Quick thought. It's pretty obvious now that spammers have resorted to trojans and viruses to set up open SMTP relays to avoid being traced. But couldn't this "home user" approach actually play against them? If a honeypot is set up, and infected, then used to send mail, isn't the real IP of the spammer announced readily to the owner of the honeypot? Or do the spammers have another layer of stealth, before they connect to the SMTP box?