Thread Starter
Join Date: Jul 2012
Location: spacetime
Posts: 263
Likes: 0
Received 0 Likes
on
0 Posts
LinkedIn
Anyone any idea why all of a sudden this week I am recieving 20 to 30 junk emails from LinkedIn. Never see much junk at all. Am using Hotmail A/C. Nothing untoward showing on all scans.
Warning added to message after writing:-
Please remember that "the actual senders e-mail address" is of course NOT the address of the actual sender.
The "From:" field in an email is exactly as secure as a "Return Address" on the back of an envelope. The sender can put anything at all they like in it.
You can't do this with gmail but if you have your own mail server you might be able to sort it out.
You can be pretty sure of an email's entry point into the White world if you trace back the hops as recorded in the header. Of course someone in the Black world can add arbitrary fake hops to the mail before sending it so you can only reliably trace back to the first "untrusted" server listed.
Any large email service provider will have for many years now been trying to filter rubbish but anyone can mount their own server and there are bound to be ways of getting stuff into the White world.
In the gmail web interface you can view the raw headers with "Show Original".
I am not sure if it is still possible to inject un-authenticated email into the internet now. Looking at the headers of a gmail to gmail message I recently received I observe many Authentication and signature fields with which I am not familiar.
Things seem to have changed over the last 10 years.
In the case of one particular mail we have:-
ARC-Seal:
ARC-Message-Signature:
ARC-Authentication-Results:
Authentication-Results:
DKIM-Signature:
Which appear to be associated with a cryptographic message authentication system.
I am still assuming that sender spoofing is possible and I try to take take appropriate care with all received emails.
Things seem to have changed over the last 10 years.
In the case of one particular mail we have:-
ARC-Seal:
ARC-Message-Signature:
ARC-Authentication-Results:
Authentication-Results:
DKIM-Signature:
Which appear to be associated with a cryptographic message authentication system.
I am still assuming that sender spoofing is possible and I try to take take appropriate care with all received emails.
The "From:" field in an email is exactly as secure as a "Return Address" on the back of an envelope. The sender can put anything at all they like in it.
You can't do this with gmail but if you have your own mail server you might be able to sort it out.
You can be pretty sure of an email's entry point into the White world if you trace back the hops as recorded in the header. Of course someone in the Black world can add arbitrary fake hops to the mail before sending it so you can only reliably trace back to the first "untrusted" server listed.
Any large email service provider will have for many years now been trying to filter rubbish but anyone can mount their own server and there are bound to be ways of getting stuff into the White world.
In the gmail web interface you can view the raw headers with "Show Original".