On Sun, 28 Feb 2010, Carlos Williams wrote: > Received: from mail.iamghost.com ([127.0.0.1]) > by localhost (iamghost.com [127.0.0.1]) (amavisd-new, port 10024) > with LMTP id awUEbrkCfcvq for <postmas...@iamghost.com>; > Sat, 27 Feb 2010 15:05:50 -0500 (EST) > Received: from ambianceimports.com (unknown [89.204.40.160]) > by mail.iamghost.com (Postfix) with SMTP id 179C477ADB5 > for <postmas...@iamghost.com>; Sat, 27 Feb 2010 15:05:48 -0500 (EST) > > I thought this was the point of adding the 'helo_checks' but I think I > am missing something. Can anyone please help explain what I did wrong > or am missing? I think this email should have been prevented with: > > /^iamghost\.com$/ 550 Don't use my own domain
Where in the headers do you see evidence that the spamming server tried to HELO with iamghost.com? -- Sahil Tandon <sa...@tandon.net>
