Jump to content

Parser not cleaning up domain name


karlisma

Recommended Posts

Sorry, I can not understand what you are asking.

Could you restate your question / comment?

xjd looks to me like a forged from / reply to address.

Does it happen to be your addresses? Based on the alias "Heather" being the same for the To address that would be my guess.

To the best of my knowledge the parser never munges the "from" / "reply to" addresses.

Is that your question? Why it did not munge it?

Link to comment
Share on other sites

Sorry, I can not understand what you are asking.

Could you restate your question / comment?

xjd looks to me like a forged from / reply to address.

Does it happen to be your addresses? Based on the alias "Heather" being the same for the To address that would be my guess.

To the best of my knowledge the parser never munges the "from" / "reply to" addresses.

Is that your question? Why it did not munge it?

It is my domain name. Just right after that xjd. And Yes, it is forged because it doesnot exist, only the domain name stays the same.

Parser cleans up only exact reporters address, also when it is put in from field (or wherever in submitted spam).

xjd[at]mydomain.dot is fake address, and i think it is used to track the munged-by-parser address. Therefore i'm not kinda feeling good.

And Yes, I know, i will regreat forever for making report and for putting link in forum. :)

Link to comment
Share on other sites

...Parser cleans up only exact reporters address, also when it is put in from field (or wherever in submitted spam). ...And Yes, I know, i will regreat forever for making report and for putting link in forum. :)
Well, not exactly right - it munges all addresses in the "To:" and "CC:" headers, not just the exact reporter's address though the type of spam with multiple addresses in one or either field is not seen so much lately. "Delivered to" and "for" statements are munged too.

But, your point that the parser process doesn't munge "From:" or "Reply to:" is correct. As dbiel observes it probably never does - that is part of the "evidence" against the spammer, the fact of falsification of the apparent source. This (presumably) is an instance where it is not permissible to manually munge either.

Thanks for pointing this out, particularly in view of your long-held cautiousness about making detail known.

Link to comment
Share on other sites

One other thing to keep in mind is that the Parser munges on two different levels and the data that is munged varies in both based on your user settings: Preferences---> Report Handling Options --->

spam Munging

Obscure identifying information

Leave spam copies intact

Become a "mole" - Don't even send reports (mostly pointless)

The two level of munging are: the data displayed when clicking on a tracking URL and the data that is contained in the reports that are sent.

Actually, the user preferences only affects report munging. The parser automaticly munges display data related to the trackingURL.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...