On Sat, Mar 08, 2003 at 08:22:46PM -0700, Vernon Schryver wrote:
Consider the common claims about spammers forging headers. When was
the last time you saw spam supposedly from CERT? Don't you think that
if spammers were willing to forge headers to get around simple
whitelists, at least some would use that envelope or header From value?
I have tracked back around 150-200 spam mails and not in a single
case the header was not forged. This means that I received trustworthy
statements from the domain owner, IP owner or ISP that the given
sender address never had existed or - in a few cases - that they
existed but the user was evidenced innocent. This is not an assumption
or conclusion, it is a verified statement of the authorized owners.
There are very few cases where the spam is just a bait to verify
the recipients address, asking the recipients to "opt out", and thus
verify their address and mark them as a "spam reader".
From my experience >99% of the spam contains forged sender addresses
(and wrong host names in the SMTP helo command, but that doesn't
really matter).
I definitely can't understand what makes you believe that spam
messages do usually not contain forged headers. That's one of the
most obvious and easiest to verify facts about spam.
Hadmut
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg