Fetchmail and MailScanner question

Roland Ehle novirus at CARLO65.DE
Fri Nov 8 12:11:58 GMT 2002

Hi David,

Am Fre, 2002-11-08 um 13.01 schrieb David While:
> I did originally have the senders address (as reported in the brackets in
> the log entry), however the address reported by MailScanner in the log
> file is the address from the envelope of the original email which in most
> cases of Spam is forged. I started to do reverse DNS lookups on the IP
> address but the majority of senders of Spam don't have the reverse DNS
> entries set up.
> The sending SMTP server is the only reliable information - it is the
> server that sent the spam to you - that is all you can tell.

Fully ACK.

> To do what you are suggesting would require MailScanner to analyse the
> email and look at the headers to try and determine the originator of the
> spam which I suspect would be a fairly complex task (perhaps Julian would
> like to comment!).

I think, this is to much work, for statistical purposes only. But thank
you for this information.

> Hotmail does do Spam checking (according to their website) by activating
> the junk mail filter so maybe the users should turn this on so that the
> mail isn't forwarded.

I know, Yahoo does it too, meanwhile, but others don't as you may see on
my statistics page (http://www.is-on-stream.de/mrtg). The top spammer
IPs are those from the german Freemailers GMX and WEB.de.


More information about the MailScanner mailing list