> From: Iljitsch van Beijnum <iljitsch@muada.com> > ... > Stopping header forgery would be useful in and of itself, Many people who say that have strange notions of "header forgery." They consider using your home mail address as a sender or return email address when sending mail while away from home to be "forgery" but they don't have any problems using their home postal addresses on postcards while on vacation. > but > regardless of that it will also help against unsollicitated bulk email. That is not logical, unless you assume that spammers have no alternative to using header forgery. > I downloaded the list with known spam address blocks from spews.org. It > lists around 1600 spammers and 14000 addresses or address blocks. > Obviously spammers are trying hard to cover their tracks. Filtering out > 1600 spammers is easier than filtering out many more thousands of > individual addresses. I'm assuming we can come up with some identifier > that's harder to change than an IP address. That is a tall assumption. Unless you involve national governments, I've never yeard of an identifier that is harder to change than an IP address, except when you get your IP addresses from ISPs that look away from the spam of their customers and the customers of their resellers. Such ISPs would be as happy to sell new identifiers of whatever sort you like to spammers as they have been happy to rent IP addresses. > A quick look at a week's worth of email for an account I've used to > post to Usenet for nearly 10 years (370, 98% spam or mailinglists I > can't unsubscribe) tells me around 75% of the spam I received either > has obvious header problems or employs some kind of anti-anti-spam > measure. Also around 75% is of a pharmaceutical, sexual or financial > nature (often at least two of those at the same time). There is no > obvious correlation. I notice that you wrote "header problems" instead of "forgery." > > That leads to a major problem in dealing with spam. Most people > > who say they want to stop spam in fact have other goals that they > > value more. > > Yes, it seems like many of them are more interested in perpetuating the > status quo. I do not agree with that. Some people do have usually unconcious interests in the status quo, but most people are doing illogical things like attacking header forgery as if spammers could not create zillions of valid user names at free or cheap providers or domain names and avoid header forgery. Vernon Schryver vjs@rhyolite.com