Re: spam SW, EMS/RFMS
- Date: Thu, 19 Mar 1998 10:37:52 +0100
...
EMS/RFMS seems to have two "interesting" features:
1) "MAIL From: <>"; i.e. there is no real From that can take
legal action due to fraud etc. Smart.
Right. But I've also seen - although I don't recall
whether they came from this particular source -
"MAIL From: <<>>". This can be caught.
2) It makes use of MX hosts that have higher cost than the best
one. At first this could seem like it just legitimately uses
MX-records, but the increase in traffic and bounces through
the host we run, chalmers.se; secondary MX for *.chalmers.se,
tells us this is not by chance, this is made by will.
I've noticed that too. It doesn't help them though,
since my mailhost and MX fallback host both have
exactly the same anti-spam measures, including
completely blocking a number of domains. But I must
add that I don't have a host-in-the-middle like you.
Piet