Fewer Spammers Forging
the Sender Header. The "From" or "Sender" of a spam
email message is almost always forged. It's hardly ever the actual sender.
That could be changing. We've noticed an increasing volume
of spam messages hitting our spamtraps that appear to have a valid return address.
Why would this be? We can think of at least four reasons:
- It's illegal in the
United States. But many other actions related to spamming are also illegal.
- Increasing use of sender
authorization technologies such as SPF, Sender ID, and DKIM by spam filters.
Spammers think that a valid return address makes it more likely that their
spam will get delivered.
- Increasing use of "call
to action" filtering. Spam that invites the user to reply by email is
harder to filter than spam that quotes a Web site or phone number.
- Lower likelihood of
being cut off. People are unused to sending complaints about the owner of
the sender domain; overworked abuse desks are less likely to notice that the
spam implicates the sender domain.