Have you every received a post card?
You know, an old-school piece of paper with a picture on one side and writing on the other. It goes without saying that anyone can write anything on a postcard. I could go out and get a postcard with a picture of the White House on it and write “Wish you were here. Love, Dubya” on the back. If I send it to your address and put 1600 Pennsylvania Ave as the return address, then you have no way of knowing who really sent it.
E-mail works exactly the same way as a postcard. It’s so easy to forge the from address on an e-mail that even a child could do it (and many of them do). It’s even easier to send you an e-mail from firstname.lastname@example.org than it is to send you a fake postcard. The differences are, it doesn’t cost me anything to send you an e-mail and there are programs that let me send thousands of e-mails with a single mouse-click.
With all of these facts in mind, it should be obvious to even the most inept computer user that you can’t trust the from address on an e-mail.
So why is it that I still receive complaints like this at least daily: “I got a spam e-mail from your address so you better check your computer, it’s sending spam!” To which I reply: “Every spam these days has a fake from address so you don’t know who really sent it.”
Here’s another one that I frequently get: “Someone at Paris ISD sent me a virus so you should check all of your computers!” Again I reply: “Every virus these days makes up a fake from address so you don’t know who really sent it. And, I monitor every message that goes through our server, so if one of our users has a virus I’ll know about it immediately.”
Finally, my all time favorite complaint: “I received an e-mail from you with a strange message and an attachment. I tried several times to open it, but never could make it work. Also, my computer is running really slow now and I think some of my files are missing…” You can make up your own reply for this one.
To make matters even worse, some mail server admins have set up their spam filters and anti-virus software to return bad e-mail to the (fake) sender. So people receive automatically genereated e-mail from a mail server saying something like “You sent an illegal e-mail to a user on our domain. If you continue to disrupt our network this way, you will be prosecuted to the fullest extent of the law.” I will never understand how these idiots get jobs running company networks.
Now, I know some of you out there are really clever and you’re saying “Wait a second, I can tell where your postcard came from by looking at the postmark.” If that’s you then you’re exactly right. All of those evenings spent watching CSI have finally paid off. E-mail has a similar feature where you can look in the message header and see what IP address actually sent the message. Unfortunately, even this can be spoofed by a clever virus or spammer, and most users don’t ever take them time to look at it.
What should you do with all of this new knowledge? First, never trust the from address on an e-mail again. Next, never open an attachment unless you’re absolutely sure what it is and why it was sent to you. If you have any doubts about a message, pick up the phone and call the sender. If you still have any questions about the origin or purpose of a message, just delete it. Don’t bother notifying the sender or e-mailing a warning to everyone in your address book. Just click delete and move on with your life.