Email address hijacking/abuse
#1
Scooby Regular
Thread Starter
Email address hijacking/abuse
I have a Freeserve email address and over the last couple of days I have started receiving "Returned Mail; User Unknown" emails that contain long lists of addresses that I have apparently tried to email with spam. The From address in the undelivered emails is my user name but the bit before the @ is just the usual spam gibbereish eg. w992hci@ etc etc.
Using Telnet I have established that I too can send email from any existing freeserve address I like without it being immediately traceable back to me. No password is required. It would seem then that we're I unscrupulous I could email people pretending to be somebody else and, unless they could identify IP addresses out of email headers, they would never know who it was from...?
Now, this maybe old hat in IT land but can this be done from any email server/host/whatever? Surely this is a bit daft? My email address will, I'm sure, eventually become listed as a source of spam and get blocked won't it?
Using Telnet I have established that I too can send email from any existing freeserve address I like without it being immediately traceable back to me. No password is required. It would seem then that we're I unscrupulous I could email people pretending to be somebody else and, unless they could identify IP addresses out of email headers, they would never know who it was from...?
Now, this maybe old hat in IT land but can this be done from any email server/host/whatever? Surely this is a bit daft? My email address will, I'm sure, eventually become listed as a source of spam and get blocked won't it?
#2
SimonH, what you're describing is e-mail "spoofing". Unfortunately, the underlying protocol used to send Internet mail (SMTP - Simple Mail Transfer Protocol) is inherently insecure (remember it's been around for a long time, and was designed to send simple documents between research groups).
There are things that can be done to get a better idea of whether the sender is genuine, for example, reverse IP lookup (converting the connecting user's IP address to an Internet domain, then checking it matches the mailfrom field), but this feature is generally turned off on ISP mail servers, 'cause it's slow.
There are various extensions to SMTP which provide a lot more security (public key encryption, Etc), but these won't be available on the typical ISP mail server.
And of course, don't forget, that a lot of spam and viruses these days are sent by innocent, unaware Internet users, whose PCs are running lovely little trojan mail engines, some of which are clever enough to be controlled remotely.
The Internet. What a lovely place.
Nog
There are things that can be done to get a better idea of whether the sender is genuine, for example, reverse IP lookup (converting the connecting user's IP address to an Internet domain, then checking it matches the mailfrom field), but this feature is generally turned off on ISP mail servers, 'cause it's slow.
There are various extensions to SMTP which provide a lot more security (public key encryption, Etc), but these won't be available on the typical ISP mail server.
And of course, don't forget, that a lot of spam and viruses these days are sent by innocent, unaware Internet users, whose PCs are running lovely little trojan mail engines, some of which are clever enough to be controlled remotely.
The Internet. What a lovely place.
Nog
#3
Originally Posted by Nog
SimonH, what you're describing is e-mail "spoofing". ...
Don't want to change my email address(es) as it is anything@mysurname.com.
Someone suggested that I only let my mail client (Thunderbird) pick up martin@mysurname.com, wifesname@mysurname.com etc etc - but at the mo, I can just give out any email address I want and it all turns up in Thunderbird.
Very
Martin
#4
Scooby Regular
Originally Posted by Nog
And of course, don't forget, that a lot of spam and viruses these days are sent by innocent, unaware Internet users, whose PCs are running lovely little trojan mail engines, some of which are clever enough to be controlled remotely.
The Internet. What a lovely place.
Nog
The Internet. What a lovely place.
Nog
#5
Scooby Regular
Join Date: Sep 2001
Location: Kingston ( Surrey, not Jamaica )
Posts: 4,670
Likes: 0
Received 0 Likes
on
0 Posts
I'm up to around 150 a day of 'returned' messages. They're all spoofed from: addresses and none of it is sent from my machines.
A good mail filter is about all you can use, short of dropping the address/domain completely.
Steve
A good mail filter is about all you can use, short of dropping the address/domain completely.
Steve
#6
Originally Posted by stevem2k
A good mail filter is about all you can use,..
Steve
Steve
....am I going to start receiving emails sent to abuse@mysurname.com telling me to stop sending spam emails
..and what do I do then? Just say it wasn't me - it was someone else!
Thread
Thread Starter
Forum
Replies
Last Post
oilman
Trader Announcements
15
01 October 2015 11:55 AM
Pro-Line Motorsport
Car Parts For Sale
0
27 September 2015 11:19 AM