Am 18.10.24 um 15:16 schrieb Paul Smith* via mailop:
A spammer can send SPF-authenticated mail 'From: "b...@microsoft.com" <na...@evilcorp.com>', but any spam filtering knows that it's not really from Microsoft.
What they actually do is register a domain "micorsoft.com", send SPF-authenticated mail 'From: "b...@microsoft.com" <b...@micorsoft.com>', and neither spam filtering software (which doesn't see the similarity) nor the human victim (who doesn't see the difference) will notice.
Of course it's only a small fraction of recipients who don't notice the fraud and fall for it, but those who see it and would like to stop it have absolutely no incentive to report it as they know that neither the hoster nor the registrar will do anything to stop the criminals or disclose their identity without a court order, and getting such a court order is not realistically possible for most people. Would you go to the police with a printout of the screenshot and explain it to police officers who will most likely send you home without filing charges? Of course not, it's futile.
The GDPR mentioned by Jaroslaw likely did something to reduce spam from the "mainsleaze" who aren't evil enough to be actual criminals, but on the other side it mostly eliminated the need for and cost of bulletproof hosting and registration as any hoster or registrar can be bulletproof by default.
Cheers, Hans-Martin _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
