Re: [nznog] Paradise.Net SMTP server blocked.

At 16:45 10/11/2005, Andrew Stephen wrote:

On 11/10/05, Lesley Walker wrote:

...

Simon Byrnand wrote:

...

Not only that, but the sample message header they provided had many of the message fields obfuscated, including the message id tag and the time, making it extremely

The reason they obfuscate some of the fields is that in some cases the report could be going to the spammers themselves, and the concern is that spammer will be able to identify the user who reported them and exact some kind of revenge.

Ah, yeah. That happens. I received several death threats after reporting some spam a year or so ago. Nothing happened (and I didn't really expect it to) but it does make one wary.

In my case however it wasn't a person(s) reporting the message, it was one of their honeypot addresses that the spam was sent to, and they claimed in a later email that the obfuscation was to protect the honeypot address. Fair enough, except it didnt seem to dawn on the guy that if I couldn't work it out from my mailserver logs thanks to their obfuscation then I couldn't find the customer with the trojan to do anything about it, and on the other hand that if I could figure it out by deduction (which I did) that the honey pot address would be in my log files anyway and thus compromised if I were a spammer :) Security by obscurity ? :) Regards, Simon