[SpamCop-List] Re: Beware of MAILHOSTS !!!

[Marjolein Katsma]

GV (nobody at spamcop.net) wrote in news:c3nd1a$8f2$1 at news.spamcop.net:

> For all yahoo email accounts you do one registration. With this
> registration spamcop registeres (among others) the mail exchanger (MX
> in DNS) and the domains. If the mail exchanger changes spamcop can
> check with DNS to update the information. The important thing of the
> registration process is that spamcop remembers the path from the
> registered MX for your domain (e.g. yahoo.com) to the final
> destination (in particular then when you forward mails from one
> account to another). 

That's exactly my issue. My mail follows many paths. I'd have to think 
ahead of all possible paths and register all of those with SC? The 
*paths* are a great deal more numerous than the, what was it, 9 or 10 
servers I use.

> What registration does, is that it sends an email to the MX of your
> email address and you have to return the received emails.

And what about that "confirmation email" itself: is it a spam message? 
if not, it *will not* always follow the same path as a non-spam message. 
So if the confirmation message isn't spammy, and the mail is returned, 
what SC will see is a *different* path than that which spam mails woudl 
follwo - so how is it going to deduce the correct path to remember for 
spams?

> Example: foo at somewhere.com: mails travel from mx.somewhere.com ->
> relay.somewhere.com -> mailserver.somewhere.com. The last one is the
> server where you read your mails and forward spams to spamcop. The
> test mail for registration goes that way. Spamcop analyses the headers
> and saves the above information. If now, you receive a spam mail at
> your account, spamcop does know that the mail travels that
> mx->relay->mailserver path and in particular knows that mx is the
> place of "handoff" 

No, it knows the path only for its own confirmation message. It does not 
necessarily know the path for a spammy message if it didn't send a 
spammy message.

> With the registration it trusts the handoff point for your domain. The
> source there can be an open relay or itself the origin of the spam
> mail. 

Or simply a completely normal mail server, not an open relay, not a 
proxy.

> I hope, I didn't write too much, though...

No, it certainly helps to clarify things, thanks. (The beginnings of teh 
better web page!)

But there are still holes in it; you may not know the answers, though...


-- 
Marjolein Katsma - Amsterdam, NL - http://hshelp.com/
Spam reporting addresses: http://banspam.javawoman.com/report3.html

Spammers steal resources: they're my enemy.
Cyveillance steals resources: they're my enemy.
The enemy of my enemy can be my enemy, too.