On 18 Aug 2016, at 19:36, Mark Sapiro wrote:

Altering the From: based on recipient can be done by modifying the code.
Say you have a message "From: Ann User <a...@example.com>" and you want
to change that to "From: Ann User <ann+...@example.com>" where xxx is a
unique code for each recipient.


Please, don't anyone do that, ever. It's not just "risky," as noted in earlier discussion, it would be positively abusive.

A less obvious approach would be to add an address IN A DOMAIN YOU CONTROL in a X-[something] header (or perhaps a Cc header) that is unique to each recipient so that when you get mail to that address, you've identified your problem user.

HOWEVER, there is an angle to this problem that should be understood: it's probably not being done by a human subscriber. One possibility is that a subscriber has malware on their machine that is generating the spam, so when you identify a subscriber who is your vector, you may only be identifying someone which an insecure machine. Another possibility (which would be untraceable and easy to automate on the spammer side) is that someone other than a subscriber is harvesting addresses and subjects from your web archive at mail-archive.com, where every message has a button to "Reply via email" that kicks back a redirection to a mailto: URL with the sender's address and Subject.
------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Reply via email to