I received an email but the "to" address is not mine

The most likely answer is that you have been Blind Carbon Copied(Bcc) on the email. Usually this happens when the sender is actually addressing the party in the To: address, but would like you to see the information without the To: party knowing that you were included on the email.

Mass or group mailings also typically use Bcc to deliver mail to many users without disclosing the email addresses of everyone on the list to everyone.


As heavyd mentioned, you could be receiving the email as a Blind Carbon Copy (BCC). If someone is sending email to many email addresses at once, such as for a mailing list or Microsoft Outlook personal distribution list, a common technique is to put one address in the "to" line, sometimes the sender's own email address, and put all the other email addresses as BCC addresses, so that everyone on the list doesn't see the email addresses of everyone else on the list. This is done not only for privacy, but also to protect people on such lists from spam, since if one of the recipients has a system infected by malware that scans systems for email addresses to use for spam distribution, then everyone in the list may start receiving spam because their email address was in a message received on the infected system.

Also, spammers often use spoofed "from" addresses to hide the source of spam. You can't rely on a "from" email address as indicating the true originator of email, because it is trivial to put any address you choose in the "from" address of a message even with commonly used email clients and spammers often have software specifically designed to insert spoofed "from" addresses, e.g., ones gleaned from infected systems, since if they find an email address on an infected system, they can then have the malware they've inserted into the system send email to everyone else on the list with one of the addresses they found as the "from" address, since other recipients will likely recognize the "from" address, assume the message is actually from someone they know, and thus open an attachment to the message that infects their system as well. And, if their antivirus software detects the attachment as infected and they reply to the "from" address to warn the sender, they won't be warning the actual sender, whose system may continue to transmit spam, because the owner is unaware it is infected. So you can't assume the message you received actually came from [email protected].

It also may help to understand how an email client or email server communicates using the Simple Mail Transfer Protocol (SMTP) with an email server to which a message is being sent to understand how the email "to" address you see can differ from the one that was used by the receiving server. E.g., a sending email server will announce itself to the receiving email server with a "helo" or "ehlo" command. The receiving server acknowledges that message and then the sending server issues a "mail from" command followed by an email address, then a "rcpt to" command followed by an email address, which specifies the email address the receiving server will use to route the message. Then the sending server issues a "data" command, which it follows by sending not only the message body, but the "from", "to", "subject" etc. that you will see when you view a message in your email client. The "from" and "to" that follow the "data" command can be anything; they don't have to match the ones the server sees in the "mail from" and "rcept to" commands. The addresses that follow the data command don't affect how the message is routed to an inbox, just what you see when you view the message with an email client. You can see an example of an exchange with a receiving SMTP server at SMTP Example Session.

So what you see in your email client as the "to" address is not necessarily the "rcpt to" address your incoming email server saw and which it used to route the email to you, which could be due to the fact that you were a BCC address or due to the way some sending software created by a spammer was written to send spam to a multitude of addresses by simply using the same "to" line in the body of the message.

Tags:

Email