Fake Address?
March 29, 2006 4:08 PM
How can I determine whether or not an email address is real without the owner (assuming it's real) knowing that I checked it?
I am getting malicious emails from a certain email address. I'm wondering whether or not the email address is real, or just spoofed. It is a Yahoo address, if that helps. I need to know whether or not it is a real address, but I don't want the person sending the emails to know that I'm even responding at all.
I know that I could just block the email - but the problem with that is that these emails are going to an email list that I maintain that has about 80 members on it. So, simple blocking on my machine won't help. I don't want to block it from the whole list until I determine whether or not it's real.
I know my reasons may not make sense, but there are other factors at play too. My question is: How can I know whether a given email address is real or not? Thanks.
I am getting malicious emails from a certain email address. I'm wondering whether or not the email address is real, or just spoofed. It is a Yahoo address, if that helps. I need to know whether or not it is a real address, but I don't want the person sending the emails to know that I'm even responding at all.
I know that I could just block the email - but the problem with that is that these emails are going to an email list that I maintain that has about 80 members on it. So, simple blocking on my machine won't help. I don't want to block it from the whole list until I determine whether or not it's real.
I know my reasons may not make sense, but there are other factors at play too. My question is: How can I know whether a given email address is real or not? Thanks.
Without sending mail to it there's no way to find out. And sending mail to it isn't a sure-fire way either.
posted by aubilenon at 4:15 PM on March 29, 2006
posted by aubilenon at 4:15 PM on March 29, 2006
Try the email tester at DNS Stuff. It's the bottom box in the middle column.
posted by sideshow at 4:21 PM on March 29, 2006
posted by sideshow at 4:21 PM on March 29, 2006
Actually, I spoke too soon. My work's current frontend mailservers give a false positive because they accept everything. My old mailservers would reject any address that didn't go to a current user so this test worked better for that.
This will show if there is a mailserver setup for the domain at least.
posted by sideshow at 4:25 PM on March 29, 2006
This will show if there is a mailserver setup for the domain at least.
posted by sideshow at 4:25 PM on March 29, 2006
Just try and sign up for that email address. If it's taken, then it's real.
posted by lpctstr; at 4:28 PM on March 29, 2006
posted by lpctstr; at 4:28 PM on March 29, 2006
Sideshow's answer is the best approach. Most of what an expert would do the hard way through command line utilities to figure this out, the email tester at DNS Stuff does automatically.
posted by George_Spiggott at 4:38 PM on March 29, 2006
posted by George_Spiggott at 4:38 PM on March 29, 2006
Alright, I'm a techno-'tard, but when I get junk I forward the yahoo based addresses to yahoo at abuse@yahoo.com with the full headers. If it's a spam account they will delete it and the sender doesn't know you forwarded it. Does that help?
posted by 45moore45 at 5:47 PM on March 29, 2006
posted by 45moore45 at 5:47 PM on March 29, 2006
When you say the mails are malicious, do you mean they're (a) personally abusive (b) or virus carriers (c) spam (d) other?
If (a), setting your email list manager to silently discard messages from that address is probably the right thing to do. People who are thick enough to waste time sending repeated abusive mails are often too thick to know how to spoof an email address.
If (b), it's likely that the mails aren't coming from the owner of the sending address, but from somebody else's infected computer that just happens to include that address in its address book. Blocking the sender, in this case, incurs a significant risk of punishing the wrong person.
If (c), the sender's address is probably meaningless, and blocking it is probably just a waste of effort.
posted by flabdablet at 6:03 PM on March 29, 2006
If (a), setting your email list manager to silently discard messages from that address is probably the right thing to do. People who are thick enough to waste time sending repeated abusive mails are often too thick to know how to spoof an email address.
If (b), it's likely that the mails aren't coming from the owner of the sending address, but from somebody else's infected computer that just happens to include that address in its address book. Blocking the sender, in this case, incurs a significant risk of punishing the wrong person.
If (c), the sender's address is probably meaningless, and blocking it is probably just a waste of effort.
posted by flabdablet at 6:03 PM on March 29, 2006
DNS Stuff's tester won't work for the same reasons outlined above:
Trying to connect to all mailservers:
mx1.mail.yahoo.com. - 4.79.181.15 [Successful connect: Got a good response [250 recipient <asdsgsdfhsdfsdfafasdfasdfsdafsfd@yahoo.com> ok]] (took 3.391 seconds)
mx1.mail.yahoo.com. - 4.79.181.14 [Successful connect: Got a good response [250 recipient <asdsgsdfhsdfsdfafasdfasdfsdafsfd@yahoo.com> ok]] (took 2.578 seconds)
mx1.mail.yahoo.com. - 67.28.113.11 [Successful connect: Got a good response [250 recipient <asdsgsdfhsdfsdfafasdfasdfsdafsfd@yahoo.com> ok]] (took 0.469 seconds)
mx1.mail.yahoo.com. - 67.28.113.71 [Successful connect: Got a good response [250 recipient <asdsgsdfhsdfsdfafasdfasdfsdafsfd@yahoo.com> ok]] (took 0.453 seconds)
posted by kcm at 6:06 PM on March 29, 2006
Trying to connect to all mailservers:
mx1.mail.yahoo.com. - 4.79.181.15 [Successful connect: Got a good response [250 recipient <asdsgsdfhsdfsdfafasdfasdfsdafsfd@yahoo.com> ok]] (took 3.391 seconds)
mx1.mail.yahoo.com. - 4.79.181.14 [Successful connect: Got a good response [250 recipient <asdsgsdfhsdfsdfafasdfasdfsdafsfd@yahoo.com> ok]] (took 2.578 seconds)
mx1.mail.yahoo.com. - 67.28.113.11 [Successful connect: Got a good response [250 recipient <asdsgsdfhsdfsdfafasdfasdfsdafsfd@yahoo.com> ok]] (took 0.469 seconds)
mx1.mail.yahoo.com. - 67.28.113.71 [Successful connect: Got a good response [250 recipient <asdsgsdfhsdfsdfafasdfasdfsdafsfd@yahoo.com> ok]] (took 0.453 seconds)
posted by kcm at 6:06 PM on March 29, 2006
crapples: why don't you just limit access to the mailing list? Whoever is doing it can just get a new yahoo address pretty easily.
Anyway, lpctstr;'s idea is probably the best for any freeemail account.
posted by delmoi at 11:02 PM on March 29, 2006
Anyway, lpctstr;'s idea is probably the best for any freeemail account.
posted by delmoi at 11:02 PM on March 29, 2006
if it's a yahoo address, just go to:
http://profiles.yahoo.com/[first part of email address here]
posted by modge at 9:49 AM on March 30, 2006
http://profiles.yahoo.com/[first part of email address here]
posted by modge at 9:49 AM on March 30, 2006
This thread is closed to new comments.
Send mail to the address, if it's not real, it'll bounce.
(you could also do this with a straight telnet session)
posted by madajb at 4:10 PM on March 29, 2006