Comment My understanding of how this works (Score 1) 651
All this "you didn't get my email?" situation will never happen to most of you. After some reading last night this is how I think it works:
1. I send you an e-mail with a from: address of support@paypal.com
2. Hotmail see's that the return path is from spammers.com servers
3. Hotmail asks paypal.com this, "mr. paypal machine sir, is spammers.com allowed to send email with your domain name as the from: address?"
4. Two possible answers: "no" and "yes, only if that machine's address is x.x.x.x"
So now you can understand where the effort goes into stopping spam. But I also found a weak point.
This check happens only if the return path domain differs from the from: address. Most amateur spammers will be taken out, but I'm sure spam script writers will easily find a way to spoof the return path too. And then this check will never happen!
1. I send you an e-mail with a from: address of support@paypal.com
2. Hotmail see's that the return path is from spammers.com servers
3. Hotmail asks paypal.com this, "mr. paypal machine sir, is spammers.com allowed to send email with your domain name as the from: address?"
4. Two possible answers: "no" and "yes, only if that machine's address is x.x.x.x"
So now you can understand where the effort goes into stopping spam. But I also found a weak point.
This check happens only if the return path domain differs from the from: address. Most amateur spammers will be taken out, but I'm sure spam script writers will easily find a way to spoof the return path too. And then this check will never happen!
