Re: More then 2800 spams from the list...
On Tue, Mar 20, 2018 at 08:30:50AM -0500, David Wright wrote:
> On Tue 20 Mar 2018 at 08:28:20 (-0400), Greg Wooledge wrote:
> > P.S. someone said that bounces are generated using the Reply-To: header.
> > This is incorrect (or at least, would be a violation of the protocols).
> > Bounces are sent to the envelope sender address (the one given by the
> > sender during the SMTP session), without looking at the message itself.
> > Of course, the envelope sender is just as easy to forge as the
> > Reply-To: header is. The sender only needs to lie about who it is.
> > The receiver has no way to verify the address, other than "yeah, that
> > domain exists in DNS".
> But if that IP address sends loads of undeliverable mail,
> why not just block it? I was under the impression that
> that's what IP address blacklisting was all about.
That happens, certainly. But not everyone is using a blacklist.
The spammer just has to find one system that's vulnerable and keep
hammering it until it, too, gets blacklisted.