Mailing-List: contact james-dev-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "James Developers List" <james-dev@jakarta.apache.org>
From: "Danny Angus" <danny@thought.co.uk>
To: "James Developers List" <james-dev@jakarta.apache.org>
Subject: RE: SPAM #3
Date: Fri, 22 Mar 2002 08:22:01 -0000
Message-ID: <NEBBLGHPOKBHJAFMPGHJKEDAMCAA.danny@thought.co.uk>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="US-ASCII"
Content-Transfer-Encoding: 7bit
In-Reply-To: <3C9A5FEB.7080202@yahoo.com>
Importance: Normal


> Spammers use an openrelay SMTP server to post thru.  Let's call that
> machine A.  They make their headers appear to be from elsewhere.  Let's
> say that is machine B (it might be real or not).  When the mail arrives
> at machine C (it's desination), that mail server can see evidence of B
> (clearly), but also information pertaining to A?  Or is it that only
> information from some uplink A connects to is evident?

C should append a line a bit like:
"received by C[123.123.123.123] from A[432.432.432.432] at 00:00 GMT +0000"


>
> If C sends a digest (subject of a new RFC) to B of the message through
> SMTP saying "did you send this?", then there are two possibilities - (1)
> The answer is "no I did not", or (2) no such mail server.  Does A have
> record of the email?

pretty much not, once its sent or bounced the MTA is glad to get rid and
reclaim the space.

> If it does, can it determine that it was from the
> real email user?

Possibly yes depending how tightly it is set up itself to prevent relaying,
more likely no, if A has faked a message from a real user of B it would be
hard to differentiate from a bona fide one.

> Does this cover all the bases?
>
> Hmmm, I have half a feeling that this has been explained to me
> already.....
>
> Regards,


--
To unsubscribe, e-mail:   <mailto:james-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:james-dev-help@jakarta.apache.org>