On Wed, Nov 6, 2013 at 1:30 PM, Landon <landonstewart@gmail.com> wrote:
How much trouble does your abuse department go to in order to obfuscate headers when providing evidence of spamming activity regardless of if it’s intentional/professional spammer activity or some kind of malware infection allowing a third party to spam. Especially for the pro spammers, we don’t want them list washing anything or worse yet becoming privy to spamtrap data if the reporting party wasn’t smart enough to obfuscate their own data before sending in the report.
Howdy, It depends on the exact situation, but the general-purpose answer is: none. zero. zip. The customer usually can't act on your information unless he can line it up with an entry in his own logs. He needs lots of details in the headers to figure out which computer or which of his users the message came from. And he needs that information to determine whether the message really came from his system -- headers get forged, you know. If he can line it up with an entry in his logs then, if he's a spammer, he knows what address the message was sent to rendering your obfuscation pointless. And by now spammers are very good at list scrubbing from the slightest bit of uniquely identifiable information they can get back. Assuming they bother, which many don't. It does depend on the situation though. You shouldn't be forwarding the customer 200 spam complaints. After a small sample of messages he either has enough information to track the source of the problem or he is the problem. Also, when I bounce spam, I scrub my antispam engine's report from the bounce. No point telling the spammer how he failed to reach me. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004