This page answers frequently asked questions (FAQ) about spoofed email.
Also see the following Wikipedia article about email spoofing: E-mail spoofing.
The following sections are in a Question (Q:) and Answer (A:) style.
Q: What is spoofed email?
A: Spoofed or forged email uses a false or invalid email header to describe from whom it came.
Q: How does email spoofing work?
A: Email spoofing uses standard email (SMTP) functions. Spoofed email uses the fact that FROM and MAIL FROM email headers are largely arbitrary text.
Q: Can you show me how email spoofing works?
A: The following steps depict email spoofing.
Q: Who uses email spoofing?
A: Mail spoofing, when performed for malicious reasons, is used mostly by spammers as a method of delivering malicious payloads (viruses, worms, etc.) to unsuspecting victims. The following is a graphical example of this process.
Q: What can be done to prevent email spoofing?
A: Mail spoofing operates upon the basic functions of SMTP as defined by RFCs 821, 822, 2821, and 2822. These RFCs define how mail and mail servers should behave. In order to prevent the reception of spoofed email, the mail server administrators will have to engage the manufacturers of their mail servers in order to find out how to prevent reception of spoofed email.