james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Hammant <Paul_Hamm...@yahoo.com>
Subject Re: SPAM #3
Date Thu, 21 Mar 2002 22:34:19 GMT

Spammers use an openrelay SMTP server to post thru.  Let's call that 
machine A.  They make their headers appear to be from elsewhere.  Let's 
say that is machine B (it might be real or not).  When the mail arrives 
at machine C (it's desination), that mail server can see evidence of B 
(clearly), but also information pertaining to A?  Or is it that only 
information from some uplink A connects to is evident?

If C sends a digest (subject of a new RFC) to B of the message through 
SMTP saying "did you send this?", then there are two possibilities - (1) 
The answer is "no I did not", or (2) no such mail server.  Does A have 
record of the email?  If it does, can it determine that it was from the 
real email user?  Does this cover all the bases?

Hmmm, I have half a feeling that this has been explained to me already.....


- Paul

>My favourite quote was "I'd love to turn off China"
>But the point I get from this is that its the same old open-relay problem it
>ever was, with the twist of faked headers, to stop them being traced.
>And the solution is to educate email sysadmins.
>>-----Original Message-----
>>From: Paul Hammant [mailto:hammant@apache.org]
>>Sent: 21 March 2002 19:04
>>To: james-dev@jakarta.apache.org
>>Subject: SPAM #3
>>/. ->  http://slashdot.org/articles/02/03/21/1733224.shtml?tid=111
>>dosten <mailto:darren@osten.net> sent us a link to a story running on
>>Cnet about the spam epidemic
>><http://news.com.com/2009-1023-864815.html>. My favorite stat is that by
>>2006, we'll be getting 1400 spam a /day/. Of course, I get that every
>>/week/. Talks about foreign spam relays, block lists, and so on. Decent
>>piece explaining a huge problem that's only getting worse.
>>Addendum - 2002 JAMES coders formulate plan for phasing out of
>>unaccountable mail servers and upgrade JAMES itself to be compliant with
>>their new RFC.
>>To unsubscribe, e-mail:
>>For additional commands, e-mail:
>To unsubscribe, e-mail:   <mailto:james-dev-unsubscribe@jakarta.apache.org>
>For additional commands, e-mail: <mailto:james-dev-help@jakarta.apache.org>

To unsubscribe, e-mail:   <mailto:james-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:james-dev-help@jakarta.apache.org>

View raw message