[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: More then 2800 spams from the list...

On Tue, Mar 20, 2018 at 08:30:50AM -0500, David Wright wrote:
> On Tue 20 Mar 2018 at 08:28:20 (-0400), Greg Wooledge wrote:
> > P.S. someone said that bounces are generated using the Reply-To: header.
> > This is incorrect (or at least, would be a violation of the protocols).
> > Bounces are sent to the envelope sender address (the one given by the
> > sender during the SMTP session), without looking at the message itself.
> > 
> > Of course, the envelope sender is just as easy to forge as the
> > Reply-To: header is.  The sender only needs to lie about who it is.
> > The receiver has no way to verify the address, other than "yeah, that
> > domain exists in DNS".
> 
> But if that IP address sends loads of undeliverable mail,
> why not just block it? I was under the impression that
> that's what IP address blacklisting was all about.

That happens, certainly.  But not everyone is using a blacklist.
The spammer just has to find one system that's vulnerable and keep
hammering it until it, too, gets blacklisted.
Reply to: