[SURBL-Discuss] Software spam with recently registered (fake?)
sender domains
Alex Broens
surbl at alexb.ch
Sun Sep 12 11:11:02 CEST 2004
Jeff Chan wrote:
> On Sunday, September 12, 2004, 1:34:02 AM, Raymond Dijkxhoorn wrote:
> (Joe wrote:)
>
>>>"Firstname1 Lastname1" Firstname2Lastname2 at suspectdomain
>>>
>>>where suspectdomain is a very recently registered domain (late August-early
>>>September).
>
>
>>But is that a problem, we dont do much with the sender domains actually.
>
>
> Yes, only message body URI domains. :-)
>
>
>>>Previously software spammers used all kinds of fake sender domains, but non
>>>they had registered themselves and not specifically recently registered
>>>ones. Has anyone else noticed this and has any thoughts about it?
>
>
>>Since more and more large servers are using SPF they got stuck a little
>>there. A lot are also publishing SPF records in DNS now, that might be
>>the reason they use self controlled domains now. If thats true we are
>>pushing them in the right direction ;)
>
>
> Yes, but how can they avoid advertising a URI? Hehe.... ;-)
----------------------------
some.fake.rx-p-il-ls.dom\traq.php?1892
copy-and-pastè
i n t o y o ur Bro Ws eR
----------------------------
Alex
More information about the Discuss
mailing list