Spam header question

Spam header question

Posted by: shoshanna
Posted on: 2006-02-18 12:49:00

I don't want to paste the header here, but I'm looking at an email sent to a client named "Jane". Jane has an email address set up at jane@domainname.com.

In the headers, it looks like the message was sent to jAne@knife.dreamhost.com. I don't see domainname.com anywhere in the headers. Did this spam just go to any user named "Jane" on knife.dreamhost.com? Or is her real email address somehow hidden so that I can't see it in the header?

Re: Spam header question

Posted by: Atropos7
Posted on: 2006-02-18 16:09:00

In reply to:

In the headers, it looks like the message was sent to jAne@knife.dreamhost.com. I don't see domainname.com anywhere in the headers. Did this spam just go to any user named "Jane" on knife.dreamhost.com? Or is her real email address somehow hidden so that I can't see it in the header?

The latter. When a message is sent, the recipient is specified separately. The "To" header does not necessarily reflect the recipient.

However the "To" header may be modified when the message is being delivered. You see, "Jane" is not an e-mail address. So to make it an e-mail address, a hostname needs to be added, thus you'll get "To: Jane@hostname" if the message headers were originally "To: Jane". Sometimes you'll even get spam addressed as "To: Buy@hostname, Our@hostname, Crap@hostname" because of this.






cool Perl / MySQL / HTML+CSS

Bcc: can do this, too

Posted by: sdayman
Posted on: 2006-02-18 17:14:00

Often when my address doesn't show up in the To: field, it's because the sender put it in the Bcc: field, which doesn't show up in the headers.

-Scott

Tags: email addressdreamhostdomainnameheadersspam