Subscriber Roger Goodchild wrote me recently to ask about email problems. He was receiving emails that claimed to be from one of his email addresses — but which were spam emails.
A couple of days ago I got an e-mail from one of my contact asking me if I had intended sending her the same e-mail twice, this confused me slightly as I hadn’t sent her any e-mails for quite a while.
Anyway I went to look at my e-mail sent folder to check what she was on about, before I got to look i noticed two e-mails in my in box from one of my other e-mail addresses, when I opened one of them I noticed that it had also been sent to a number of my contacts as well, what was in the e-mail was a hyperlink that went to Canadian Pharmacy web site advertising "those" pills.
I most certainly did not send those e-mails, so how can they have been sent with my name supposedly as the sender? I thought I had stopped this by doing a complete scan on my computer of everything, but today I have got some more e-mails from my other e-mail address for the same thing with more of my contacts showing as having been sent the same e-mail.
Have you any idea how I can stop this permanently ?
I wrote back to Roger to tel him that the junk mail people often grab any address they can find to use as a From address. They often send their junk emails using the same From address that they use for the To address. That way, they think you’re more like to open and read the email.
With spam, about the only thing you can be sure of is that the "From" address is not really where the email came from.
Many times, it’s just an address they bought from some other spammer. Other times, they’ve hacked someone’s email account or computer and are actually sending from their computer.
The only way to know for sure (assuming it’s not your email address, as was the case with Roger) is to check the Email "headers" to see if the email originated really originated from a mailserver that you use.
The mail headers show each of the mailservers through which an email has passed – both by name and by IP address — and at what time it transfered to and from that mailserver.
For example, if your email address was "firstname.lastname@example.org" and your outbound email server for Internet email was something like smtp.aol.com, you look for that as the outbound mailserver in the headers.
If the headers show that the email started with some other mailserver — say somewhere.example.com – then you know it really didn’t come from your computer.
Since Roger uses AOL for his email, he needed to know that AOL is somewhat different. AOL has had their own proprietary email system for a long time. Their system has mailservers that act as gateways for email going out to the Internet and inbound to AOL’s system. Their Internet mailservers convert the email from their internal formatting to the Internet-standard format.
The AOL internal mail system may drop the headers from the Internet emails. I don’t know and I don’t use AOL. I’m going to assume that AOL retains these along with the message, since they’re a critical piece of information when you are trying to figure out what went wrong…
If you have a non-AOL account, send an email from your AOL account to the non-AOL account, so you have an example of what your headers should look like on emails originating from your computer.
In Roger’s case, if the other email address (the one that was being reported as the From address in the spam) is on another mailserver (such as Gmail or Yahoo Mail), then he can log into that system and send an email from it to his AOL account to see what the headers look like.
In answer to his final question "Have you any idea how I can stop this permanently ?", unfortunately, you can’t.