Spammers are going legit, and they're using Yahoo e-mail authentication servers to do it, said Mark Sunner, chief security analyst with MessageLabs.
Most people use the Web interface for Yahoo Mail, which attaches a banner of advertising on the e-mail somewhere within the message. Yahoo also provides a service, Yahoo Plus, that allows the sender to use SMTP and traditional e-mail clients such as Outlook Express or Thunderbird. Mail sent via SMTP passes through Yahoo's servers, signing the mail as legit using the Yahoo Domain Keys Identified Mail (DKIM) service.
What this does is strip out the usual … Read more