Like many of you, I'm getting a deluge of dodgy "Microsoft" security updates.
My plan such as it is, is that when my catchall mailbox gets a lot of junk, if it's all to the same xxx@mydomain, I'll redirect it elsewhere.
If there may be mail I want to keep I'll make a mailbox for it so I can filter it on a low priority.
In other cases, such as when my irc program shows an email of email@example.com (combining the rdns name and an old user name), I'll redirect that to firstname.lastname@example.org.
(example.com is defined by RFC to never be a valid address.)
But anyway, back to my story. Once I saw the deluge arrive, I went to find out the email address it was sent to. Before, the address was clearly in the headers, but not this time, as all the headers were faked.
A quick jump into telnet pop3.force9.net 110 and I did a TOP on a sample junk message. Alas, the email address wasn't clear from the header.
It was only because I got one of the many automatic "You have sent us a virus" mails which had the addresses in the clear that I could know which one to junk. The virus didn't come from my computer, but wrongly telling me otherwise did inadvertanly serve a purpose.
But anyway, what could I do in future? How do I find out the RCPT TO of any given email?