SysKoll wrote:Nexis,
I visited the nexis.com site. The software download page wants your name, address, company, etc. Did you fill in that info with authentic data?
If so, I am afraid that it's not too hard for a determined salesman to find your "real" email address.
I'm sure you meant "journx.com, but I'll try to answer both your posts at once.
I didn't FTP anything. Firefox does remember passwords, but the online form I filled out wasn't a registration. I wasn't logging onto the site, just filling out the questionaire.
The online form did ask for specific information, but what I gave him was all bogus except my name. BTW, I googled my name and found more than 1500 references to it with only a handful belonging to me and less than that had the email address in question (other google results had other email addresses of mine). So it's kinda doubtful that he would zero in on my address based on a google search.
I am including the headers of two of the messages I received from them, the second and third messages. In the first snippet (second message), you'll note references to spamgourmet along with my forwarded email address embedded into it (for obvious reasons). In the second snippet (3rd message), you'll note it is NOT a forward. It came directly from the company and directly to me.
To sum up:
1) I went to a site (just once)
2) I filled out an online form with bogus information (except my name)
3) I did not register or sign up for anything
4) I did not ftp.
5) I, in fact, didn't download anything. I closed the browser window at the point of download because the site only had software for Redhat which I don't use.
6) I received 2 forwarded messages from journx.com
7) I received 1 message directly from journx.com directly to my email address.
It would behoove us all to know how they got ahold of the email address
In the posts here, people have generously recommended that I make sure my email client was configured properly, my browser was configured properly, I didn't give traceable information, and a few other things. While I appreciate the suggestions, deep down, I don't think they get at the heart of the problem. If there's something I did to compromise my own address, I'd certainly like to know. But you can clearly see in the above list that I didn't do anything out of the ordinary. I'm half thinking about giving this guy a call to find out how he did it. Maybe his answer could benefit sites like spamgourmet.com.
Hey, try this:
Maybe someone should set up a new yahoo account (don't use a current one), search for the google query I listed in a previous post, click on the adlink, click the link for downloading the invoice program for Unix/linux, fill out the form with bogus information, except use your real name and a spamgourment.com email address. Let it take you to the download section. Then DON'T download anything.
Sit back and relax. Pretty soon you may get a visit from toothfairy. OK, I'm being silly, but I bet you get an email visit from a salesman.
Here are the header snippets (thanks for looking into this)...
=========================================
message header #2
(btw, there's a reference to a salesforce.com. Don't know who they are but I never visited them).
=========================================
X-Apparently-To: [snip - real address] via 66.218.93.47; Thu, 27 May 2004 09:53:59 -0700
Return-Path: <snip>
Received: from 63.146.199.14 (EHLO gw2.salesforce.com) (63.146.199.14) by mta179.mail.dcn.yahoo.com with SMTP; Thu, 27 May 2004 09:53:59 -0700
Received: from na0-app05 (localhost.localdomain [127.0.0.1]) by na0-app05.eng.salesforce.com (Postfix) with ESMTP id 9CD112800C for <[snip - real address]>; Thu, 27 May 2004 16:53:53 +0000 (GMT)
Received: from [66.219.41.226] by ssl.salesforce.com via HTTP; Thu, 27 May 2004 09:53:53 -0700
Message-ID: <22410455.1085676833641.JavaMail.sfdc@na0-app05>
Date: Thu, 27 May 2004 16:53:53 +0000 (GMT)
From: <snip> Add to Address Book
To: "[snip - real address]" <[snip - real address]>
Subject: Journyx Solution
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_Part_13492_22213900.1085676833640"
X-SFDC-User: 00500000006ooFs
X-Sender: <snip>
X-mail_abuse_inquiries:
http://www.salesforce.com/us/customercare/abuse.jsp
Content-Length: 21249
===================================
message header #3.
(note: no reference at all to spamgourment.)
===================================
X-Apparently-To: [snip - real address] via 66.218.93.47; Thu, 27 May 2004 09:53:59 -0700
Return-Path: <snip>
Received: from 63.146.199.14 (EHLO gw2.salesforce.com) (63.146.199.14) by mta179.mail.dcn.yahoo.com with SMTP; Thu, 27 May 2004 09:53:59 -0700
Received: from na0-app05 (localhost.localdomain [127.0.0.1]) by na0-app05.eng.salesforce.com (Postfix) with ESMTP id 9CD112800C for <[snip - real address]>; Thu, 27 May 2004 16:53:53 +0000 (GMT)
Received: from [66.219.41.226] by ssl.salesforce.com via HTTP; Thu, 27 May 2004 09:53:53 -0700
Message-ID: <22410455.1085676833641.JavaMail.sfdc@na0-app05>
Date: Thu, 27 May 2004 16:53:53 +0000 (GMT)
From: <snip> Add to Address Book
To: "[snip - real address]" <[snip - real address]>
Subject: Journyx Solution
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_Part_13492_22213900.1085676833640"
X-SFDC-User: 00500000006ooFs
X-Sender:
postmaster@salesforce.com
X-mail_abuse_inquiries:
http://www.salesforce.com/us/customercare/abuse.jsp
Content-Length: 21249
=========================================