On Thu, May 28, 2009 at 8:37 PM, jan gestre <ipcopper...@gmail.com> wrote:
> On Wed, May 27, 2009 at 5:31 PM, kj
> <koffiejunkielistlur...@koffiejunkie.za.net> wrote:
>> jan gestre wrote:
>>>
>>> I don't have anymore the logs from Postfix and I'm not sure if it
>>> really is a backscatter problem, all I have right now is the
>>> following:
>>
>> The message snippet is of no use. Can you post the full headers? That and
>> a corresponding log entry should clear things up.
>>
>> From what you've said so far it sounds more likely to be a forged
>> return-path/from, in which case adding and checking against spf records
>> would solve your issue.
>>
>> --kj
>>
>
> I want to post here the complete message with headers but problem is
> it will take a while, I'm several kilometers away from this office and
> the on-site support guy still has not sent the message headers I've
> asked for.
>
sample header:
Received: from 55.Red-88-7-191.staticIP.rima-tde.net
(55.Red-88-7-191.staticIP.rima-tde.net [88.7.191.55])
by mail.example.com (Postfix) with ESMTP id 9DEC4148041
for <jmgar...@example.com>; Mon, 1 Jun 2009 08:58:53 +0800 (PHT)
Message-ID:
<365683314256959.dtwibjscpdre...@55.red-88-7-191.staticip.rima-tde.net>
From: "Jeanine" <jmgar...@example.com>
To: jmgar...@example.com
Subject: Check it now
MIME-Version: 1.0
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Date: Mon, 1 Jun 2009 08:58:53 +0800 (PHT)
The received from ip address is obviously not the company's real ip
address, and we have lots of emails like this.
