Question Question regarding email spam

[wpshooter]

If my email address is say xyz@emailcompany.com, how can an email on which the recipient ("TO") is something other than xyz@emailcompany.com be delivered to that email address if the email server is doing its job of correctly posting the emails that it is receiving to the correct accounts, i.e. how can an email address which is not setup on that email server get posted to one of its legitimate email accounts ??? Thanks.

 

[corkyg]

AFAIK, you can add email addresses to an existing account. It is described here: https://community.box.com/t5/How-to-Guides-for-Account/Manage-Account-Settings/ta-p/20022

 

[wpshooter]

Thanks for your reply. So you are saying that someone other than the email server administrator or me (someone pretending to be me) can add email addresses as legitimate "users - recipients" ? And if this is the case, shouldn't the email administrator be aware of this fact ? The reason I ask is because I have talked to the email server administration and they did not mention this nor did they say that any additional users / recipients had been added to my account.

 

[corkyg]

My sense is that it would have to be done by you or someone that had your user ID and password.

 

[wpshooter]

Sure wasn't done by me and AOL tells me that there is no place for an additional user to be stored on the account and when I look at my user profile on their weblink of my profile, I can see no "field" which would seem to lend itself to the storage of an additional allowed user, but perhaps any such field might only be accessible by the email server administrator or someone that had stolen the administrators rights.

 

[Mike64]

If my email address is say xyz@emailcompany.com, how can an email on which the recipient ("TO") is something other than xyz@emailcompany.com be delivered to that email address if the email server is doing its job of correctly posting the emails that it is receiving to the correct accounts, i.e. how can an email address which is not setup on that email server get posted to one of its legitimate email accounts ??? Thanks.

Look at the full header in the "source" code to see exactly how it's addressed. Are you sure there are no ccs, bccs or sneakier redirects in there (I'm not all that familiar with Internet email addressing, so I don't know that there are in fact "sneakier" ways of adding/changing addresses, but it's worth looking at the full header in any event...

 

[wpshooter]

Mike: I looked at the header info and there is a field referred to as: "X-Apparently-To:" which has my actual/real email address shown in it, not the fake recipient TO: address which is shown on both the FROM and TO lines of the email. So my question is what is the X-Apparently-To field ??? And more importantly is there not some type of structuring to email server management/administration software that would cause the emails to be properly directed to the email domain and email user accounts of ONLY those email accounts that are setup on their email server according to some STANDARD field in a properly formatted data structure ? Or is this something that is only known and understood by the folks that develop email server software ? Thanks.

 

[Mike64]

So my question is what is the X-Apparently-To field ??? And more importantly is there not some type of structuring to email server management/administration software that would cause the emails to be properly directed to the email domain and email user accounts of ONLY those email accounts that are setup on their email server according to some STANDARD field in a properly formatted data structure?

The real/short answer is that I don't have even a tiny clue about the server management aspect, or for that matter, how one might even go about getting an email address into the "X-Apparently-To" field. It seems to me it might be as simple as using bccs, but for all I know it might take some sort of sneakier manipulation. I suggested looking at the full header only because I do know that the "visible addresses" are basically just semi-informational, and really have no bearing as such on how emails are handled by the servers...

I did a very quick web search that suggested the "X-Apparently-To" field might be AOL-specific, but I'm not at all sure even about that. If a closer perusal of search results doesn't turn up any useful information, you might (emphasis on might) be able to get something more useful out of an AOL rep now that you know your "real" address is in fact buried in the message header. (I would say I'm a little surprised that the service rep you spoke to didn't suggest looking at the full header immediately, but I'm not really. The last time I spoke to an AOL rep, a year or so ago, I was eventually able to get the info I needed, but it took some slogging through a few typical idiot-customer canned responses before he actually started talking turkey...)