Re: drums2?


Keith Moore wrote:

An analysis of 9419 recent
email meesages shows 109 with such offsets, all in the range
-1500 to -1900 (and all of those messages are spam).



yet another telltale spam clue (for now).

Keith


I have found (and others have independently found) that
Spam often has fouled-up Date headers (another common
foul-up in the zone of spam is a long zone name such as
"Eastern Standard Time").

And message-ids are often also fouled-up, because spammers
tend to send some random garbage in HELO (or EHLO), which
many MTAs simply copy as the "domain" part of the message-id
(when generating one and if the message already lacks a
Message-ID header).

It's not uncommon for fields with addresses (To, From,
Reply-To, etc.) to have bad syntax in spam.

<Prev in Thread]	Current Thread	[Next in Thread>
Re: drums2?, (continued) Re: drums2?, Bruce Lilly Re: drums2?, Arnt Gulbrandsen Re: drums2?, Bruce Lilly Re: drums2?, Arnt Gulbrandsen Re: drums2?, Bruce Lilly Re: drums2?, Keith Moore Re: drums2?, Bruce Lilly Re: drums2?, Keith Moore Re: drums2?, Bruce Lilly Re: drums2?, Keith Moore Re: drums2?, Bruce Lilly <= Re: drums2? (timezones), Graham Klyne Re: drums2?, Arnt Gulbrandsen Re: drums2?, Charles Lindsey

Previous by Date:	Re: drums2?, Keith Moore
Next by Date:	Re: radical suggestion, Jacob Palme
Previous by Thread:	Re: drums2?, Keith Moore
Next by Thread:	Re: drums2? (timezones), Graham Klyne
Indexes:	[Date] [Thread] [Top] [All Lists]