>> Also, do these viruses ever use the SMTP server set up on that computer in >> Outlook (via Windows registry), or do they always use external third-party >> smtp servers for sending the spam? >> >> (I'm researching this as a prerequisite to trying some additional anti-spam >> strategies.) >> always << I have seen some rubbish in german, a while ago, and seemingly built for the german infrastructure: A high percentage of private internet access goes through a provider that does not authenticate smtp, since they already have authenticated the connection. The rubbish took advantage of that and was sending via the official mail server
A lot of other spam I receive is sent straight from the client's ip address to the target MX, where outlook would - hopefully - send to the smarthost server first Wolfgang