVELOPE gets thrown away on the receiving mail server, and
    all you see is the contents. Sorry, but that's the way email works.

    >Or maybe it's there and encrypted in the next to the last line where it
    >says ?


    No, that is the "serial number" of the message transaction on that specific
    mail server.

    See RFC0821, 0822, 2821, and 2822, which can be found on the web.

    Old guy
    Moe Trin, Nov 21, 2005
    #6
  7. Phil Nospam

    Phil Nospam Guest

    "Moe Trin" <> wrote in message
    news:...
    > In the Usenet newsgroup alt.computer.security, in article
    > <d1agf.2796$>, Phil Nospam wrote:
    >
    > >As a test, I sent myself an email without addressing the TO field at all,
    > >and placing my email address in the BCC field (using Outlook Express 6).
    > >I received it with the TO field blank, and when I examine the header I do
    > >see the email address it was addressed to in the BCC field (it doesn't
    > >say it was the BCC field, but I know it was because I sent it).

    >
    > Your concept is correct, but spammers and bulk mailers do not use user
    > level tools like Outlook Express.
    >
    > >Doesn't the recipient's email address have to be in the header SOMEWHERE
    > >in order for the recipient to actually receive it?

    >
    > No. ALL mail delivery is based on the 'Envelope Recipient' and that
    > value may not show up in any header.
    >
    > >Here's a copy of part of the header that shows how I can tell I'm
    > >receiving an email as a BCC recipient if sent from Road Runner email
    > >address or Netscape email address:

    >
    > Now, send a mail to TWO (or more) people at once at the same address
    > (meaning '' and '', and then notice the difference
    > in the headers. NEITHER NAME WILL APPEAR, but the crap will be delivered
    > just the same.
    >
    > >The end of that "Received: from" statement says that the email is "for
    > >". I replaced the real email address with
    > >"aBCCrecipient", but you see my point. The spam email I receive doesn't
    > >have anything like that in it. So how does it know it's for me and end

    up
    > >in my Inbox?

    >
    > Because it is being delivered to more than one person at rr.com, the
    > header does not show the individual addressees. In the conversation
    > between the sending mail server (ms-mta-02-eri0 in the case you show)
    > and receiving mail server (ms-mss-05.southeast.rr.com in the case you
    > show), the "MAIL FROM" term gets into the 'Return-path:' header (but
    > that name is under control of the sender, and can be faked), and the
    > "RCPT TO:" which is what actually controls delivery only gets passed
    > to the mail you see if there is only ONE instance and in that case
    > alone is it put in the "Received: header.
    >
    > >Here's the same part of the header from the spam email I received that
    > >was addressed TO somebody else:

    >
    > That's no help - you need to look at more than that one line. In this
    > case, it was actually sent to two OR MORE people at rr.com. See
    > http://www.stopspam.org/email/headers.html for more details.
    >
    > >See... there's nothing there to show who it is going to.

    >
    > Yup - the ENVELOPE gets thrown away on the receiving mail server, and
    > all you see is the contents. Sorry, but that's the way email works.
    >
    > >Or maybe it's there and encrypted in the next to the last line where it
    > >says ?

    >
    > No, that is the "serial number" of the message transaction on that

    specific
    > mail server.
    >
    > See RFC0821, 0822, 2821, and 2822, which can be found on the web.
    >
    > Old guy


    Old guy (or Moe),

    Thanks for your help and excellent explanations...it's making a lot more
    sense now.

    One thing though...in the section where you wrote:
    > Now, send a mail to TWO (or more) people at once at the same address
    > (meaning '' and '', and then notice the difference
    > in the headers. NEITHER NAME WILL APPEAR, but the crap will be delivered
    > just the same.


    I tried that and the header still revealed the name of the intended
    recipient (addressed in the BCC field) in the header. Now it didn't reveal
    the name of the other blind recipients, just the one that actually received
    it as a blind recipient. Could that be a function of the mail server
    software itself? It appears that RoadRunner is using the iPlanet Messaging
    Server from Sun. Maybe it can be configured to include the individual BCC
    recipient's email address in the header (but not the others, otherwise it
    wouldn't be blind) for security and tracking purposes? But it can only do
    it on outgoing emails, not incoming, because as you said the "envelope" gets
    thrown away. Just a thought.

    Thanks again,

    Phil
    Phil Nospam, Nov 23, 2005
    #7
  8. Phil Nospam

    Moe Trin Guest

    On Wed, 23 Nov 2005, in the Usenet newsgroup alt.computer.security, in article
    <RjSgf.4043$xD5.17613 >, Phil Nospam wrote:
    >
    >"Moe Trin" <> wrote in message
    >news:...


    >One thing though...in the section where you wrote:
    >> Now, send a mail to TWO (or more) people at once at the same address
    >> (meaning '' and '', and then notice the difference
    >> in the headers. NEITHER NAME WILL APPEAR, but the crap will be delivered
    >> just the same.

    >
    >I tried that and the header still revealed the name of the intended
    >recipient (addressed in the BCC field) in the header. Now it didn't reveal
    >the name of the other blind recipients, just the one that actually received
    >it as a blind recipient.


    Try sending it as multiple recipients in the 'To:' field, rather than the
    BCC, and make sure all recipients are located in the same domain (sending
    to '' and '' won't be the same - it must be
    '' and ''. Also remember that spammers are not using
    your 'user' grade software like Outlook. Can you really imagine some
    spammer sitting at a computer, and cutting/pasting the same message to a
    hundred people, and repeating this for the one to fifteen _million_
    recipients of a normal spam run? They're stupid, but not THAT st00pid.

    >Could that be a function of the mail server software itself? It appears
    >that RoadRunner is using the iPlanet Messaging Server from Sun. Maybe it
    >can be configured to include the individual BCC recipient's email address
    >in the header (but not the others, otherwise it wouldn't be blind) for
    >security and tracking purposes?


    I can't think why that would be needed, but then we're not using iPlanet.

    >But it can only do it on outgoing emails, not incoming, because as you said
    >the "envelope" gets thrown away. Just a thought.


    The 'Received:' header is added by hosts that receive the mail. RFC0821
    didn't spell it out as cleanly, but RFC2821 section 3.8.2 requires an
    Internet gateway that receives the mail to ADD a received header, and to
    not alter the already existing received headers. Thus, the headers should
    show a chain from source to destination - or as RFC0821 shows

    Received: from GHI.ARPA by JKL.ARPA ; 27 Oct 81 15:27:39 PST
    Received: from DEF.ARPA by GHI.ARPA ; 27 Oct 81 15:15:13 PST
    Received: from ABC.ARPA by DEF.ARPA ; 27 Oct 81 15:01:59 PST

    The modern header (the above is from 1981) has more information such
    as IP addresses, transaction IDs, and maybe software versions AND the name
    of the ultimate recipient, but that name is only added when (for the
    specific mail server in question) there is one and only one envelope
    recipient.

    Regarding those 'Received:' headers, you can only trust the "last' one
    added (above, the 15:27:39 line) added by systems you (or perhaps your
    ISP) control. Spammers often add faked lines to confuse the issue, and
    those lines can contain any fairy tail the spammer wishes to include.

    Old guy
    Moe Trin, Nov 23, 2005
    #8
  9. Phil Nospam

    Phil Nospam Guest

    "Moe Trin" <> wrote in message
    news:...
    > On Wed, 23 Nov 2005, in the Usenet newsgroup alt.computer.security, in

    article
    > <RjSgf.4043$xD5.17613 >, Phil Nospam wrote:
    > >
    > >"Moe Trin" <> wrote in message
    > >news:...

    >
    > >One thing though...in the section where you wrote:
    > >> Now, send a mail to TWO (or more) people at once at the same address
    > >> (meaning '' and '', and then notice the

    difference
    > >> in the headers. NEITHER NAME WILL APPEAR, but the crap will be

    delivered
    > >> just the same.

    > >
    > >I tried that and the header still revealed the name of the intended
    > >recipient (addressed in the BCC field) in the header. Now it didn't

    reveal
    > >the name of the other blind recipients, just the one that actually

    received
    > >it as a blind recipient.

    >
    > Try sending it as multiple recipients in the 'To:' field, rather than the
    > BCC, and make sure all recipients are located in the same domain (sending
    > to '' and '' won't be the same - it must be
    > '' and ''. Also remember that spammers are not using
    > your 'user' grade software like Outlook. Can you really imagine some
    > spammer sitting at a computer, and cutting/pasting the same message to a
    > hundred people, and repeating this for the one to fifteen _million_
    > recipients of a normal spam run? They're stupid, but not THAT st00pid.
    >


    > Old guy


    Well, you can actually perform email merges between Excel and Word
    (beginning with Office 2003) so they wouldn't have to cut and paste like
    that. But I get your point. Maybe it's just time for me to get a new email
    address. Or I could just get a domain name, set up my own web site and mail
    server in my house (I actually own a legit copy of MS Exchange). It might
    be a great learning experience.

    :)
    Phil Nospam, Nov 24, 2005
    #9
  10. Phil Nospam

    Moe Trin Guest

    On Thu, 24 Nov 2005, in the Usenet newsgroup alt.computer.security, in article
    <4vahf.3153$>, Phil Nospam wrote:

    >Well, you can actually perform email merges between Excel and Word
    >(beginning with Office 2003) so they wouldn't have to cut and paste like
    >that.


    Now, if you actually read some of that wonderful spam^Woffers of most
    interesting products and services you've been receiving, you'd find
    software kits that contains a list of 15 million addresses, and come with
    a set of mail delivery tools that would let you contact the millions of
    victi^Wsucke^Wpotential customers out there on this Interweb thingy - yours
    for a mere $249 plus shipping and handling, overnight service extra. ;-)

    >Maybe it's just time for me to get a new email address.


    That's usually the simpler choice. I stopped publishing my email addresses
    years ago, and because the spammers are getting more devious my current
    semi-public address doesn't even have a recognizable string in it. I'm
    actually using something like '"Moe Trin" <>'.
    Random string generators used to be only used for making un-guessable
    passwords - now I'm using them to create usernames.

    >Or I could just get a domain name, set up my own web site and mail server
    >in my house (I actually own a legit copy of MS Exchange).


    Check with your ISP - most residential service providers get all frowny
    when you do that, 'cause the can charge for that. More and more are also
    blocking inbound service ports to prevent the abuse I mentioned in the
    other response. While not trying to sound trollish, most people in the
    mail business are horrified at the idea of MSexchange servers connected
    to the Internet - they're way to easy to subvert.

    >It might be a great learning experience.


    Then again...

    Old guy
    Moe Trin, Nov 24, 2005
    #10
  11. Phil Nospam

    Winged Guest

    Phil Nospam wrote:
    > "Moe Trin" <> wrote in message
    > news:...
    >
    >>On Wed, 23 Nov 2005, in the Usenet newsgroup alt.computer.security, in

    >
    > article
    >
    >><RjSgf.4043$xD5.17613 >, Phil Nospam wrote:
    >>
    >>>"Moe Trin" <> wrote in message
    >>>news:...

    >>
    >>>One thing though...in the section where you wrote:
    >>>
    >>>>Now, send a mail to TWO (or more) people at once at the same address
    >>>>(meaning '' and '', and then notice the

    >
    > difference
    >
    >>>>in the headers. NEITHER NAME WILL APPEAR, but the crap will be

    >
    > delivered
    >
    >>>>just the same.
    >>>
    >>>I tried that and the header still revealed the name of the intended
    >>>recipient (addressed in the BCC field) in the header. Now it didn't

    >
    > reveal
    >
    >>>the name of the other blind recipients, just the one that actually

    >
    > received
    >
    >>>it as a blind recipient.

    >>
    >>Try sending it as multiple recipients in the 'To:' field, rather than the
    >>BCC, and make sure all recipients are located in the same domain (sending
    >>to '' and '' won't be the same - it must be
    >>'' and ''. Also remember that spammers are not using
    >>your 'user' grade software like Outlook. Can you really imagine some
    >>spammer sitting at a computer, and cutting/pasting the same message to a
    >>hundred people, and repeating this for the one to fifteen _million_
    >>recipients of a normal spam run? They're stupid, but not THAT st00pid.
    >>

    >
    >
    >> Old guy

    >
    >
    > Well, you can actually perform email merges between Excel and Word
    > (beginning with Office 2003) so they wouldn't have to cut and paste like
    > that. But I get your point. Maybe it's just time for me to get a new email
    > address. Or I could just get a domain name, set up my own web site and mail
    > server in my house (I actually own a legit copy of MS Exchange). It might
    > be a great learning experience.
    >
    > :)
    >
    >

    It is a learning experience, but you had better ensure your system is
    rubberized and properly configured. Setting up any server raises your
    target profile.

    Winged
    Winged, Nov 28, 2005
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. A. J. Moss
    Replies:
    3
    Views:
    2,253
    Another Airnet User
    Sep 19, 2003
  2. Sharon

    email address spoofing

    Sharon, Dec 20, 2003, in forum: Computer Support
    Replies:
    9
    Views:
    528
  3. Nick

    spoofing the e-mail address

    Nick, Mar 28, 2006, in forum: Computer Security
    Replies:
    8
    Views:
    638
  4. "Spoofing" an IP Address

    , Sep 26, 2007, in forum: Wireless Networking
    Replies:
    3
    Views:
    443
    Phillip Windell
    Sep 26, 2007
  5. Tony
    Replies:
    1
    Views:
    363
    David Hough
    Mar 4, 2004
Loading...

Share This Page