On 01/26/09 21:13, Brad Knowles wrote:
Even if they were infected with malware, those programs could easily use a different outbound route than the normal mail sent by that person. So, such a test might turn up something interesting, but then again it doesn't prove anything if it doesn't.
Agreed. However it does make things rather nice when things do correlate like that. Or at least when the original (purported) sending host is either at the same IP, or at the very least in the same class C subnet.
Grant. . . . ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9