Do you obfuscate email headers when reporting spam issues to clients?

William Herrin bill at herrin.us
Thu Nov 7 02:26:22 UTC 2013


On Wed, Nov 6, 2013 at 5:46 PM, Anne P. Mitchell, Esq.
<amitchell at isipp.com> wrote:
>> so aside from the abusers his customers will tend to
>> be heavy on single-recipient administrative emails rather than mailing
>> lists.
>
> Then, if they are truly one-to-one administrative emails, that's
> rather odd if they are generating a disproportionate number of
> spam complaints, dontcha think?  Unless they are inserting too
> much marketing into to them (always dicey).

Hi Anne,

In any given above-board hosting operation there are a whole lot of
things going on:

There's the small ad-hoc lists where an address is typoed and the mail
meant for Uncle George now goes to a random stranger.

There's the emails to formerly dead addresses now resurrected by new owners.

There's the folks who signed up for something and decided to
unsubscribe by reporting it as spam.

There the folks playing pranks on a friend by putting his address in a
bunch of "please contact me" web pages, causing the target to be
one-on-one solicited by a bunch of individual salesmen.

There are the server owners whose security was breached and their
happy web app is now being used to relay lots of spam.

And there's the spammer owned servers spewing out spam.

In each of these situations save the final one, obfuscating
information in the reported spam email only serves to make it
difficult or impossible to identify and stop the problem.

If you start with the assumption that the origin is a spammer until
proven otherwise it becomes a self-fulfilling prophecy -- because when
you report the obfuscated message, they can't track it down and fix
it!

Regards,
Bill Herrin


-- 
William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004




More information about the NANOG mailing list