APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Some common email problems


2006/12/08

The purpose of this article is to help explain how email works. It's written for non-technical users, but technical support folk may want to point their users here to find the answers to common questions and concerns.

My friend says I sent him a virus!

Maybe you did. It is possible for a computer to be taken over by malicious software which then sends viruses to other people. This happens behind the scenes; the owner or user of the computer may have no knowledge of what is happening behind their back. If you don't have up to date antivirus software on your computer, this could happen to you.

But maybe you didn't. One of the odd things about sending email is that the sender can easily lie about who they are. I (or anyone else) can very easily "forge" mail so that it appears to come from someone else. Therefore, the nasty virus-laden email that appeared to come from you may not have at all - but it probably DID come from someone who knows you. Here's why: those nasty programs that take over programs often read the mail address book to find other folks email addresses, and will use those addresses in the forged email. So if Pete has you and Sam in his address book, and his computer gets infected by a virus, Sam might get forged email that looks like it came from you.

I get messages saying I sent mail to unknown users, but I never sent them!

As these viruses sometimes send to accounts that don't exist, YOU will get any message back that says that - yiou never sent the original, but since it LOOKED like it came from you, that's who the other system notifies.

If you've left your email on newsgroups, message boards or websites, spammers could have found it there too. They look for email addresses both to send junk to and to use as the forged source.

You can often easily trace back messages through the "headers". How you get to see these details varies with your mail client - for Outlook Express, right click on the message, choose Properties and then Details. The "Recieved" headers show how the message got to you. It may have passed through several machines to get to you; look at this piece of spam for example:


Delivered-To: [email protected]
Received: by 10.82.164.8 with SMTP id m8cs335569bue;
Fri, 8 Dec 2006 04:45:42 -0800 (PST)
Received: by 10.100.198.11 with SMTP id v11mr4012514anf.1165581941872;
Fri, 08 Dec 2006 04:45:41 -0800 (PST)
Return-Path: <[email protected]>
Received: from mail10.atl.registeredsite.com (mail10.atl.registeredsite.com [64.224.219.84])
by mx.google.com with ESMTP id c20si3121247ana.2006.12.08.04.45.41;
Fri, 08 Dec 2006 04:45:41 -0800 (PST)
Received-SPF: neutral (google.com: 64.224.219.84 is neither permitted nor denied by best guess record for domain of [email protected])
Received: from vps.pcunix.com ([64.226.42.29])
by mail10.atl.registeredsite.com (8.12.11.20060308/8.12.11) with ESMTP id kB8CjeMD003916
for <[email protected]>; Fri, 8 Dec 2006 07:45:40 -0500
Received: from bayernwirt.de (ADijon-258-1-65-215.w90-6.abo.wanadoo.fr [90.6.180.215])
by vps.pcunix.com (8.11.6/8.11.0) with SMTP id kB8CjdP55150
for <[email protected]>; Fri, 8 Dec 2006 12:45:39 GMT
(envelope-from [email protected])

The very last line in that list (Received: from bayernwirt.de ) is the machine that first handled the message. So if Sam looked at other messages from you and saw that the first machine that handles your mail is normally "yourcompany.com", but on the "bad" email it started somewhere else, he'd know it wasn't actually from you.

I get too much spam

Yeah, we all do. Filtering spam is a never ending battle. Here's the problem: there's money in it. Big money. So lets say Fantastic Filter Corporation comes up with a great way to block spam. It's wonderful: it blocks everything you don't want but never interferes with anything you do. You are overjoyed, but Dastardly Dan Spammer is not. So.. Dastardly Dan goes out and buys a Fantastic Filter, tears it apart, figures out how it works, and soon enough can get by it. That's the reality of spam filtering today.

See The 10 Biggest Spam Myths, E-mail spam and Spam Filtering also.

I can't get mail from [email protected]

Are you sure? Maybe it's in your Spam or Junk Mail folder. "False positives" - mail marked as spam that shouldn't be - are also a fact of life today.

Some mail systems block mail before it gets to your inbox. You get a message from the Mail server saying that [email protected] tried to send you mail but it was blocked because of a virus. THIS MIGHT BE LEGITIMATE EMAIL. That's why you are told about it, because the server has no way of knowing that you want or don't want this mail. All it knows is that the email had a virus, and it wants you to know that. If [email protected] IS someone you are expecting mail from, you at least know that it was blocked for this reason.

Or maybe Sam from foobar.com calls you and tells you that he can't send YOU mail. Possibly he has been put on a blacklist - maybe deservedly, maybe not. This often happens with home users with DHCP IP addresses: some spammer used to use the IP you have now, so that IP is on a blacklist. He needs to contact the folks who maintain the blacklist to fix this. Usually that's quick, simple and (most important) free if you really are not a spammer.

I can't send mail to [email protected]

The message you got back telling you that tries to tell you why. Maybe it's their problem, maybe it's yours. For example, sometimes I see companies that can send mail just about anywhere but not to AOL addresses. That's a DNS PTR issue usually, and is easily fixed.

Or maybe you've been blacklisted - see the section just above here.

Often it's just a temporary glitch - try again and it may go through.

I can't get or send mail at all

That's beyond the scope of this article.

Joe didn't get my mail - do I need to send it again?

Maybe, maybe not. Sometimes mail servers get behind in their work or even crash. Most systems are configured to keep trying to send a message for at least a few days, so your message may get there eventually.

Are you sure he didn't get it though? It might be in his Spam folder.

Anything else we need to add here?



Got something to add? Send me email.



1 comment



Increase ad revenue 50-250% with Ezoic


More Articles by

Find me on Google+

© Anthony Lawrence







Sat Dec 9 05:58:47 2006: 2702   BigDumbDinosaur


Here's why: those nasty programs that take over programs often read the mail address book to find other folks email addresses, and will use those addresses in the forged email. So if Pete has you and Sam in his address book, and his computer gets infected by a virus, Sam might get forged email that looks like it came from you.

This is a problem that affects Microsoft Outlook and Outlook Express. I'm not aware of anyone using other E-mail clients having their address booked mined for new spam targets (it certainly has never happened here in the nearly nine years we have been directly linked to the Internet).

------------------------
Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us





er.

What do such machines really do? They increase the number of things we can do without thinking. Things we do without thinking — there's the real danger. (Frank Herbert)












This post tagged: