What is Forged or Spoofed E-Mail:

There's a type of spam called "forged e-mail" or "spoofing." 

Spammers can obtain e-mail address lists, which may include valid IHOT or your domain addresses.

They use these addresses in the "From" field of spam they send. If yours is "selected," the spam looks like it came from you. 

Consequently, it also looks like it comes from within the our sever, IHOT or your domain. IHOT security staff have received complaints from individuals both outside and within the our orgnaiton. Recipients are amazed we would allow this often-pornographic spam to be sent from our addresses. 

If you receive a complaint, you may worry that your e-mail account has been compromised. While this is unlikely, it's always a good idea to change your password regularly. 

We are very concerned about forged e-mail. However, technically, it is very simple for spammers to forge any e-mail addresses, and we are not able to prevent them from doing so. 

You may discover your e-mail address has been forged if you: 

• receive delivery rejection notices for messages you haven't sent; if the recipient's e-mail address is invalid, the message is returned to you because your address is in the "From" field. The only thing you can do is delete the message. 
• receive complaints from people who believe you are the sender. If you receive a complaint, the IHOT support staff has created a standard reply message for you which explains forged e-mail. 

Replying To a Complaint 

Sometimes when we receive an angry e-mail, our first instinct is to send an angry reply. In the case of forged e-mail, the complainer believes you are the spammer. Imagine how you might reply to a spam message if you thought you had found the spammer. 

You need to assure the person — in a reasoned manner — that you are not the guilty party. Using the following prepared reply, you explain the situation and acknowledge that the University is also concerned about foreged e-mail. You can copy this message and paste it into a reply. Unfortunately, the person complaining is unlikely to be the only one who received the spam attributed to you, so you might want to keep this reply handy. 

Hello -- I believe we are both victims of spam called "forged e-mail" or "spoofing." The message you received was not from me. It came from a spammer who has maliciously inserted my e-mail address in the "From" field. Unfortunately, there is nothing either you or I can do about it other than to delete the message. 

Recently, the our service provider has begun receiving many complaints from people both outside and inside the orgranation who have been victimized.