Results 1 to 10 of 24

Thread: Zombie

Hybrid View

  1. 11-28-2010, 03:08 PM #1
    Mike Easter Guest

    Re: Zombie

    Li'l Abner wrote:

    > The spam I got from him had his own return email address, as did the others
    > who complained to him. How would they have known who to complain to if it
    > didn't come from his email address. You think his neighbor's machines would
    > send out email with *his* return address?

    As a general rule, the vast majority of spam sourced from the zombies
    does *not* have the From of the computer which sourced the spam.

    You do not determine the source of a spam from the From. You determine
    the source of a spam by carefully examining the headers to determine the
    source IP.

    The small minority of spam which comes from a mail account in which the
    From actually *does* represent th source of the spam comes from cracked
    webmail passwords, so the source of the spam in those cases is the
    From's webmail account.

    In such a case the machine in question is not the source of the webmail.

    As a general rule, except for the cracked webmail account example above,
    the source of a spam is *not* the From.


    --
    Mike Easter
    Reply With Quote Reply With Quote
  2. 11-28-2010, 07:53 PM #2
    Li'l Abner Guest

    Re: Zombie

    Mike Easter <MikeE@ster.invalid> wrote in
    news:8lfr5iF8f5U1@mid.individual.net:

    > Li'l Abner wrote:
    >
    >> The spam I got from him had his own return email address, as did the
    >> others who complained to him. How would they have known who to
    >> complain to if it didn't come from his email address. You think his
    >> neighbor's machines would send out email with *his* return address?
    >
    > As a general rule, the vast majority of spam sourced from the zombies
    > does *not* have the From of the computer which sourced the spam.
    >
    > You do not determine the source of a spam from the From. You determine
    > the source of a spam by carefully examining the headers to determine
    > the source IP.
    >
    > The small minority of spam which comes from a mail account in which
    > the
    > From actually *does* represent th source of the spam comes from
    > cracked
    > webmail passwords, so the source of the spam in those cases is the
    > From's webmail account.
    >
    > In such a case the machine in question is not the source of the
    > webmail.
    >
    > As a general rule, except for the cracked webmail account example
    > above, the source of a spam is *not* the From.

    Please see my reply to VanguardLH. It may contain a lot of that "more
    informatioo" you were requesting.

    --
    --- Everybody has a right to my opinion. ---
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules