Older technology used to fight spam - Analyse message content using keywords
Newer techlonogy used to fight spam - Analyse both message content and header
How you can find a spammer's ISP?
The address in the "From:" field is almost certainly forged in order to throw you off the scent (and may even belong to an innocent third-party), so you have to learn to read the "full message headers", which are a bit like a log of an email message's travels through the internet.
http://spamcop.net/fom-serve/cache/19.htmlSpammer Tricks1. The Non-Dotted-Quad IP address e.g. 0266.0xaf.0x5a.012
2. The really Dotted-Quad IP address
e.g. http://10889035741470030830827987437816582766808.4153837 4868278621028243970633761010.913438523331814323877303020 44767688728495784090.54445178707350154154139937189082913 83522/
end up with
http://216.242.154.226/3. The username trick
e.g.
http://jjf:fred@www.myreallysecurewebsite.com/4. Page redirections
5. Frames
How spammers get our email address?1. "Harvesting" in newsgroup/website
2. Buy from another spammer
3. Guess -when spammer concentrate on one domain, it's sometimes called "Dictionary Attack".
4. ISP sell to spammer, extremely rare
5. We give them when register to newsgroup/website
What can an individual do?
Many spam e-mails contain URLs to a website or websites. According to a Commtouch report in June 2004, "only five countries are hosting 99.68% of the global spammer websites", of which the foremost is China, hosting 73.58% of all web sites referred to within spam.[