Quote:
Originally Posted by burger
I have Outlook and I'm wondering does anyone have any insight into what's happening with these spam messages that can't be blocked because the address is invalid...
|
When you say you "have Outlook", do you mean that you use the Microsoft outlook.com/hotmail.com/live.com email provider (with an email address at one of those domains) or that you are using the Outlook email client installed on your PC with a different email provider? Since "outlook" is two different products from Microsoft (an email service and a software product) I'm not sure which you meant.
Much random spam comes with the From header set to a pseudorandom email address. Since you are unlikely to get two messages with that same From address,
it may not be useful to block such random one-time spam. Valid commercial senders which repeatedly send you advertising you don't want are best dealt with by using the typical
unsubscribe link at the bottom of the message.
When you say that the address is
invalid, random spam (where the sender doesn't care about getting a delivery failure notification) is sent with either an empty or fake From address. There are two From and To addresses:
- Envelope From and To: When someone sends you an email, their email provider SMTP server connects to your email provider email server. For example, if you have an outlook.com email address they are connecting to a Microsoft receiving SMTP server. The sending server first identifies the envelope From address (used when there are delivery problems which need to go back to the sender) and an envelope To address (used to tell your email provider the exact destination mailbox, such as your outlook.com address). The envelope From and To addresses are not normally displayed to you when you read an email.That's why you can receive an email sent via BCC.
- The header From, To, and Cc addressing fields: These are shown to the recipient. The From address is commonly the address which is used when you sent a reply to the sender. Anything can be placed in these fields by the sender. This confuses recipients sometimes, since they can't see why they received the message since it doesn't appear to be sent to them, and they can't reply to the bad From address. That's just the way it is.
Quote:
Originally Posted by burger
..another example of email's I can't block are when they use my own email address to message me, how does that even work ?
|
As I noted above, the From header can contain anything. A spammer can send messages to anyone spoofing (faking) your From email address.
The
backscatter spam that David mentioned is when a spammer spoofs your email address in the envelope From and/or header From for their messages to innocent people. The innocent destination email system (or recipient) "bounces" a message back to the sender (which is
your email address). Some email systems have a special backscatter filter which will file the bounces into your spam folder, but usually there is nothing you can do about this.
Most email systems use antispam filters and other systems to eliminate some of these messages, but it's impossible to completely eliminate them using our current email standards. There are newer standards (SPF, DKIM, and DMARC) which can help, but these are not used by all systems and they still don't solve the problem of a spammer who sets up their system so it generates perfectly good looking messages using SPF/DKIM/DMARC but contains damaging content (such as a phishing link). If you want to receive
only email from a few known senders which use SPF/DKIM/DMARC, you can block all spam. But most of us want to receive random incoming messages from senders we haven't preidentified, and so some spam is still possible in your Inbox even with good antispam filtering. The spammers are very ingenious! It's the email equivalent to "fake news".
Bill