![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SpamCop-List] Re: munging not suffcient
N. Miller
tdy at blackhole.invalid
Wed Aug 25 09:07:11 EDT 2004
In article <41270F0C.6D1C196C at gmx.net>, Anton Haumer says...
> SC munges my mail adress for the reports sent. But:
> Some of the spam I get shows my name in the subjext or the text.
> Here my name is _not_ munged!
> So when spammers get reports from spammer-friendly ISPs
> they know who has sent the report.
> Even more tricky: Spammers use an ID-number instead of the name ...
> How to avoid this? Manually munging is time-consuming.
> I use MailWasher - _not_ bouncing - to submit directly
> from my ISPs mailserver, this saves me a lot of time.
> Is SC able to do better munging?
Probably not. How would SpamCop mung these headers (beyond what I have
done)?
------------------------Begin------------------------
X-Apparently-To: x via 66.218.79.24; Thu, 19 Aug 2004 21:27:05 -0700
X-YahooFilteredBulk: 66.63.111.164
X-Originating-IP: [66.63.111.164]
Return-Path: <xkabfir at cc.umanitoba.ca>
Received: from 66.63.111.164 (EHLO ylpvm06.prodigy.net) (207.115.57.37)
by mta804.mail.yahoo.com with SMTP; Thu, 19 Aug 2004 21:27:04 -0700
X-Originating-IP: [66.63.111.164]
Received: from 66-63-111-164.metrocast.net (66-63-111-164.metrocast.net
[66.63.111.164])
by ylpvm06.prodigy.net (8.12.10 mpsfix/8.12.10) with SMTP id
i7K4QOS0019802;
Fri, 20 Aug 2004 00:26:36 -0400
Message-Id: <200408200426.i7K4QOS0019802 at ylpvm06.prodigy.net>
Approved-By: spamcheck at localhost (127.0.0.1)
Alternate-Recipient: Allowed
Newsgroups: spiderwort benign, carp laborious, incredible sonora, antonio
advice, missouri washburn
Phone: 1-(501)-706-4155
Comments: launch akron mange intimidate mcdowell ratio burnett hateful
populace senegal mitigate plaintive
Content-Class: urn:content-classes:message
Content-Identifier: twdwexqkeagrgdnzakeu
Reply-To: "Casey Figueroa" <xkabfir at cc.umanitoba.ca>
From: "Casey Figueroa" <xkabfir at cc.umanitoba.ca>
To: x
Cc: x, x, x,
x, x, x,
x, x, x,
x, x
Subject: [News] Time's Running Out to Re\fi @ 3.75%
Date: Fri, 20 Aug 2004 08:26:05 +0300
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="--4777665585816254"
X-UC-Weight: [# ] 72
X-CC-Diagnostic: Header "Alternate-Recipient" Exists (21),
Header "X-YahooFilteredBulk" Exists (51)
X-Text-Classification: spam
------------------------End------------------------
Everything between "Approved-By:" to "Content-Identifier:" may be coded so
the spammer would know who received the email, even after munging. The same
is true for the nonsensical gibberish appended to much spam. There are ways,
and there are ways to encoded data in a message that will link the message
to a recipient account; ways that you could never guess at.
--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint
More information about the SpamCop-List
mailing list