From: Christopher Evans <teknopup(_at_)bigvalley(_dot_)net>
majority of spam emails are using forged addressing,
As far as I can tell, that is wrong. Only a minority of spam carries
either header or envelope from values that the spammer cannot claim
as its own. By the time you poke at the return addresses, they often
have been terminated, but they are still the spammer's.
Note that differences between the reverse DNS name of the SMTP
client and the header or envelope from value do not constitute
evidence of forgery, unless you call your friends forgers when
they send you picture postcards while on vacation and use their
home return addresses.
propose that receiver smtp
server connect to the sending server and see if the server bounces on that
users
address.
Please read about "deadly embrace."
Vernon Schryver vjs(_at_)rhyolite(_dot_)com