Re: How to block the bat!

cpayne wrote:

> Robert Braver wrote:

Correction. The spam *claims* to be coming from The Bat!.

 With near perfect certainty, I can tell you the spam was not generated by The Bat, Outlook, or whatever other program might appear in the User-Agent or X-Mailer header. It is no more believable than the From: header, and it is forged just as often (ie: nearly always). It is generally advisable for spammers to fake this header to look like a real mail client, as best they can, because it makes spam detection harder. So they do.

In reality nearly all spam is generated by custom software that runs in the background on infected PCs in botnets.

Think about it, the mail viruses that infected the PC in the first place can generate emails to spread themselves.. Spamming activity is simply good reuse of the same code.

So, your spam was probably generated by a fragment of code from the Storm worm, mydoom, bagel, etc, possibly glued together with some other code for the differing payload needs.

But no spammer is going to be foolish enough to put:

User-Agent: Storm Worm Botnet v 3.12.0

Do you need help?
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related spamassassin.apache.org Links users Request more information about Pantek

But we can all dream... :) Received on Wed Oct 17 23:15:28 2007