Mikey Posted February 12, 2004 Share Posted February 12, 2004 There are several references now in places on SC and other places about spammers ability to track those who report them. Alas, it appears that I was NOT paranoid after all! So my question is, how are they doing this? Someone must have some intel on this if they believe it is happening. These are my guesses. Again, perhaps I'm paranoid.... 1. "Random" text at the end of subject lines 2. "Random" text at the end of the body, often after the /html tag 3. Recipient username or entire E-mail referenced in body (obviously) 4. "From" usernames that appear to be random (or joe-jobs) but aren't 5. X-mailer fields 6. "Random" text or English words within the body, often obscured by html tags 7. Message-Id fields I have had people tell me that all the above items are only there to confuse content-checking spam filters, particularly simple client filters. However I don't think that is true. Certainly munged X-mailer fields will disguise the fact that they are using rat-ware to send the spam. Yet I don't think putting x56ffg on the end of a subject line is going to do anything to fool spamassassin or anything else. As far as I know, nearly everything in the header (and obviously the body) is subject to tampering. So I know they COULD do it anywhere, I was just curious if someone knows for a fact, "This is how they are doing it...." So what do you experts say? Thanks. Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.