Questions

Spam appears to be coming from US Servers

+
0 Votes
Locked

Spam appears to be coming from US Servers

cpguru21
This is a post regarding a trend I am noticing on incoming spam hitting our server.

I am noticing as I look through the headers of spam emails (oh you know the Amex needs to update its information, Contact UK bank for lottery etc..) that a lot of these messages appear to originate from US servers. What I do is look through the headers and check the ip's of received by. If they are out of the country, depending on which country, I blacklist the ip from sending emails. (I also use spam assassin training and RBL checking).

As I look through, if it is a yahoo or gmail or comcast compromised account, then I cannot block as any of our customers may have those addresses. However thats not what I am seeing. I am seeing header information that looks like servers are either compromised or are legitimately sending spam. Or spoofed.

So to the question:
1. Is anyone else seeing this? I have been viewing these trends for 3+years at my current job and this is the most I have seen of this.
2. How do you determine if the header information is "spoofed"? Are email headers fool prrof?

There have been times over the years where I reached out to admins of some of these US servers, but have never had anyone respond. Maybe they thought my email was spam? :)
  • +
    0 Votes

    but for the last 5 years or so the majority of the spam I get is from Russian, Japanese
    and Chinese servers...I don't speak those languages, so it makes it a bit easier to
    filter those.

  • +
    0 Votes

    but for the last 5 years or so the majority of the spam I get is from Russian, Japanese
    and Chinese servers...I don't speak those languages, so it makes it a bit easier to
    filter those.