What if I get spam from myself?
April 9, 2005 10:34 PM   Subscribe

Both at work and at home, I occasionally get spam where the return address is my own. I'm guessing spammers mine for valid email addies to make their messages appear more legit, but it still kind of bothers me that spam is going out under my name. Should I be worried about this, or is it just a case of harmless techno-stress? Is there a fairly simple way of preventing this?
posted by Doohickie to Computers & Internet (4 answers total)
 
You can't really prevent it.

There's a system called SPF whereby the owner of a domain can specify (in DNS records) what servers their email is supposed to come from, so forged emails could be detected by the recipient. It's probably optimistic to think that even 1% of recipients have email clients which actually verify this, though.

The actual problem of having spam sent out as you is called 'joe-jobbing', and there are no good solutions... SPF has some amount of implementation, but not enough. DomainKeys is a better system, but is even less widespread.

It's relatively harmless... unless you're a business, just accept that it happens. If you're a business... publish an spf record, and then accept that it'll happen anyway.
posted by mosch at 10:46 PM on April 9, 2005


I've been "selling" V!a.gr4 and pr0n for several years know, and so have a few of my colleagues. It was quite stressful at first but yes, it's pretty harmless, probably because it happens to so many people. A couple of people reported being sent viruses by "me", that's all.
posted by elgilito at 12:54 AM on April 10, 2005


Okay. Thanks. That backs up what I thought, but I was wondering if there was any way to stop it. Sounds like.... probably not.
posted by Doohickie at 12:44 PM on April 10, 2005


To restate: the "From" address in an email is easily spoofed (forged). If you get an email that is "From" (say) John.Smith@someplace.org, that does not mean that Mr. Smith sent the email, or even that his computer was involved, or even that someplace.org exists.

Analogy: you get a paper letter (postal service) that has a return address of "John Smith, 123 Main Street, Anytown, USA, 12345". There is absolutely no guarantee (by the postal service or anyone else) that 123 Main Street in Anytown even exists, let alone that a Mr. Smith, of that address, actually sent you the letter.

So, to answer your question - no, you shouldn't be worried about this (since worrying isn't constructive here). Can you prevent this - no, except for SPF (which is relevant only if you control the mail server, something most people - using an ISP - do not), and which (as noted above) probably makes little difference at this point in any case.

In short - if people think you sent them email when you did not, because of a forged "From" addresss, the problem is their ignorance, rather than something that is within your control. The best you can do is tell them is to run a google search on

forged email return address and educate themselves.
posted by WestCoaster at 12:51 PM on April 10, 2005


« Older Losing my singing voice   |   durable audio media Newer »
This thread is closed to new comments.