Cybersecurity

14 readers

6 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

founded 2 years ago

MODERATORS

[email protected]

Did you know that if a spammer uses your email address as the FROM: address, which is easy to do, all the bounce messages will go to your email address? If the spammer really hates you, they will send (hear-me.social)

submitted 1 week ago by [email protected] to c/[email protected]

35 comments fedilink hide all child comments

Can you stop this or prevent this? No

Why would a mail provider send you a bounce message, knowing you're innocent? Because that's how someone wrote the protocol back then, and nobody changes it or does it differently because ... reasons.

Does the spammer get a bounce message? Nope, not one.

Does the SMTP sending account owner whose credentials were stolen be notified about bounces so they can stop the spam? Nope.

Just millions of emails sent every day to poor schlameels who have no idea why they are getting them and who can't do anything about them.

The more I learn about the email protocols, the more I realize how terrible the design is.

#emailsecurity #spoofing #cybersecurity #spam

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 1 week ago* (last edited 1 week ago)

It's still incumbent on the receiver to implement and follow DMARC and SPF rules. Email is, what, 44 years old, if you include RFC 822. SPF was introduced a mere 20 years ago, and DMARC is only 12 years old; Google started enforcing it only 10 years ago. There's an entire sea of email server out there whose admins have not bothered to set up SPF, much less DMARC.

There's a huge gap between "should" and "do."