No, they don't. They spoof the From: address not the Recieved: headers. Which means you can trace them back to the originating ISP.Originally posted here by linux_obo
SirDice,
Your advice for tracking the sender of the virus could work if it wasn't for the fact the lastest (NetSky and MyDoom) spoof domain's of the sender, {..}
Any good ISP will act on an abuse email provided you did the correct traceback and supplied the proper info. They may not tell you they took some action but that doesn't mean you're ignored.