Joe,
"Firstname1 Lastname1" Firstname2Lastname2@suspectdomain
where suspectdomain is a very recently registered domain (late August-early September).
But is that a problem, we dont do much with the sender domains actually.
Previously software spammers used all kinds of fake sender domains, but non they had registered themselves and not specifically recently registered ones. Has anyone else noticed this and has any thoughts about it?
Since more and more large servers are using SPF they got stuck a little there. A lot are also publishing SPF records in DNS now, that might be the reason they use self controlled domains now. If thats true we are pushing them in the right direction ;)
Bye, Raymond.