said by satwilson:Yesterday I received another bogus email with attachment, not addressed to me but someone else @ sunflower.com.(WOW bought sunflower and manages their email accounts). The To: was not me! I am starting to wonder if WOW's server is corrupted.
I serious doubt it. Mail servers only deliver email to the recipient listed in the SMTP "RCPT TO:" argument. This is not necessarily the same as the visible "To:" header:
Received: from c.mail.sonic.net (c.mail.sonic.net [64.142.111.80])
by flph384.prodigy.net (8.14.4 IN/8.14.4) with ESMTP id s41BEAuJ010760
for <**********@pacbell.net>; Thu, 1 May 2014 04:14:11 -0700
Received: from Miyuki.aosake.net (reki.aosake.net [173.228.7.217])
(authenticated bits=0)
by c.mail.sonic.net (8.14.4/8.14.4) with ESMTP id s41BE6oi031683
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT);
Thu, 1 May 2014 04:14:07 -0700
Message-ID: <53622C7A.7040304@Miyuki.aosake.net>
Date: Thu, 01 May 2014 04:14:02 -0700
From: "NormanS" <**********@gmail.com>
Organization: PDR
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: **********@fastmail.jp
Pay attention to the "for" email address ("**********@pacbell.net"), vs. the "To:" email address ("**********@fastmail.jp"). 'Pacbell.net' is an AT&T domain, which is handled by Yahoo! servers. Yahoo! actually stamps the SMTP "RCPT TO:" value at the top of their headers, thus:
X-Apparently-To: **********@pacbell.net via 98.138.213.211; Thu, 01 May 2014 11:14:12 +0000
I sent the email with the above headers with "To:" set to the 'fastmail.jp' domain, and "Bcc:" set to the 'pacbell.net' domain. "Bcc:" recipients are suppressed; which is the whole purpose of "Bcc:".