Forged emails with false
From: email addresses can be used
to attack a person with a particular email address in several ways:
A Spammer can use a forged
From:address to hide their address when sending unsolicited emails. This can result in the owner of the forged email address being unfairly labeled as a spammer.
Worms and viruses used forged
From:addresses to attempt to fool the receipient of worm or virus laden emails into opening the attachments. This can result in the owner of the forged email address receiving notifications of each of the worm/virus laden emails from brain-dead virus scanners.
Mean-spirited, malicious people have used forged
From:addresses to send thousands of emails to non-existent email addresses which result in the owner of the forged email address receiving delivery failure notifications for each of the forged emails. This is an example of a classic joe-job attack ( see also ).
The first email attack I received appears to have been the result of
approach #2 where virus laden emails with a forged
containing my email address resulted in an indirect attack
on me through the virus notifications from email virus scanners. This
attack began in early March when I started to receive an abnormal number
of virus notifications claiming I had sent a virus laden email. Like
everyone who has had an email address on the net for any period of time,
I normally received a number of messages corresponding to #1 and #2 which
I easily handled using the spam filters in Mozilla Mail. However as March
progressed and the number of bounces increased from a few dozen, to a few
hundred, to a few thousand, to over 10 thousand such messages a day I was
not able to keep up with the barrage. By the beginning of April I was
left with no choice but to delete my
Since the earlier attack, I have tried to keep my current email address
confidential. As a result, the most recent attack is targetting my
webmaster email addresses.
It appears to have begun on May 14 around 20:00 UTC. The majority of the
messages have been undelivered message notifications from european
servers in Germany, Austria, Switzerland, Netherlands and Norway. This
distribution appears to be fundamentally different from the earlier
attack. I am saving all of these messages in the hope that I can track
down the person responsible for this attack.
Update June 6, 2004: As a result of this continuing attack I have deleted my webmaster and postmaster email addresses on bclary.com. If you need to contact me try the feedback link on this site.
Please note that I am not sending spam nor am I sending virus or worm laden emails. I am being victimized either as the result of the epidemic of worms and viruses on the net or am being targetted by a malicious person.