I have noticed recently that some mail that ends up in my spam folder is not addressed to me but has been delivered to me. Out of curiosity I looked at the header information of a few of the emails and the header field To: has xxxxx@ukonline.co.uk where xxxxx can be any name and the Delivered To: has my email address.
Can anyone explain, how an email which is not addressed to me can be delivered to me?
Barry J.
++++++++++++++++++++++++++++++
None of the mail that is delivered to you gets to you because it was 'addressed' to you. The To: or Cc: headers have nothing to do with it.
Mail is sent by SMTP servers working on information commonly known as the "SMTP envelope". By analogy with snail-mail it's as if the postman uses info on an envelope to get as far as your front door, then takes the letter out of the envelope and puts it through your door and takes away the envelope. Genuine snail-mail then happens to have your address and the real sender's address on the letter itself. Junk snail-mail could have any or no details on it.
Some ISPs include in the mails that you collect from them details of who the SMTP system thought the mail was from and to, typically in headers, e.g. "Return-Path:" and "Envelope-To:".
--
Jeremy Nicoll, Edinburgh, Scotland
++++++++++++++++++++++++++++++
The To: and CC: fields in the visible email header have *no* bearing on the delivery of that mail: they are there purely for the convenience of the human recipients.
The email is actually delivered according to the addresses stored in the 'envelope', which is additional data attached to the mail body and sent through the system at the same time. If you're using POPstar on RISC OS, you can see this in action in the outgoing queue (which lives at !POPstar.MailDir.spool.mqueue) as the message bodies live in the text directory and the corresponding envelopes are in the work directory.
It's perfectly possible that none of the To: or CC: addresses appear in the envelope, and that none of the envelope's addresses appear in the message header. If you consider a BCCd message, the addresses must appear in the envelope, but won't be in the message itself.
Many ISPs take the address from the envelope that caused the message to get delivered to you, and add it into the message header using a new entry Delivered-To or Envelope-To (or similar, possibly starting with X). This header entry was added by your ISP as the mail was placed in your online inbox, and was not present when the message was sent. If you filter mail locally into different addresses, you should always use this special header line if your ISP provides it, as it is the only reliable indication of the address the message was actually sent to.
--
Steve Fryatt - Leeds, England
++++++++++++++++++++++++++++++
I had discovered that many spam emails which had no content except a few random words, plus an attached GIF file usually had X-Mailer or X-something else in the header and I have been able to use that to filter the spam locally. Previously these were getting through my spam filter. I now understand why it works.
Thanks,
Barry J.
++++++++++++++++++++++++++++++
It may be worth clarifying the "X-" bit. All the prefix means is that the header is 'user defined', in that it isn't covered by an entry in one of the RFC documents that describe how the mail system works. These tend to be non-standard entries, where consensus hasn't yet been reached (the standards process moves slowly), or personal additions (often geeky jokes).
++++++++++++++++++++++++++++++
Three very useful X-headers I use as initial filters for spam are presumably ISP added. They are:
Another X-header which only seems to be present on spam emails is:
X-Mailer: Outlook and so I also use this as an initial filter.
It was only trial and error though to find something that worked.
Barry J.
++++++++++++++++++++++++++++++