cancel
Showing results for 
Search instead for 
Did you mean: 

BT Email blocked because it was used by Spoofers

mikej101
Power User

BT Email blocked because it was used by Spoofers how do I get it unblocked?

 

Simple question but is there a simple answer ?

 

The first thing I would like to point out is - please educate your support people into the fact that because someone is sending out email from my email address, it does NOT mean that my account or computer have been compromised. When an email address has been 'Spoofed' it means exactly that - it's been faked.
Accounts versus addresses
Let me say that again: my email address is one thing, and my email account is another.
• My email account is what I use to log in and gain access to the email I've received. In most cases, it’s also what I use to log in in order to be able to send email.
• My email address is the information that allows the email system to route messages to my inbox. It’s what I give other people, like I might give you mike@whoever.com.
The two are related only to the extent that email routed to me using my email address is placed into the inbox accessed by my email account.
OK, I know that spammers can send email spoofing the “From:” address to make it look like it came from me.
How do they gain access to my account to do that? Have I been hacked?
No. I have not been hacked.

“From” spoofing means faking the “From:” address on an email to make it look like it came from me. To do it, spammers don’t need access to my account at all.
They only need the email address.

While an email account and an email address are related, they are not the same thing.

4 REPLIES 4

RyanJames
BT Employee
BT Employee

Hi Mike

 

Sorry to hear you are having issues with this. I can understand your frustration with this one, especially if you do not believe you have been hacked - but generally what we always do for security more than anything else is change the email password and then also get you to run virus scans on your mail devices using the emails.

 

Once that has been done we usually escalate this to a 2nd line team so they can unblock it via Microsoft systems, as that is essentially where the lock has been placed. If this has not yet been done I would recommend getting back in touch with our technical team on 0800800154 and they should be able to assist you with that.

 

Regards

Ryan

mikej101
Power User

Hi RyanJames,

You obviously haven't read my original message !

 

An email address and an email account are 2 seperate things !!!!!

 

It would appear from your answer that you do not actually understand what 'spoofing' is.

 

Microsoft or anyone else do nothing to stop this sort of thing from happening whilst the email 'system' allows email addresses to be used by any tom,**bleep** or harry. There is no security in place on the BT system to verify the senders authority to use a btconnect email address. It's an open relay system that does nothing to verify the senders identity.

 

I repeat - it's got nothing to do with email accounts or passwords.

Email spoofing is the creation of email messages with a forged sender address. Because the core email protocols do not have any mechanism for authentication, it is common for spam and phishing emails to use such spoofing to mislead or even prank the recipient about the origin of the message.

 

Something has got to be done by BT to stop this kind of thing happening.

 

Regards

 

Mike J 101

 

JamesL
Moderator
Moderator

Hi Mike, 

 

BT currently have several systems in place to try and reduce the chance of an Email address being spoofed we currently have an SPF record against the domain which limits where the email can be sent from, the fundemental problem with this is the reciviing server has to be looking for the SPF record for it to work, 

 

further to that we are currently working on DKIM and DMARC to get this fully setup and working with our current platform to further reduce the problem, 

 

Thanks

James 

 

JamesL
Moderator
Moderator

Further to the above, 

 

Microsoft require SMTP traffic to be autherised against the Email address you are sending with, if you try and authenticate using a different account to what your sending with you get an 554 error message,