[Dshield] Combating SPAM from Yahoo
gander at hickorytech.net
Fri Aug 30 03:16:51 GMT 2002
Actually, this is not true 99.9% of the time.
Spammers use Yahoo as a forged "from" address frequently. By looking at the
fully expanded headers of the mail, you will see that it most often has
nothing to do with yahoo, regardless what is in the "From:" address
field. The "From:" address field is completely irrelavant in mail
delivery. It is put there from the sending mail client for aesthetic value,
and it not actually used in the lower level mail transaction process.
...and be carefule looking at the headers - spammers also forge the
Reverse-DNS naming - making it look like the sending server was yahoo, etc
when the listed IP next to it is SWIP'd somewhere else - usually somewhere
You can test this yourself: in your mail client config, setup a profile
using ANY address as your "From" address. Then, send a mail to your real
address using this fake "from" address profile. Most ISPs will allow this
At 10:15 PM 8/29/2002 -0500, you wrote:
>If anyone gets spam from a Yahoo.com
>e-mail address, put this into your address book:
><mailto:mail-abuse at yahoo-inc.com>mail-abuse at yahoo-inc.com
> and forward the entire message as it was delivered to you.
>They take care of it promptly!
>Outgoing mail is certified Virus Free.
>Checked by AVG anti-virus system
>Version: 6.0.381 / Virus Database: 214 - Release Date: 8/4/02
More information about the list