On Wed, 24 Sep 2003, Stephen J. Wilcox wrote:
The one that they're doing on my own domain which I mentioned on list some months ago is still going strong with many Mbs of bounces per day.. I think its fair to say there is very little you can do as tracking the source is almost impossible..
That depends on how detailed the bounce is, to an extent. Many of the bounces actually contain a complete copy of the message that generated the bounce. Ie, the full spam and nothing but the spam. From that you can find the original source IP. Of course that source IP may very well be an open proxy. You're screwed if that's the case. However since you have a complete copy of the spam you can still follow the money trail. Spammers have to get their money somehow. The actual spam will give you many places to start. Of course once you have that you still have to convince a provider to take action against their customer. Justin