Visit Us · Contact Us

  • Information Technology Services
    Hines Hall 101
    Staff Listing
  • Help Desk Locations
    FSA - Hines Hall 101
    Students - Standish Library

Spoofed E-mail addresses

Many viruses and spammers "spoof" the e-mail address in the "From:" field. It's trivial for a program to pick out an e-mail address and say the message is from that address.

This can cause various problems.  The most common one is when the spoofed e-mail is bounced. In the early days of the Internet, it was considered good manners to tell people if they sent an e-mail to the incorrect recipient, so servers had automatic bounce messages. Most have turned off this feature due to spam,* but there are a few that still keep it operating. If a message is sent to these servers, you may get the bounce message.

A typical bounce message is shown below.

Typical Bounce Message

 

There are several things to remember about bounce messages.

  • It is not a sign of anything wrong with your system.  The e-mail address was chosen at random on another computer.
  • The bad news is that there isn't a lot to do to prevent them.  The problem is occuring on a computer outside of Siena's network and a server with no connection to Siena. The good news is that the mailstorm will end in a few days, as the spammers switch to a new "From:" address.
  • Occasionally, you may get a message that you are infected with a virus. It is meaningless. Some antivirus software sends out this notice, but viruses spoof e-mail addresses, too, so this warning has been discontinued on anything but very old systems.

Other ramifications of spoofed e-mail addresses:

  • Never trust a sender. Viruses spread by sending attachments, and often use a spoofed address -- either from someone you know, or from an authority figure (administrator@domain.com) to try to get you to click on it. ITS only sends out e-mail from personal addresses, not general ones like "administrator," "webmaster," etc.
  • If you get an obvious virus from someone you know, it does not mean he or she is infected.

You must be alert to this issue.

* In addition to filling inboxes of people with bounce messages, it also allowed spammers to gather e-mail address  A spammer would sent messages to millions of random addresses (e.g., aaa@foo.com, aab@foo.com, aac@foo.com, etc.) at a server.  They would get bounce messages for 999,900 of these.  Then they'd compare the list the sent to the list of bounced messages and find 100 addresses that didn't bounce.  Viola -- a hundred good addresses to sell to other spammers.