搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

Scam emails allowed from edited sender addresses. No security?

  • 2 回覆
  • 2 有這個問題
  • 40 次檢視
  • 最近回覆由 Zenos

more options

Can I receive emails with a false sender name? Could a legitimate sender name be used to fool me into opening email/attachment? I received 2 emails with attachments from myself which I didn't send!

Can I receive emails with a false sender name? Could a legitimate sender name be used to fool me into opening email/attachment? I received 2 emails with attachments from myself which I didn't send!

所有回覆 (2)

more options

This is a common practice of spam mailers.

more options

If you can think of a way to prevent this, then I think you could become very rich quite quickly. Email was designed in a gentler age where it was initially something of a plaything used between academics on university networks. They didn't foresee any need to be able to validate the sender.

You could in theory travel around the world with your own computer, or you might use other people's computers, and you would be able to send email messages as yourself from multiple locations. How could any email client know how to judge if any of these were either valid or invalid?

The best answer I can come up with is to use encryption and signing e.g. gpg or S/MIME (and even this isn't absolutely bombproof). But few people seem willing to embrace the idea of digital signatures, key pairs and to use the tools necessary to encrypt and decrypt messages and validate signatures.

In Thunderbird, a useful addon is one that shows the "hops" taken by an email message, usually with a flag to indicate the country of origin. Whilst these details can also be spoofed to some extent, it's rare for the actual country of origin to be totally obfuscated. When I see a message purporting to be from my British bank that has, say, a Brazilian flag against it, then it's highly unlikely to be genuine.

https://addons.mozilla.org/en-US/thunderbird/addon/mailhops/