Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Spam information please

Status
Not open for further replies.
StressedTechie

StressedTechie

Technical User
Jul 13, 2001
367
GB
I am responsible for releasing emails blocked by our mail monitoring software. I am noticing on regular occasions that spam is entering our system and seems to be trying name variations. ie say we have a johnsmith@domain.com, a janedoe@domain.com, a Timjones@domain.com and a barrylloyd@domain.com then messages seem to come in addressed to johndoe@domain.com, john@domain.com, timlloyd@domain.com etc it seems to be trying differnt name variations until it gets it right. These are all being blocked so I am not worried just interested to know how Spam tries and knows about these variations.

Cheers
 
Sort by date Sort by votes
i have heard that you can disable the "catchall" email function. that way incorrect (spam) emails will bounce and lessen the amount of spam you continue to get.
 
Upvote 0 Downvote
That brings to mind something I've seen in spam I have received....

Addressee in the "To:" address block does not have to have any connection to the address to which the email is being sent. I see a lot of spam messages arrive at my mailbox with strange addresses in the "To:" field, but when I check my mail server logs, I find that the actuall recipient (the one whom the "rcpt to" SMTP keyword specified) is my address.

I don't know why spammers do this -- perhaps it's to muddy the waters for the "average" user.



Want the best answers? Ask the best questions! TANSTAAFL!
 
Upvote 0 Downvote
It's using the BCC (blind carbon copy) feature of SMTP mail, and they do it so that you can't see the gazillion other real email messages they also sent the message to. It makes it look more 'authentic'. So yes, in a way, to muddy the waters!

The SMTP mail protocol was designed in the days when people trusted other people, and thus doesn't have any security or authentication built into it. It relies on people being honest about who they are when they send email, so it's easy to abuse.
 
Upvote 0 Downvote
Actually, it does have the ability for authentication. But the RFC says it should be anonymous by default.

What appears to be happening here is a mediocre directory harvesting. I see that all the time.

Don't configure a catch all account, and have the filtering software bounce everthing that doesn't match with an account.

And disable your OOF (out of office) to the Internet (if you enabled it on your mail server).

Pat Richard, MCSE(2) MCSA:Messaging, CNA(2)
 
Upvote 0 Downvote
58sniper,
And disable your OOF (out of office) to the Internet (if you enabled it on your mail server).
Click to expand...

thanks, i forgot to mention that. it is one sure way to let spammers know of a valid email address.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dik
  • Locked
  • Question
Spam Messages 4
Replies
16
Views
498
AlissaStark
AlissaStark
camster39
  • Locked
  • Question
GoDaddy email Spam
Replies
1
Views
124
ChrisHirst
ChrisHirst
technome
  • Locked
  • Question
Outlook 2010 block tmall.com spam
Replies
4
Views
185
technome
technome
raygg
  • Locked
  • Question
How to filter unwanted Chinese language spam
Replies
0
Views
87
raygg
raygg
guitarzan
  • Locked
  • Question
Mail is going to spam in gmail only
Replies
3
Views
132
guitarzan
guitarzan

Part and Inventory Search

Sponsor

Back
Top