[LINK] Question re mail addressing

Kim Holburn kim.holburn at gmail.com
Sat Feb 3 08:54:02 AEDT 2007 

Almost every email has a To: field, but the email also has an address  
it is really being sent to (the target address) and those are not  
necessarily the same.  For instance if you have a forward in an  
account the email ends up being delivered to the forward address or  
if you are in a mailing list like link the To: address will be  
link at anu.edu.au but it is really being delivered to you.  Sometimes  
you can see the real target address in the received headers but not  
all mail servers add this in.

When a client talks to a mail server usually it asks the mail server  
to create the target email addresses from the headers of the email  
(To:, Cc: and Bcc:) but it can also set the target address of an  
email to one unrelated to the headers.

On 2007/Feb/02, at 9:38 PM, rchirgwin at ozemail.com.au wrote:
> A question has arisen on another list which I think is answerable  
> by savvy Linkers:
>
>> [deleted for author's privacy] complaining about his ISP allowing  
>> through spam emails that are not specifically addressed to him.
>>
>> Eg his email address is joe.bloggs at myisp.com  
>> <mailto:joe.bloggs at myisp.com>
>>
>> But he is receiving spam addressed to joebloggs51 at myisp.com  
>> <mailto:joebloggs51 at myisp.com> or joesblogg at myisp.com  
>> <mailto:joesblogg at myisp.com> etc
>>
>> The ISP describes it as dictionary spam where the spammer uses  
>> every possible variation of a name in the hope of getting a hit  
>> and they just let them through while filtering other spam.
>>
> So the question is: how can the message arrive at my inbox if it  
> doesn't have my address in the To: field? A mail server so badly  
> configured that it delivers stuff to "nearby" addresses is hard to  
> credit, so I am assuming that the spammer is obfuscating the To:  
> field - is that possible?

To test if it is the ISP try sending him a few emails to some of the  
pretend addresses.  I remember having an email server that used  
netscape ldap with soundex so it would deliver to like sounding  
addresses.  This was both useful at times and at odd times created  
some confusion.

> ( I suspect the ISP's call centre has no idea and is just giving  
> whatever answer seems plausible )



--
Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294  M: +39 3342707610
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

Democracy imposed from without is the severest form of tyranny.
                           -- Lloyd Biggle, Jr. Analog, Apr 1961

More information about the Link mailing list