On 08.06.09 12:21, Karsten Bräckelmann wrote:
By authenticated users? So that's no bot spam, and the user spams deliberately and consciously...
On Mon, 2009-06-08 at 14:01 +0200, Matus UHLAR - fantomas wrote:
says who? Afaik spamware often uses outlook's SMTP engine, so it's quite common for those to be distributed with authentication info.
On 08.06.09 16:52, Karsten Bräckelmann wrote:
Got any stats about a non-negligible amount of bot spam authenticating with the real user's SMTP, instead of direkt-to-MX submission?
On Mon, 8 Jun 2009, Matus UHLAR - fantomas wrote:
Why should I have any? Any spamming client can get us to blacklist, so it's important that they would not spread spam...
I believe his request for stats is a polite way of disagreeing with your statement that bots 'often' use Outlook SMTP Auth. Personally, I have always thought that bots avoided ISP mail servers in order to minimize detection and maximize the amount of time they can spew before being blocked/deleted. This is actually the premise that makes RBl checks for 'direct to MX' so successful. So your statement was quite surprising.
Rather than just challenge its accuracy, we politely ask for more info. :) - Charles
