Email Spoofing!

I started up my mail program, walked away, and came back a moment later to see that it was downloading hundreds of bounced emails.

What the frack?!?!

I canceled the session and hopped over to my web email reader. There in my mailbox were hundreds more. I checked the headers and saw what I knew I would find. I was the unlucky recipient of a spammer’s use of “Email Spoofing” (also “Email Fraud“).

Luckily the jerkhole only forged the “From:” field and didn’t break into my mail server. For those not familiar with “spoofing”, it’s possible to fake the “From:” header of an email. That makes it appear as if the email came from that address rather than the actual sender. This is done to mask the actual source of the email. Spammers will use this technique as well as “Phishers“.

So for those of you that appeared to receive a spam from my domain, I apologize, but it wasn’t from me.


  1. Hans

    Luckily they only used a fake address on my domain. I took a look at a few of the headers of returned mail and didn’t spot the same IP. Otherwise, I would have done a little more groundwork to shutdown the spam server.

  2. jim

    Unfortunately the spoofing is relatively common and one of a jillion techniques used by spammers. It’s freaked me out the first few times I’ve seen it, but there’s nothing you can really do about it. Did the nimrod use your real email address, or a fake name?
    At best, you can look at the headers and figure out the originating IP address, but it’s usually a zombie computer (someone running unpatched/exploited Windows machine). I’ve gotten two of these shut down, but it’s a hassle.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.