>What some spammers used to do when dialup connections were still >common and broadband rare is that they would use a dialup session as >the purported source of the packets but really send the bulk of the >message from a high speed connection. The dialup connection telling >the high speed connection which sequence numbers to employ. Spammers used to do that, but it didn't involve any address spoofing, just routing games. The bad guy had a T1 and a dialup into the same box. It used the IP of the dialup its traffic but sent outbound packets over the T1, getting return packets via the dialup. Since spamming involves a lot more outbound than inbound traffic, this still let them use most of the T1. When the dialup ISP noticed and cancelled the dialup account, they'd just switch to another one, typically using a stack of free trial AOL disks. Regards, John Levine, johnl@xxxxxxxx, Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor "More Wiener schnitzel, please", said Tom, revealingly. _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf