Forged emails with false From: email addresses can be used to attack a person with a particular email address in several ways:

1. A Spammer can use a forged From: address to hide their address when sending unsolicited emails. This can result in the owner of the forged email address being unfairly labeled as a spammer.

2. Worms and viruses used forged From: addresses to attempt to fool the receipient of worm or virus laden emails into opening the attachments. This can result in the owner of the forged email address receiving notifications of each of the worm/virus laden emails from brain-dead virus scanners.

3. Mean-spirited, malicious people have used forged From: addresses to send thousands of emails to non-existent email addresses which result in the owner of the forged email address receiving delivery failure notifications for each of the forged emails. This is an example of a classic joe-job attack ( see also ).

The first email attack I received appears to have been the result of approach #2 where virus laden emails with a forged From: containing my email address resulted in an indirect attack on me through the virus notifications from email virus scanners. This attack began in early March when I started to receive an abnormal number of virus notifications claiming I had sent a virus laden email. Like everyone who has had an email address on the net for any period of time, I normally received a number of messages corresponding to #1 and #2 which I easily handled using the spam filters in Mozilla Mail. However as March progressed and the number of bounces increased from a few dozen, to a few hundred, to a few thousand, to over 10 thousand such messages a day I was not able to keep up with the barrage. By the beginning of April I was left with no choice but to delete my bc@bclary.com email address.

Since the earlier attack, I have tried to keep my current email address confidential. As a result, the most recent attack is targetting my public postmaster and webmaster email addresses. It appears to have begun on May 14 around 20:00 UTC. The majority of the messages have been undelivered message notifications from european servers in Germany, Austria, Switzerland, Netherlands and Norway. This distribution appears to be fundamentally different from the earlier attack. I am saving all of these messages in the hope that I can track down the person responsible for this attack.

Update June 6, 2004: As a result of this continuing attack I have deleted my webmaster and postmaster email addresses on bclary.com. If you need to contact me try the feedback link on this site.

Please note that I am not sending spam nor am I sending virus or worm laden emails. I am being victimized either as the result of the epidemic of worms and viruses on the net or am being targetted by a malicious person.