Warning:

Spammers Are Using My E-Mail Address
Without My Consent Or Permission!
 

The Problem

People who send out junk e-mail for a living ("spammers") have started a worrisome trend: they are appropriating e-mail addresses of people and businesses that have nothing to do with them, using them for return addresses. I did not have a problem with this until early August, and since then I've been getting "bounce" messages from servers who have no idea that the "from" address has been spoofed.

While I'd love to be able to stop this behavior, I am realistic enough to know that this is a two-fold problem: one, that the spammers will continue to use the methods that work for them; two, e-mail servers will continue to use the "from" address as the place to send the "bounce" message. E-mail servers are not yet flexible enough to realize the difference between a legitimate return address and a spoofed one.

 

"Why Are You Sending Me SPAM?"

If you have received junk e-mail with my address (videoguy at raeproductions dot com) listed as the return address, please be advised: I did not send it.

The people who are sending these things have only one goal in mind: send out as many e-mails as possible. This is what they're paid to do. They are paid by the number of e-mails they send. If they were paid by the number of actual sales that were generated by this method, many of them could not make a living this way - they would have to go back to Burger Palace to sweep the floors again.

 

"How Do I Know If I'm Getting Legitimate E-Mail From You?"

This is the real problem with this situation: if someone gets a legitimate e-mail from me, how do they know that it's not SPAM in disguise?

For now, there is one way to tell that works - the spoofed address will present as follows: two empty quotation marks, with the e-mail address following within parentheses or carats. For example: ""(emailaddress). If it comes from me directly, it will either be the e-mail address without parentheses or my name followed by the e-mail address within carats.

The subject of the spam itself will vary, though it usually carries the subject line "may we have your permission", but the subject line is not a 100% reliable indicator. The empty quotes, followed by a spoofed return address within parentheses, is actually a familiar "calling-card" for these spammers. I've been receiving spam with this characteristic for some time, some with legitimate-looking return addresses and some that are obviously made up by randomly typing in characters on a keyboard. To see my own e-mail address attached to spam like this is somewhat of a shock. It's never something I would knowingly do.

 

"What Can Be Done?"

Keeping the e-mail address low-profile (as much as is possible under the circumstances - it is a business after all!) is the best defense. I've been good with this, by never posting to a Usenet news group and only using it for legitimate business, but someone managed to find it and appropriate it anyway. So, in the end, this low-profile approach only works for a while.

Once your e-mail address has been hijacked this way, and I'm not using the term loosely here, the best defense is to let people know what has happened so that when they do receive spam with your return address on it that they can take intelligent action (i.e. deleting it outright) rather than blaming you for it. That way, as much as is possible, your good name does not get ruined by these people.

Until I find a better way to combat this problem, and I am looking for one, this is the best way I know - if you receive spam mail with my e-mail address for a return, with the empty quotes before the address in carats, simply delete it. This best follows Ghandi's doctrine of non-violent resistance, which is a good thing, and right now it is the best option available.

 

Back To Main Page

 
rev 8.6.03, RAE Productions
 Written with VIM