Subject:
|
Re: "EarthLink.Net" = spam ?...
|
Newsgroups:
|
lugnet.off-topic.geek
|
Date:
|
Tue, 8 Aug 2000 04:41:39 GMT
|
Reply-To:
|
mattdm@mattdm.NOSPAMorg
|
Viewed:
|
117 times
|
| |
|
|
Franklin W. Cain <fwcain@yahoo.com> wrote:
> Over the past several months, I have noticed that an increasing percentage
> of the spam I receive is from addresses in the "earthlink.net" domain.
Earthlink is a very popular isp -- second after AOL. (Or perhaps third after
Juno; depends how you count.) So it's very likely that people pick
Earthlink as a target for forged addresses. It's also common to see things
purporting to come from AOL or Hotmail.
> When I forward said messages to EarthLink's postmaster, they invariably say
> "The headers were forged, dude, not my problem" or words to that effect.
> Just how can these spammers be forging EarthLink's domain so easily
It's *incredibly* easy to forge headers. Go to your e-mail program. Set
your address to something other than your real one. Send a message. Presto,
you're a forger. Spammers often use slightly more sophisticated techniques,
but that's the principle. So the Earthlink people were very likely telling
the truth.
> It has gotten to the point that I have just installed a filter (removing
> one of my other anti-spam filters) redirecting all email -- *ALL* email --
> from the "earthlink.net" domain *immediately* to my Trash folder.
> (...Serves the sunzabiches right!...)
This is exactly why they pick such popular ISPs. You're very likely to be
missing out on legitimate mail with this scheme.
However, it *is* usually possible to determine the actual origin of an
e-mail message by reading the full headers. Check out the "Tracing an e-mail
message" section of the alt.spam FAQ (which you can find at
<ftp://rtfm.mit.edu/pub/usenet-by-hierarchy/alt/spam/>) for some info on how
to do this. Feel free to post any questions here.
--
Matthew Miller ---> mattdm@mattdm.org
Quotes 'R' Us ---> http://quotes-r-us.org/
Boston University Linux ---> http://linux.bu.edu/
|
|
Message has 2 Replies:
 | | Re: "EarthLink.Net" = spam ?...
|
| You're right in that the "real" sender's identity (or at least, sending location) can be traced via the headers, etc., and I know how to change my options to see all the headers/trailers/etc. I can see now how they could fake a return address and (...) (24 years ago, 8-Aug-00, to lugnet.off-topic.geek)
| | | Re: "EarthLink.Net" = spam ?...
|
| (...) Also, you might take a look at spamcop - (from memory, www.spamcop.net?). it'll analyze the headers for you, and even send mail to the right addresses to complain... I've found it quite effective. :) Dan (24 years ago, 8-Aug-00, to lugnet.off-topic.geek)
|
Message is in Reply To:
| | "EarthLink.Net" = spam ?...
|
| Over the past several months, I have noticed that an increasing percentage of the spam I receive is from addresses in the "earthlink.net" domain. Has anyone else noticed this? When I forward said messages to EarthLink's postmaster, they invariably (...) (24 years ago, 8-Aug-00, to lugnet.off-topic.geek)
|
5 Messages in This Thread:
  
- Entire Thread on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
This Message and its Replies on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
|
|
|
|
