[SURBL-Discuss] Software spam with recently registered (fake?) sender domains

Alex Broens surbl at alexb.ch
Sun Sep 12 11:11:02 CEST 2004


Jeff Chan wrote:

> On Sunday, September 12, 2004, 1:34:02 AM, Raymond Dijkxhoorn wrote:
> (Joe wrote:)
> 
>>>"Firstname1 Lastname1" Firstname2Lastname2 at suspectdomain
>>>
>>>where suspectdomain is a very recently registered domain (late August-early
>>>September).
> 
> 
>>But is that a problem, we dont do much with the sender domains actually.
> 
> 
> Yes, only message body URI domains.  :-)
> 
> 
>>>Previously software spammers used all kinds of fake sender domains, but non
>>>they had registered themselves and not specifically recently registered
>>>ones. Has anyone else noticed this and has any thoughts about it?
> 
> 
>>Since more and more large servers are using SPF they got stuck a little 
>>there. A lot are also publishing SPF records in DNS now, that might be 
>>the reason they use self controlled domains now. If thats true we are 
>>pushing them in the right direction ;)
> 
> 
> Yes, but how can they avoid advertising a URI?  Hehe....  ;-)



----------------------------
some.fake.rx-p-il-ls.dom\traq.php?1892

copy-and-pastè
i n t o  y o ur Bro Ws eR
----------------------------

Alex



More information about the Discuss mailing list