james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Danny Angus" <da...@thought.co.uk>
Subject RE: SPAM #3
Date Fri, 22 Mar 2002 08:22:01 GMT

> Spammers use an openrelay SMTP server to post thru.  Let's call that
> machine A.  They make their headers appear to be from elsewhere.  Let's
> say that is machine B (it might be real or not).  When the mail arrives
> at machine C (it's desination), that mail server can see evidence of B
> (clearly), but also information pertaining to A?  Or is it that only
> information from some uplink A connects to is evident?

C should append a line a bit like:
"received by C[123.123.123.123] from A[432.432.432.432] at 00:00 GMT +0000"


>
> If C sends a digest (subject of a new RFC) to B of the message through
> SMTP saying "did you send this?", then there are two possibilities - (1)
> The answer is "no I did not", or (2) no such mail server.  Does A have
> record of the email?

pretty much not, once its sent or bounced the MTA is glad to get rid and
reclaim the space.

> If it does, can it determine that it was from the
> real email user?

Possibly yes depending how tightly it is set up itself to prevent relaying,
more likely no, if A has faked a message from a real user of B it would be
hard to differentiate from a bona fide one.

> Does this cover all the bases?
>
> Hmmm, I have half a feeling that this has been explained to me
> already.....
>
> Regards,


--
To unsubscribe, e-mail:   <mailto:james-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:james-dev-help@jakarta.apache.org>


Mime
View raw message