You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Jari Fredriksson <ja...@iki.fi> on 2009/10/28 21:22:12 UTC

Re: Spam with my company domain


28.10.2009 22:07, Jeremy Davila kirjoitti:
> 
> Hi all,
> 
> I'm getting Spam which is addressed to another person in my company ,
> but it getting sent to me . So in my inbox the To Field is Kristin , but
> in Jeremy's inbox.

Hello. That is possible, the email is sent to whoever is in the RCPT-TO
command of the SMTP transaction.

The sender does this:

<open connection to your MX>
HELO someclient.example.org
MAIL-FROM: sender@example.org
RCPT-TO: jeremy@example.com
DATA
From: someuser@example.org
To: kristin@example.com
Subject: this is a spam message

Hello kristin!
.
QUIT
<disconnect>

The sender *feeds* the To-header into the submission, but actually sends
the mail to a different user.

The "To:" header is just a decoration.

-- 
http://www.iki.fi/jarif/

Q:	How can you tell when a Burroughs salesman is lying?
A:	When his lips move.