On May 6, 2003 at 12:02 bobatk(_at_)exchange(_dot_)microsoft(_dot_)com (Bob
Atkinson) wrote:
An interesting observation is once you've eliminated the domain
spoofing, what you've then got in hand is a domain name that you can
reasonably believe has some amount of responsibility for the
transmission of the message.
Not much more than you did by (intelligently) looking at the Received
lines.
One of the major sources of spam right now seems to be zombie robot
hosts, hosts who have had a virus injected into them which turns them
into unwitting spam slaves*.
So the spam is being delivered by 123-456-789-123-dsl-pool.telco.com
and guess what it seems to be from
xxxdvd(_at_)123-456-789-123-dsl-pool(_dot_)telco(_dot_)com
who assures you that anything from (don't make me type it again)
is indeed from (I'm just not going to type it again.)
Now what do you know?
* Could someone please teleport that sentence back to the TCP-IP list
of 1985 and get the reaction?
--
-Barry Shein
Software Tool & Die | bzs(_at_)TheWorld(_dot_)com |
http://www.TheWorld.com
Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD
The World | Public Access Internet | Since 1989 *oo*
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg