Re: spam SW, EMS/RFMS

To: Gunnar Lindberg < >
From: Piet Beertema < >
Date: Thu, 19 Mar 1998 10:37:52 +0100
Cc:

    ...

    EMS/RFMS seems to have two "interesting" features:
    
        1)	"MAIL From: <>"; i.e. there is no real From that can take
    	legal action due to fraud etc. Smart.
Right. But I've also seen - although I don't recall
whether they came from this particular source -
"MAIL From: <<>>". This can be caught.
        
        2)	It makes use of MX hosts that have higher cost than the best
    	one. At first this could seem like it just legitimately uses
    	MX-records, but the increase in traffic and bounces through
    	the host we run, chalmers.se; secondary MX for *.chalmers.se,
    	tells us this is not by chance, this is made by will.
I've noticed that too. It doesn't help them though,
since my mailhost and MX fallback host both have
exactly the same anti-spam measures, including
completely blocking a number of domains. But I must
add that I don't have a host-in-the-middle like you.


	Piet

Post To The List:

References:
- spam SW, EMS/RFMS
  - From: Gunnar Lindberg

<<< Chronological >>>

Author Subject

<<< Threads >>>