[69ConvertibleFirebird]

What is an "open relay" and why would someone let their system be used to send SPAM?

Here is an example of the from: field with full headers on:
Received: from c-24-1-157-18.client.comcast.net (c-24-1-157-18.client.comcast.net [24.1.157.18])

Is there any way of telling whether this IP originated the e-mail or went through an open relay?

Either way, I forward the full message with headers to the system that it came from, usually at abuse@_system_.com, or wherever, asking that their system stop sending SPAM. Maybe they will terminate that IP's account. I get about 20 of these (from DSL and/or Cable Modem) per day.

[Proud_texan]

An open relay is a mail server that allows one to log on and send email from that server without proper credentials. They aren't as common as they were and as recently as a couple of years ago it was pretty standard. Not unlike leaving your door unlocked in the 50s.

It's by no means comprehensive but http://www.ordb.org/ maintains a list of open relays. I don't find that IP address in their database but I do note that it's been tested for open relay service recently, might be the owner get a dose of reality with all the spam complaints and took care of it.

Or it could be that the address was merely forged and the IP address is totally bogus.

[rit]

c-24-1-157-18.client.comcast.net (c-24-1-157-18.client.comcast.net [24.1.157.18])

This is most likely a dial up, or DSL connection. Send the complaint to abuse@comcast.net. My experience with this indicates that people frequently receive trial subscriptions solely for the purpose of originating spam. Recently, a wireless spot in a hotel was used to originate spam.

Text based spam is bad enough, but when it includes viruses and trojans, the problem is compounded. CNN suggested this current virus could cost over $250M.

Open Relays pose a problem, as do trial subscriptions, and temporary email accounts. Even though fewer open relays exist in the US, the emergence in 3rd world countries will only increase this problem.

The real challenge is that the existing email protocol cannot authenticate who really sent the email. The advocates for updating the protocol are dwarfed by the advocates for keeping the existing protocol due to the anticipated cost for making the change. Existing applications are based on the current protocol and they would have to be changed.

The CAN-SPAM Act fails because it requires you to identify who sent you the spam. When it comes from a 3rd world country, that will not happen. When the spammers spoof the headers, again you cannot identify who sent the email.