Posted on 2002-04-05
Last Modified: 2006-11-17
I got an email with the following headers in my hotmail account. Note that the From and the To fields are the same and both diferent from my email address which is How is it possible? Did the pearson send this email to me only or it was sent to his entire address list? Which one is the actual originating IP.

From :    "Svetlena Taneva" <>  
To :    "Svetlena Taneva" <>  
Subject :    just to let everyone know...  
Date :    Thu, 4 Apr 2002 17:10:08 -0500  
   MIME-Version: 1.0
Received: from [] by (3.2) with ESMTP id MHotMailBE761A4B005840043156D1E420ABA2400; Thu, 04 Apr 2002 14:10:19 -0800
Received: (cpmta 10965 invoked from network); 4 Apr 2002 14:10:15 -0800
Received: from (HELO svet) by ( with SMTP; 4 Apr 2002 14:10:15 -0800
From Thu, 04 Apr 2002 14:10:40 -0800
X-Sent: 4 Apr 2002 22:10:15 GMT
Message-ID: <000a01c1dc25$8330aaf0$34e2f143@svet>
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000  
Question by:blago
LVL 31

Expert Comment

ID: 6923056

The "from" field is not authenticated and could be anything, including NULL. My guess is you are on a BCC list and the sender used the svetlena address, which may or may not be their own address, as destination.


Accepted Solution

mhci earned 50 total points
ID: 6925904

The email seems to have originated from Look at this line:
1.Received: from (HELO svet) by ( with SMTP; 4 Apr 2002

14:10:15 -0800 (the time is recorded at -0800 hrs to GMT) and shows 14.10.15 (2:10:15 PM). This also shows that the IP has sent the message to

Now if you look closely is the smtp server for So the person using his own Internet Service Provider which gave the person IP address connected to email facility at (such as and then send this message.

2.Received: from [] by (3.2) with ESMTP id MHotMailBE761A4B005840043156D1E420ABA2400;
Thu, 04 Apr 2002 14:10:19 -0800

Similarly this IP forwarded this email to Again look at the time. IT is the time after 14:10:15

It seems quite clear that is the originating IP of this email.

It is quite possible to send such kind of message. Suppose you send a message to many but write all the addresses under bcc and in the "TO" field write only your own email address, then you would get the above kind of condition. This is the general method used in order to protect the email addresses of the persons whom you are sending the bulk mail to.

Do let us know if you still need help

LVL 31

Expert Comment

ID: 6926312
I can only agree totally with the above comment from mhci.
Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

LVL 24

Expert Comment

ID: 6929166
My first guess was use bcc (as rid). I am less sure of
> The "from" field is not authenticated
- as this field is indeed being checked more frequently. Not that this one was or that it would do you any good.

My second guess, (not looking at clock) is that HotMail had some recent downtime and aberrations, possibly this is related.

I'll try to revisit this, to read more in depth, especially mhci comment
LVL 31

Expert Comment

ID: 6930497
RE: the "from" field: I don't think this requires authentication in the standards for the protocols involved and empty field should be allowed. Depending on software involved, authentication, and rejection of NULL, can be implemented.

LVL 31

Expert Comment

ID: 7001427
Hello there!
Have our comments been of assistance, or do you need additional help? Please finalize this Q in an appropriate manner.


Author Comment

ID: 7167456
I'm sorry for the delay, but I was without access to internet for long. Your comment was very helpful and thorough.

Author Comment

ID: 7167458
RID you deserve the points too so I'll post another question and you just have to reply.

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article we will discuss some EI Capitan Mail app issues and provide some manual process to resolve them.
Email attacks are the most efficient and effective way for cyber criminals and hackers to compromise a computer or network. We often find our-self second guessing the authenticity of an email message, for such instances we can follow practical princ…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now