At 08:34 PM 01/29/2005, David W. Fenton wrote: >I strongly doubt that's a valid explanation. > >Much more likely is that the spammers are using an SMTP program that >caches the DNS information for too long.
Yes, that's also possible. A random sampling of the headers of these emails shows that the first Received header is from the originating machine and by the Everyone.net SMTP server; most legitimate email I get has a first Received header from the originating machine and by *their* SMTP server (or their ISP's SMTP server). I assumed this meant that they were somehow getting information directly from Everyone.net, but I suppose they could just have their own very outdated DNS info and are sending things direct to target SMTP servers.
Aaron.
_______________________________________________ Finale mailing list Finale@shsu.edu http://lists.shsu.edu/mailman/listinfo/finale
