How To Determine The Origin Of Spam? - At first, look...
(Page 5 of 7 )
At first, look at the forged From: field. The email address in the From: and Reply-To: lines doesn’t exist. So, the spammer took care about directing bounced messages and all the indignant replies people may send to a non-existing email account.
Secondly, the Subject: line. It contains the variations of the “Meds” and “Viagra” words that are known to be met in spam messages. Plus, the subject contains a range of random characters. It’s obvious that the subject line is skillfully tailored to fool anti-spam filters.
Lastly, let’s analyze the Received: lines. We start from the oldest one - Received: from 188.8.131.52 by 184.108.40.206; Tue, 07 Nov 2006 05:53:35 -0500. There are two IP addresses in it: 220.127.116.11 says it received the message from 18.104.22.168.
More How To Articles
More By Jase Dow