my address book was copied and email sent to people on my list of poor taste

RESOLVED INVALID

Status

--
major
RESOLVED INVALID
9 years ago
8 years ago

People

(Reporter: rpmak, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

9 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7 GTBDFff GTB7.0
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20100111 Thunderbird/3.0.1

Friend received email from me and my address which I DID NOT SEND nor have on my machine.

Reproducible: Didn't try
Group: core-security

Comment 1

9 years ago
Why do you assume that this was done by Thunderbird ?
(Reporter)

Comment 2

9 years ago
Thunderbird is my only mail server that is why I assume it to be thunderbird problem is not logical this way?
There are several possibilities I can imagine here that don't involve a bug in Thunderbird:

1. Some virus on your computer used the external API of Thunderbird to create and send a message to people in your address book.
2. Someone obtained the username and password to one of your email accounts and used it to send messages to people.
3. Some spammer is sending messages to people and just happened to use your email address.
4. Some virus on the other person's computer added a message which appeared to be from you (by looking in their address book).
5. Someone is playing a prank on you and either dropped a message in the other person's mailbox pretending to be you or used your machine while you weren't looking to send it and "erase" all traces of it.

It is possible to distinguish between some of these possibilities by looking at the message headers, specifically the Received headers and any SPF headers that may exist. These, assuming that a transit server was not compromised, will give the full history of the delivery of a message from source computer to the recipient's email server.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.