At 1:20 AM -0400 2003/10/24, David Maxwell wrote:
Every decent SMTP MTA adds a 'Received-by:' header, which includes the
IP of the host that made the SMTP connection. Even open relay MTAs add
this, so you'll still have the IP of the sender of the email.
How many "decent" MTAs are open relays? Not many. Most "decent"
MTAs these days will refuse to be an open relay unless explicitly
configured that way.
How many spammers use open relays anymore? Not many. Most use
open proxies now.
Ahh. I see the problem now. (I really hate when I have to reverse-infer
someone's issue with one of my statements, because it couldn't simply be
raised as an issue.)
"so you'll still have the IP of the sender of the email."
should read:
"so you'll still have the IP of the host which made the TCP connection
to the MTA."
That host is either the spammer's MUA, an open-relay, or an open-proxy.
All of which are complicit in the sending of spam, so you do have
information you can use to prevent further spam from being delivered to
you in the same way.
David
P.S. And before someone jumps in - please remember that this isn't a
general discussion of tracking spam via headers, but specifically of
the degree of anonymity available to senders today, against a strongly
enabled and determined corrupt authority.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg