Email is the most insecure way of transferring information, and the exploits are easy, because the "details" are always hidden from you. Use the functions in your email program to show all the headers.

In the case of MICHAEL's email, it has a header line:

Received-From: from michaelPC ([72.240.150.93]) by BLU0-SMTP162.phx.gbl over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Thu, 31 Oct 2013 15:20:58 -0700

which tells you where the SMTP client connected from. This is the ultimate source information, for all non-exploited or non-compromised email servers.

There will be one of these lines for every server that touched the email. People can "craft" an email that looks like it came from someone who did not send it. If you don't look at these header lines, you'll only have the visible 'From' and 'To' information that your email client shows you, which can be easily forged since it is just text that your email client crafts and sends to the server.

Legitimate ISPs don't accept email with a 'From' address that is not, precisely the 'id' of the user connecting and authenticating to the SMTP server.

So, it can be possible for you to receive an email that appears to be from this list, but which is actually, completely NOT from this list, but SPAM crafted by a SPAM bot, and sent to you, because your email address was somehow revealed to it.

Gregg Wonderly W5GGW

On 10/31/2013 5:20 PM, MICHAEL wrote:

I have been subscribing to this for over three years and have never received any spam from the AMSAT-BB. Had it happened I would not be subscribing to it!

Respectfully,

Michael /N8GBU

---

Sent via AMSAT-BB@amsat.org. Opinions expressed are those of the author. Not an AMSAT-NA member? Join now to support the amateur satellite program! Subscription settings: http://amsat.org/mailman/listinfo/amsat-bb