(Up to: Spam Filtering )

This is mostly conjection on a purely personal basis, backed up by what I see in the news and in my inbox. I find it helps, when trying to work out a solution to anything, to get an idea of the network and the underlying infrastructure that leads to the problem. By understanding the system, a more reliable and robust solution can be built. At least, in theory.

Spamming has become big(ger) business. So big, in fact, that the rewards, combined with sufficient amounts of anonymity, have now outweighed the moral questioning, and so we find both that

• More people are willing to pay to send spam
• More people are willing to build and sell the infrastructure that provides anonymity

This latter group has now started to get serious, the constituents of which seem to be mostly a (likely small) number of hackers that do know what they're doing. See this Wired article, for instance.

If we look up the IPs that most spam comes from, we mostly trace it back to modem banks at ISPs - these are users that have been infected by trojans/virii, and are now the drone machines being used as open SMTP relays to send the spam through.

These "spackers" (?) (i.e. the infectors/senders, rather than those using their service) work closely with "regular spammers", but also use their network to send out adverts for themselves - I suspect these are mails informing you of e-mail marketing techniques, rather than for a particular website. These tend to not have any domain name associated with them, but rather a telephone number - possible 1-800 - to call. I traced a recent one using White Pages to somewhere in Miami. Thus, the easiest way to track these people is to call the number, and social engineer them, I suspect.

This gives us a good idea of how the spam is getting around - assume it to be originating from pretty much any IP, although the ratio of home users to misconfigured open relay servers is probably rising, as more people get broadband, and as virii become the favoured tool of relay "discovery".