From: Iljitsch van Beijnum <iljitsch(_at_)muada(_dot_)com>
...
Stopping header forgery would be useful in and of itself,
Many people who say that have strange notions of "header forgery."
They consider using your home mail address as a sender or return email
address when sending mail while away from home to be "forgery" but
they don't have any problems using their home postal addresses on
postcards while on vacation.
but
regardless of that it will also help against unsollicitated bulk email.
That is not logical, unless you assume that spammers have no
alternative to using header forgery.
I downloaded the list with known spam address blocks from spews.org. It
lists around 1600 spammers and 14000 addresses or address blocks.
Obviously spammers are trying hard to cover their tracks. Filtering out
1600 spammers is easier than filtering out many more thousands of
individual addresses. I'm assuming we can come up with some identifier
that's harder to change than an IP address.
That is a tall assumption. Unless you involve national governments,
I've never yeard of an identifier that is harder to change than an IP
address, except when you get your IP addresses from ISPs that look away
from the spam of their customers and the customers of their resellers.
Such ISPs would be as happy to sell new identifiers of whatever sort
you like to spammers as they have been happy to rent IP addresses.
A quick look at a week's worth of email for an account I've used to
post to Usenet for nearly 10 years (370, 98% spam or mailinglists I
can't unsubscribe) tells me around 75% of the spam I received either
has obvious header problems or employs some kind of anti-anti-spam
measure. Also around 75% is of a pharmaceutical, sexual or financial
nature (often at least two of those at the same time). There is no
obvious correlation.
I notice that you wrote "header problems" instead of "forgery."
That leads to a major problem in dealing with spam. Most people
who say they want to stop spam in fact have other goals that they
value more.
Yes, it seems like many of them are more interested in perpetuating the
status quo.
I do not agree with that. Some people do have usually unconcious
interests in the status quo, but most people are doing illogical
things like attacking header forgery as if spammers could not create
zillions of valid user names at free or cheap providers or domain
names and avoid header forgery.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com