On 12/22/2009 11:01, Paul Russell wrote: > On 12/22/2009 10:45, Andrew Bosch wrote: >> That is a tricky one. The spam sender could be any one of the editors or subscribers, assuming >> that the spams he gets are not just coincidental. If he has access to the MTA logs, the SMTP >> transaction information could be revealing. >> > > Almost everything useful that he could find in the MTA log should also be > present in the full message headers on the spam. > Plus, the full headers will reveal the complete delivery path from the point of origin - information which will not be available in the MTA log, if the message originated from a system other than the one which delivered it to the MTA. -- Paul Russell, Senior Systems Administrator OIT Messaging Services Team University of Notre Dame