[extraduder_ire]

To many normal people the "from" field in an email means that it came from there.

I am wondering how they get the data back though, unless they demand it is faxed, or sent to another email address. (Or the person replying doesn't notice the different reply-to address.)

[hedora]

Interestingly, gmail trusts the from field, so if I send a message “from” you to your account, it will put it in your sent folder.

Urban legend says people have been fired after forged harassment emails were delivered this way.

Google claims this is a feature, and the sent “label” isn’t meant to mean that it came from your gmail account.

For instance, there could be a corporate service firehosing spam at coworkers on your behalf, and obviously you don’t want to notice that, so it puts it in the sent box.

[extraduder_ire]

I thought gmail enforces SPF for gmail emails. I'd try it myself, but I don't want the few machines I have with port 25 unblocked to get a worse spam rating.

Is this documented anywhere?

[jaywalk]

If the email account has been hacked (which it has in this case) then it can just go back to the original hacked email.

[singleshot_]

Generally email systems will have rules that support things like “if this account gets any mail from this address at Facebook.com, move it to some obscure folder and forward it to badguy@gmail.com” which is sometimes how this plays out.