[LINK] Question re mail addressing

[Adam Todd]

At 07:38 AM 3/02/2007, rchirgwin at ozemail.com.au wrote:
>Linkers,
>
>A question has arisen on another list which I think is answerable by savvy 
>Linkers:
>
>>[deleted for author's privacy] complaining about his ISP allowing through 
>>spam emails that are not specifically addressed to him.
>>
>>Eg his email address is joe.bloggs at myisp.com <mailto:joe.bloggs at myisp.com>
>>
>>But he is receiving spam addressed to joebloggs51 at myisp.com 
>><mailto:joebloggs51 at myisp.com> or joesblogg at myisp.com 
>><mailto:joesblogg at myisp.com> etc
>>
>>The ISP describes it as dictionary spam where the spammer uses every 
>>possible variation of a name in the hope of getting a hit and they just 
>>let them through while filtering other spam.
>So the question is:

Actually the first question is any of the following:

CC:  although you didn't indicate if the email had a CC list.

BCC:  he won't see anything, just the "wrong" TO address and will be 
oblivious to the hundreds of other recipients.

The Spamner has an elaborate .forward server :)  Don't laugh, I've seen this!


Or is the ISP using UserName wild cards and sending anything that isn't 
related to the specific user account to the user.  This is not unheard of.

What if there are two Joe Bloggs on the server?  Will both their mail be 
sent to both accounts?

This ISP needs to be brought into line IMMEDIATELY with the law!  Not to 
mention pure basic ethics!

Is Joe Bloggs using his own domain name?  Or is the email address actually 
the ISPs domain name?  This is an important question for the alternative 
option that the ISP has set up virtual email for the user and is 
appropriately using a wild card for *@domain.name  address catching.

I use to do this, but now provide my users with a web page they can list 
ALL the usernames they like, and remove those that end up on spam lists.

Sadly I no longer allow *@ wild cards :(

>how can the message arrive at my inbox if it doesn't have my address in 
>the To: field? A mail server so badly configured that it delivers stuff to 
>"nearby" addresses is hard to credit, so I am assuming that the spammer is 
>obfuscating the To: field - is that possible?

Actually it is possible, but in the example you give above, it's unlikely.

I often get email addressed to (and from) totally unrelated addresses not 
even in my domain.  It is possible to use a BCC header to force a message 
to be magically delivered to a destination, without the TO or FROM 
containing your email address.

This is a PITA!

The even worse, and now exponentially growing method is to actually use 
special written software that acts as an SMTP server.

You create your "email" with any two random To/From addresses.  Then you 
have your software read in a list of "Destination" addresses.

It connects to the remote server, starts the handshake and when it's 
required to say who the message is going to, in it pops your address.  Your 
SMPT server  thinks "Coolies got one for Joe" and starts to suck it in.

This is like ordinary Snail mail.  The Envelope (that described above) has 
your details on it, but the content might be someone else's bank statements 
slipped in by mistake!

(Shame email doesn't have clear window envelops huh!)

I haven't had time recently to really explore the idea of checking Envelope 
verse contents.  I suspect it can't be put into practical use because of 
the way BCC works.

IN BCC, the sending SMPT servers uses the BCC address to create an envelop 
to the destination address, but the BCC is not copied through in the 
contents (headers) of the message.

Without that ability we'd never be able to send BCC's.

It's all just a variation on the BCC loophole for Spamers.


>( I suspect the ISP's call centre has no idea and is just giving whatever 
>answer seems plausible )

Unless Joe has his own domain name and a wild card entry in the virtual 
tables.