Considering the axis of spam that posted after me.........
Frozzy
Asmodean
Dissident
DrSpike
I highly doubt it.

Dis, here is agreat free anti-virus program: www.grisoft.com

I avoid using any email software that does actually run any code contained in emails beyond html. The risk is too great, in my opinion.



Is that like the axis of evil?
Anyway, it can't be a true axis of spam without at least one post by me.

Forget about the Return-Path entry. That can be faked so easily. Mailserver communication goes like this:

helo somename
-- mailserver response
mail from: any e-mail address here will show up as Return-Path
-- mailserver response (250 OK)
rcpt to: asmodean@***.dk
-- mailserver response (250 OK)
data
-- mailserver response
Subject: Bla
From: markg

Hello text text
.

As you see you can completely hide your email in such a communication. Apart from the rcpt to: you can enter bogus adresses.
The only thing that marks the sender is his ip adress in the first received entry (read from bottom to top)

So the mail appears to come from: 68.86.43.63
The do a WHOIS lookup to see who this ip belongs to either with arin.net (America) or ripe.net (Europe):
http://ws.arin.net/cgi-bin/whois.pl?queryinput=!%20NET-68-86-32-0-1
There you will find information where to send abuse reportings.

I have done this some times when I got very annoyed with spam and I got some responses from ISPs who said they've investigated and shut down the user. Whatever, now I just sort out 80-90% of the spam into a special folder on my imap server and mark them "read" so that they dont appear as new mail.

ata

In Outlook Express you can select to view every e-mail plain-text only. So no VBS/dangerous HTML code can be executed
(assuming OE's view plain-text only option is not exploitable)

I have also disabled the preview pane.

ata

Disabling the preview pane is highly recommended.
It's also a good idea to disable the automatic opening of the next message.

It's also recommended to use some better e-mail client like Eudora, Pegasus Mail, Netscape Mail, Mozilla Mail or Mozilla Thunderbird.

Oh hell yeah!

At work, I don't get a choice.
At home, we use netscape.

Naw, you're just part of the Axis of semi-spam.

I thought newer versions of sendmail has plugged this hole?

This is no hole but part of the Simple Mail Transfer Protocol.

How should sendmail do a check on the "mail from:" address anyway?

All it can do is checking if the e-mail address given has correct syntax and that a valid domain is given. AFAIK this is done.
But well this doesnt help anything because I could use your e-mail address when sending mail and you'd be written in the Return-Path then. Its a valid e-mail address and it exists but there is no way to check if this e-mail address really belongs to me. You'd have to introduce a new email protocol where you have to use certification that the e-mail you are using is really yours. This would however rely on central certification storage servers and the whole thing would be quite vulnerable to DOS attacks and thelike.
AFAIK there is already development of a new protocol for e-mail, but I dont know anything specific.

I was once part of such an "attack" where some spammer put my e-mail address as "mail from: " and i got lots of failed delivery messages. This was EXTREMLY annoying!!

The only thing you can rely on is the IP. That would be a bit more difficult to fake. It is possible to fake the first received entries by using public ip addresses in a private lan and setup a router to do the routing. But eventually the mail has to leave the private network and the first mailserver that is not part of that network lists the real ip of the spammer.

ata

hi ,

www.finjan.com , its like a supermax for your mail , ......

have a nice day

I swear to God, the next time I see panag plug finjan.com, I will get a nervous breakdown.

panag: Message received, okay!!

Asmodean

Just make sure you don't ask him for smileys.