|Thread Links||Date Links|
|Thread Prev||Thread Next||Thread Index||Date Prev||Date Next||Date Index|
As Pat points out, the
"from" in the email header can be contain anything, it has not
connection with the actual source. You can't draw any meaningful
conclusion from the "from" field of the email header. |
These SPAM generators do not need to 'hack' anyone's email account. It is equally common to harvest valid email addresses with sniffers - mail hearers traverse the public internet in the clear having their content scraped by billions of sniffers as they circulate the world wide web. It is there for the taking, with far less effort than hacking an email account or server. You need not have exposed your account, nor had any of your contacts "hacked", only used the same email address for a while.
I've explained this to IT depts world wide as my domain has been blacklisted repeatedly through no fault or action of myself or anyone I may or may not have had legitimate email exchanges between. It is sufficient that it has been circulated around the web over 20 years. "blacklisting" an address or even a source server IP provides no protection from the evil SPAM bots at all, it only inconveniences your users and the victim who's address or server has been spoof'd.
Other popular sources for scraping legitimate looking email addresses include web pages that list a contact email, publicly available documents that list a contact email, email reflectors that have archives and compilations publicly available, etc. Thus I've seen numerous bogus spams from "ieee.org"
Welcome to the club of mistaken identity, Paul. You are not alone.
On 3/1/2016 1:38 PM, Pat Thaler wrote:
---------- This email is sent from the 802 Executive Committee email reflector. This list is maintained by Listserv.