Thread: New Spam
View Single Post
  #8  
Old September 1st 08, 07:38 PM posted to microsoft.public.windows.inetexplorer.ie6_outlookexpress
VanguardLH[_2_]
external usenet poster
  
Posts: 1,313
Default New Spam
Janetb wrote:

I suddenly started getting a huge amount of spam not addressed to my email
address (I'm not in the TO: line). They are all to different addresses. I
don't know if there is any connection, but it started after I used my service
provider's website to view my mail when I was on vacation. What can have
caused this and is there a way to stop getting these letters? At present I
have a message rule to delete them, but I would rather not get them. Can't
have them deleted at server because of my AVG. In any case I sometimes do get
wanted letters not addressed to me, so I would like to find something common
to all the new ones that will allow me to deal with them separately.

Thanks for any help!
Janet
XP Prof
OE 6

The To, Cc, and Bcc headers are NOT used in specifying the actual
recipient of an e-mail. Those are "headers" contained within your
message. A normal (non-hacked) e-mail client will take the recipients
listed in those *fields* in its UI to compile an aggregate list of
recipients. It then sends a RCPT-TO command for each recipient to the
sending mail host. That is followed by a single DATA command that
contains the data of your message (and that includes those "headers").
The recipient never gets to see the list of RCPT-TO commands that were
issued to the sending mail host. So you may have never been a specified
recipient. Bulk mailing, listserver, and mailer trojans don't care
about what is in the data of a message, and that means they don't care
about the headers *within* that message. They will issue their own
RCPT-TO commands based on whatever list they want. In fact, this is how
listservers work. The owner of an account maintains a mailing list of
recipient. The owner then submits a new message (data) to their account
and each recipient in the separate list gets a copy. So it doesn't
matter what might've been in the To, Cc, and Bcc *fields* when they
composed their message *data* that got sent to the listserver. That
means the list of recipients in the *data* headers within the message
won't match up and are not used by the listserver that gets the list of
recipients from a separate file. The RCPT-TO command says who is the
recipient. It might match up with what the e-mail client found in the
"headers" within the message or from fields in its UI, it might not.

So the spammer can put anything they want in the To, Cc, and Bcc fields.
That has nothing to do with the actual RCPT-TO commands that got sent to
the sending mail host.

So where did you use a host to use the webmail interface to your
account? Public libraries, Kinkos, and similar places are probably safe
but how do you know the place you used their host didn't run a
keylogger? Did you use someone else's host to use a web browser, or did
you tote along your own laptop? When you logged in, did you do so using
HTTPS (or where the form data got submitted to an HTTPS site) to prevent
anyone on their network that you used from sniffing out your clear-text
login credentials?
Ads