At 14:13 2005-03-09 -0600, David W. Tamkin wrote:
Pablo,
Most of the spam coming through is sent to other people in my company
many of whom are no longer with us and their accounts have been
deleted. How is it that other people on the server are getting those
e-mails.
I see spam like that a lot. The first address in a group (for the
spammer's definition of "group") is on the To: line and the rest are
bcc'ed, so only the lucky person on the To: line sees his/her own
address there. The others get copies that show only the first person's
address and not their own.
Yes, though sometimes multiple cleartext recipients are identified, rather
than just one - there's OBVIOUSLY quite a few BCCs though. One side-effect
of this is that the specific address _this_ copy of the message was
actually receieved at usually doesn't appear in the headers (certainly not
if the MTA is sendmail), because that data is excluded when there are
multiple recipients.
I suspect that spammers may be doing this to intentionally complicate
identifying what address was really subjected to the spam. Of course, you
can simply refer to the MTA logfile to get that data, but Joe domain
registrant enduser doesn't often have access to the logs, nor the interest
in checking them.
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail