At 16:45 10/11/2005, Andrew Stephen wrote:
>On 11/10/05, Lesley Walker <lrw(a)clear.net.nz> wrote:
> > Simon Byrnand wrote:
> > > Not only that, but the sample message header they provided
> > > had many of the message fields obfuscated, including the
> > > message id tag and the time, making it extremely
> >
> > The reason they obfuscate some of the fields is that in some
> > cases the report could be going to the spammers themselves,
> > and the concern is that spammer will be able to identify the
> > user who reported them and exact some kind of revenge.
>
>Ah, yeah. That happens. I received several death threats after
>reporting some spam a year or so ago. Nothing happened (and I didn't
>really expect it to) but it does make one wary.
In my case however it wasn't a person(s) reporting the message, it
was one of their honeypot addresses that the spam was sent to, and
they claimed in a later email that the obfuscation was to protect the
honeypot address.
Fair enough, except it didnt seem to dawn on the guy that if I
couldn't work it out from my mailserver logs thanks to their
obfuscation then I couldn't find the customer with the trojan to do
anything about it, and on the other hand that if I could figure it
out by deduction (which I did) that the honey pot address would be in
my log files anyway and thus compromised if I were a spammer :)
Security by obscurity ? :)
Regards,
Simon
