Comment on How do email scammers spoof my email?
Ocelot@lemmies.world 1 year ago
When you send an email to a mail server, you can set the “FROM” address to literally anything. The mail server does not care and forwards stuff on. Anyone can run their own mail server anywhere that will dutifully just relay emails, which is what spammers often do. There are entries in DNS called SPF records (Sender Policy Framework) which mailservers use to validate that the FROM address coming from the mail server matches with a list of allowed mail servers IP address(es). If it doesn’t match it gets sent to spam.
Seigest@lemmy.ca 1 year ago
I see. I think this is that case. It was in the spam folder. So it sounds like the new mail service is doing all it can here.
I’d also gotten a few fake Amazon fliers form like “vapedemon69.com” which somehow didn’t get marked as spam so I’ve been concerned that the junk prevention may really suck. But at least it seems to be marking the spoofed ones as ok.
korthrun@lemmy.sdf.org 1 year ago
Hey all, “that guy” chiming in.
You can set the “FROM” address to any string that meets the specifications of the “Address Specification” of the relevant RFCs (5322/6854 maybe others). Which is SUPER FAR from “literally anything”.
Ocelot@lemmies.world 1 year ago
If you’re running your own domain and mail server with everything validated via SPF and DKIM etc then this layer of spam filtering won’t do anything. Other spam filters like AI-based ones that look at the contents of message for spammy stuff need to take over after that point.
Fighting spam is constant cat-and-mouse battle and you’ll never truly get rid of all of it.
Absolutemehperson@lemmy.world 1 year ago
That’s obviously legit. Didn’t you know it’s illegal to lie on the internet?