including domain name



Email address "hijacking"
(a.k.a. forging the return FROM address;
a.k.a. "ghost" sender )


2012 Update: Note that since mid-July 2011, mailing "lists" (TO: and CC: recipients) contained within messages involving,, and have been used by spammers as FROM: addresses (see more about FROM addresses below). The strategy is that by rotating through a group of "related" email addresses (related by the fact that they were captured from a given message's recipient list), the resulting spam might have a higher chance of being opened/read by the spam-recipient because they "recognize" some of the email addresses involved. Normally, spammers just use randomly selected FROM addresses from their pool of millions of addresses, and the likelihood of the spam-recipient opening a message from would be low.

Spam email can inconvenience you in (at least) two ways:

  • Receiving unsolicited commercial email messages that jams your inbox, but also
  • Having a spammer use your email address as the return address for the emails he sends out, and thus you receive all the Out-of-Office, NonExistent-Address, and challenge-message replies that are generated as a result of that spammer's mailing.

You would notice this because your inbox becomes filled with returned emails and error messages—correspondence TO and FROM addresses you've never heard of .

Using an email address as a fake return address is analogous to:

  • Putting someone else's address in the upper left of an envelope in the US Mail (anyone can write anything there and mail it, even at the post office lobby counter, no one ever checks)
  • Programming a fax machine's number (that is to be printed at the top of the received fax page) with someone else's fax number to make it look like the fax was sent by that other person's phone number.

This is casually called "hijacking" or "forging" an email address, although there are other uses of these terms for much more serious situations.

The good thing is that no one has broken in to your email account or web hosting account, and no security was compromised.

NOTE:   In some instances, spam messages that are addressed to you, may well be labelled FROM your address also.   This is a spammer's way of trying to increase the possibility that it'll attract your attention. In these cases, it's unlikely that your address has been used as a FROM address for spam emails sent to other people. (Thus it's just a nuissance/curiosity for you)


Unfortunately there's nothing you can do about it except to wait it out. There are no filters that you should put in place. Spammers use a forged email address for a few hours (a few million emails sent out) and then move on to the next forged address in their list. They need to use valid email addresses since internet mail systems double check that the sender's address (albeit forged) is a valid address that responds "I'm alive" but they don't check that that was the real sender (which it wasn't).

Fortunately, most recipients of spam "understand" that this happens and will not blame you (if they even notice whom it listed as being from). Occasionally your domain name (or hosting company) can get blacklisted, but usually the blacklist mechanisms are smart enough to ignore this common type of fake address.




©2012 SherwoodHosting LLC