My first point would be that bouncing spam to the 'From' address has approximately zero chance of ever reaching either the immediate sender or the spammer responsible for the junk -- who, these days, is usually someone else entirely. So, since the value of those automated bounces is always negative, start the improvement by simply not doing it.
Then, if the sysadmin wants to apply some anti-spam pressure (which I think is a great idea), the question is how to go about it. With 'From' being 99.a-lot-of-nines percent useless (and even in the best of cases, redundant), that leaves the most recent 'Received' header. (The other ones can be forged and I'm not confident that automatic analysis can reliably detect which are legitimate.) Decode that and send the complaint there. This still will have no direct effect on the spammer, but if the ISP at that address is responsible, it may result in a compromised system being taken down and cleaned. Enough of those and...who knows....
Sorry for the soapbox, but this has been a minor specialty of mine for a long time. And you asked. :-)
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
branchandroot
no subject
Date: 2008-02-21 01:44 pm (UTC)Then, if the sysadmin wants to apply some anti-spam pressure (which I think is a great idea), the question is how to go about it. With 'From' being 99.a-lot-of-nines percent useless (and even in the best of cases, redundant), that leaves the most recent 'Received' header. (The other ones can be forged and I'm not confident that automatic analysis can reliably detect which are legitimate.) Decode that and send the complaint there. This still will have no direct effect on the spammer, but if the ISP at that address is responsible, it may result in a compromised system being taken down and cleaned. Enough of those and...who knows....
Sorry for the soapbox, but this has been a minor specialty of mine for a long time. And you asked. :-)