How easily could a average computer user (ie, I am talking about most of my family and friends) accidentally send an email that ends up being labeled "To: undisclosed-recipients"? I've set the global email filter to run emails through SpamAssassin, but for some reason those emails do not have the "X-Spam*" headings. If I can't run them through SpamAssassin, I am thinking of simply having a custom global filter that drops all "To: undisclosed-recipients"; I don't know that it would work as a global filter, or if it would be a good idea because of the possibility of someone inexperienced with computers accidentally sending an email that would be dropped under my proposed system.

I don't know how easily someone would do this, but if they used the BCC field and left the To field in the header empty, it might show something like that, depending on either the mail client used to send or the mail client used to read the email. Have you looked at the raw headers of the email? Does it really have "undisclosed-recipients" in the header?

That's what it really says in the To: field; it does say delivered to blank@blank.com in the bottom "Delivered-To:" header, and then bubbles upward through the forwarding scheme I have set up; it doesn't bother me so much that it says "To: undisclosed-recipients:;", what bothered me was that it seemed to bypass SpamAssassin. Though, I've now got two more emails the same way, and they both have the "X-Spam*" headings, so maybe the problem is fixed now? I'll wait and see if any more show up without the "X-Spam*" headings.

I'll wait and see if any more show up without the "X-Spam*" headings.

It has happened again. It is still in the INBOX of the email account that it was automatically forwarded to, but I'd prefer not to post the address of the account that it was redirected to, so where should I send an email to give them the account that the message is in and enough details to find the particular message, and what should include in describing the particular message?

Hello,

We just need the full headers of the email:
http://service.FutureQuest.net/kb107

Those can be sent to Service@FutureQuest.net. Be sure to copy and paste them into the email you send as the Service Desk strips attachments for security reasons.

Thanks,
Melissa

Done.

Response sent. (Just for closure, SpamAssassin has a size limit set for resource reasons and the message was simply too large to scan.)

Response sent. (Just for closure, SpamAssassin has a size limit set for resource reasons and the message was simply too large to scan.)

That the email is a big one turns out not to be obvious, because the actual text of the email was quite short, however, there was a large image attachment that I did not notice because I stopped reading the email when it was clear that it was spam.

Now that I know what the problem is I can work on how to best filter the emails going to that account.

Now that I know what the problem is I can work on how to best filter the emails going to that account.

My current strategy is to filter out messages to that address larger than 250 000 bytes and throw out messages with .jpg, .jpeg, .gif, and .png attachments; I have also informed all the legitimate users of that address that I could remember and find of the change to a different preferred address. Incidentally, I have also blocked executables to that address. None of legitimate users of that address have ever sent emails even close to the 250 000 byte limit; nor have they any reason to send executables or images; I'll have to wait and see how well this stops the previously undetected spammers; I suspect that the image exclusion will take care of them.