>I suspect you misunderstand what the "Host" HTTP header does You're right - I'd thought the Host: value string supplied info about the requesting machine rather than the server machine, sorta like the User-Agent: string. So you're also correct about that info being the lower-hanging fruit, as far as the spammer is concerned. Thanks.