Quick Fix Blog

Spam and those NDR's that say I sent an email....

Friday 15th February 2008 10:20 AM

We've all had emails in our inbox saying we tried to email someone we've never heard of and that the email couldn't be delivered, what are they? Well, simply put, they are the result of spammers trying to send junk to people who don't exist.

One of the major characteristics of the emails which spammers' send out is the fact that they spoof the original email senders address.

If that spam then can't be delivered it's natural for the Internet to send a Non Delivery Report ( NDR ) to who it thinks the sender was... you....

The fact that you get the NDR in no way means that you sent the original email, just that your email address was chosen as a spoof.

The address that is chosen to spoof from is usually taken at random from the list of email addresses that the spammer is sending his junk out to, so it's not uncommon for you to get several or several 10's or even several 100's per day saying you sent the original email. Usually the spoofed address will change at random and often, but if your address is used just for 10 minutes it could be responsible for 1000s of spam messages going out.

The process of spoofing your senders address is really quite easy to do but the ISP's and the people who manage the servers which accept emails for delivery to the Internet have put in place safeguards to stop people 'spoofing'.

Simply put, a rule has been accepted amongst the Internet that whoever supplies your connection to the Internet also supplies an SMTP server for you to post out your email messages, the ISP can then check if you are a spammer and take action to stop you.

Sometimes you 'roam' around the country or globe with a laptop and your connection method to the interenet changes, it would be unreasonable to expect you to change your Outlook settings every time you visit a new hotel, business or Interenet Cafe, with that in mind, you can purchase the use of an SMTP relay, usually for between £10(GB) and £20 per year, when you send emails via that server you 'authenticate' with a username and password in your email program.

This is where the plan falls apart, some people have SMTP servers which are known to be 'open relay' - no username and password are needed to use it, and no rules are on the server to say it has restricted use, until they are ALL secured the likelihood of spam will continue and the likelihood of random NDRs will be the natural off spin of the failed spams.

diggslashdotredditnetscapetechnoratinewsvinemixxfacebookdeliciousstumbleuponfurlsquidoomagnoliayahoomywebgooglebookmarkswindowsliverss

Comments

No one has commented on this post yet.

Add Comment

Comment:*

Comment Length: (0/500)
Comments over this length will be trimmed.

Name:*


Email or Homepage:


Validation word:


The validation word you see, above: *


[ Front Page ]

| Subscribe to this page's news feed | What's this?