Date: Mon, 28 Jul 1997 15:46:08 -0700 (PDT) From: Tom <tom@uniserve.com> To: Tony Kimball <Anthony.Kimball@East.Sun.COM> Cc: ahd@kew.com, chat@FreeBSD.ORG Subject: Re: bouncing mail from sites without a valid MX/A record Message-ID: <Pine.BSF.3.96.970728153805.11090D-100000@shell.uniserve.com> In-Reply-To: <199707282109.QAA17786@compound.east.sun.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 28 Jul 1997, Tony Kimball wrote: > [Again, I redirect to chat.] > > Quoth Drew Derbyshire on Sat, 26 July: > : > : Actually, this nukes about ~ 20 - 60 % of the SPAM off the top. > : Sites don't like their good name used by spammers, so many SPAM Yes, and there is a legal precendent to sue. Prodigy sucessfully forced Cyber Promotions to never include prodigy.com anywhere in the headers of spam. > : generators just generate random all number domains in .COM. > : > > Hmm. I've received about 198 spam messages in the past 3 months. I > don't find *any* tainted by bogus domains. Nary a one. In fact, they > all have valid MX records deducible from the headers, although in many Don't look at the headers, look at the envelope sender. Most mail servers put this into the Return-Path header. I see that 25% of the spam that I received in the last few days would be blocked by a valid MX check. > cases there is no identifiable mailbox at the corresponding smtp host. > The top three sources account for 75% of all spam recieved, and they > are Cyber Promotions, Juno, and HotMail. Those aren't really "sources". They just happened to mentioned in the headers. Juno and Hotmail addresses are oftened mentioned because Juno and Hotmail provides free addresses, that spammers can use to collect responses. I've never seen any spam originate from hotmail or juno. As far as Cyber Promotions, lots of spam mentions savetrees.com, or answerme.com, but never originated from Cyber Promotions. Why? Because spammers buys mailing list from Cyber Promotions, but doesn't want to spring for the extra cost of the Cyber Promotions mail relay service, so spammers steals mail relay service from open mail server. > My sample may not be statistically representative, but it is at least > *reality-based*. I'd like to learn of more broadly representative > studies. Tom
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970728153805.11090D-100000>