How do see the To: address on forwarded email without opening it?
August 24, 2017 9:07 AM   Subscribe

I have a domain, and give every company or website who needs an email address a different one. So if my domain is still-hat.me, Amazon sends email to amazon@still-hat.me, costco to costco@still-hat.me, etc. This theoretically lets me figure out who had let out my email address, as well as easily filtering anything to that address, if I started getting a lot of spam. Everything sent to any address in that domain gets forwarded to one gmail address.

I've suddenly started getting a lot of spam, and it's suspicious-enough looking that I don't want to open it. But I do want to know which address it's going to. I can't figure out how to do this in gmail.

I have the ability to stop the forwarding, and open the emails on my webhost, using either horde, roundcube or SquirrelMail, if that's any use.

Gmail isn't catching any of it as spam, I'm not sure why, but it's either emails from a phone number (including one of my old ones) with no subject, or emails with Russian subjects to a domain I think I once owned. I'm sure they're not legitimate, and not anything I should open. But I'd really like to know what address they're going to; if anyone has any suggestions, I'd appreciate them.

Thanks!
posted by still_wears_a_hat to Computers & Internet (7 answers total)
 
Set Gmail filters! Anything that gets sent to amazon@example.com gets an Amazon label. Anything sent to costco@example.com gets a Costco label. And so forth. Then when you look at your inbox, all these emails will have these labels on them as soon as they show up.

(You can even use the filters to have these emails skip your inbox, and then you can just go look at them when you feel like looking at them.)
posted by aniola at 9:14 AM on August 24, 2017 [5 favorites]


you can turn off images by default in gmail which should allow you to open the email without any image requests going out that would let them know you opened it.
posted by noloveforned at 9:20 AM on August 24, 2017 [10 favorites]


What are you worried will happen when you open a spammy email in Gmail?
posted by gregr at 9:23 AM on August 24, 2017 [5 favorites]


You don't need to stop the forwarding. Just configure a web client (you mentioned Horde, etc) to access the mailbox, and use whatever "look at raw message" functionality the client offers. You can forward entire messages without affecting the headers, so you can do this a number of different ways.

Congratulations on the strategy, by the way, it's effective and useful. A slightly more complex strategy here also cryptographically signs the address and creates a way to shut it off within DNS, making it impossible for a sender to randomly mess with the lefthand side, and making it easy to shut off a sender without having a mailserver have to process it. The leaks sometimes come from very interesting sources.
posted by jgreco at 10:41 AM on August 24, 2017 [2 favorites]


Can you just open the email through, say, the Mail app on an iPhone? I mean, I doubt just OPENING an email (without clicking on any attachments) can really do you much harm, but if you're truly worried, just check on a device that can't get viruses.
posted by rainbowbrite at 6:24 PM on August 24, 2017 [1 favorite]


On gmail it is safe to open the email so long as you don't open any attachments or follow any links. You don't need to block images as Google rehosts the images themselves.

To help load images safely, images go through Google's image proxy servers and are transcoded before they're delivered.

This makes images safer because:

Senders can’t use image loading to get information like your IP address or location.
Senders can’t use the image to set or read cookies in your browser.
Gmail checks the images for known viruses or malware.

posted by the long dark teatime of the soul at 4:19 AM on August 25, 2017 [1 favorite]


Thanks, everyone. I'm sure I'm being over-paranoid; I do have images turned off in gmail, but I just hate to open anything fishy on my laptop where I do all my important stuff. The server's web client will work, or my tablet. Filters would work if I hadn't given out so very many addresses, and if I'd kept track of them. Thanks again!
posted by still_wears_a_hat at 6:30 AM on August 25, 2017


« Older Identify Amsterdam busker   |   Taming fine, unruly 2A/2B/2C hair. Difficulty... Newer »
This thread is closed to new comments.