Everything posted by cabbey
Yeah Farelf, consistency is what I'd like to see. And there are certainly ways for the spammers to uniquely identify who they sent to other than this, so yeah, I'm not holding my breath on this as some form of crucial defense mechanism. But I do think a lot of spammers are "in cohouts" with their ISPs and are being fed these reports. About the only change in my reporting behavior now is to not report spammed websites as much when I see my email in the clear in the report. In all reality, I'm finding that the mailhosts support, now that I have it configured, is cutting back on the reports back to the folks I think are the spammers pretty well... or at least it's cutting back on the 'noise' reports going to innocent networks named in the forged headers. A win either way.
Yep, aware of that... and as you say it's not practical anyway. Yeah, the report preview on the report page shows several addresses munged, but not these ones. The few past reports I've looked at have always matched what the preview showed.
Lately I've seen a rise in the instances of my email address being passed along in the spam reports instead of being obfuscated with X. This is happening in two locations lately: 1. the from header, usually looking like: $random_first_name $random_last_name <my_address[at]my.domain>, but I've also seen the address "encoded" as my_address_my_domain[at]bogus.domain, or as naimod.ym[at]sserdda_ym.$random_country_code (turn the address around backwards and slap on a random country code.) I've probably seen this in 70 to 80 spams this week. 2. the subject. This one I've only seen once, and it was mirrored backwards as above. Can we please get the obfuscator updated with these new tricks? especially the from header, since it seems common all of a sudden.