>
> To be honest as an admin/Pointy hair who has to deal with spam reports
> and apply the cluestick to spammer as appropriate within the bounds of
> AUP's Terms and Conditions and the law I will only trust my
> interpretation of the headers.
Its NOT a matter of trust. The FULL MESSAGE WITH FULL HEADERS would be
included with all reports. I'm not suggesting that you automatically
trust the pre-parsing, I'm merely suggesting it as a CONVENIENCE.
The idea being, you can pass over messages that have the same
pre-parsed "Dialup-Origin-IP-Address:" as a spam for which you've
already dealt with, until after you look at ones with a different
"Dialup-Origin-IP-Address" (And as part of looking at those ones first,
you can look at the original full headers and confirm or correct the
interpretation)
> I'm sure many other admins are the same, most people really don't know
> how to read headers anyway (see Hotmail's bad reputation gained thanks
> to uunet spammers with forged From: headers). In an abuse department
> what counts (in my experience) is a clear simple complaint and a
> complete set of headers.
Yes, and if you receive six hundred and fifty complaints, how long does
it take you to check each one to see if its a report of a previously
dealt with issue, or if its a report of a new incident? How much
quicker could you respond to a new incident if some of the more-clueful
recipients of the spam did some pre-processing for you? (And again, NOT
to suggest that you shouldnt confirm by inspecting the headers
yourself)
>
> Mark
>
> --
> Mark Lowes Home: <hamster@???> Work: <markl@???>
> Webmaster, Listmaster, bofh and fluffy cuddly person.
> http://hamster.wibble.org/ http://www.wibble.org/
>
--
*** Exim information can be found at
http://www.exim.org/ ***