On Tue, 25 Feb 2014 22:13:26 +0000 steve-ALUG@hst.me.uk allegedly wrote:
AFAIK lots of spam is sent by viruses/Trojans or hijacked computers. It won't be sent by a traditional email system, but directly by some malware. This malware will be send out the spam but with multiple different "from" and "to" addresses inserted into it. Some malware adds fake spam score, anti-virus header messages into the spam in an effort to trick the receiver’s computer into thinking it's not spam, and so getting it seen by more recipients. It could just be that whoever crafted the spam template just got their $from and $to tokens mixed up in the spam template, or just credited you with it in many cases
Steve
Many thanks.
Yes I know that the bulk of spam is generated by malware on compromised PCs. The reason I use greylisting on my mailserver is that it stops a shed-load of spam coming from such machines (they never come back after the 450 response). And as I said, clearly my friend is getting backscatter from such (undelivered) spam.
But what puzzled me is how /my/ email address should also be involved. I guess that the malware in question resides on a PC which has both mine and my friends email address in the owners address book (not impossible). Then, as you suggest, the malware is simply screwing up somewhere.
Cheers
Mick
---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
---------------------------------------------------------------------