Matthew Walker wrote:
On Tue, January 9, 2007 4:44 am, [EMAIL PROTECTED] wrote:
but we see message header ,we can see any valid username ,but we see the
From HEADER is ""168.1.49.97dgrrtgr" <>" and no [EMAIL PROTECTED]"""""
Return-Path: <>
Received: (qmail 10514 invoked by uid 89); 8 Jan 2007 01:04:33 -0000
Received: by simscan 1.2.0 ppid: 10447, pid: 10511, t: 0.2801s
scanners: attach: 1.2.0 clamav: 0.88.7/m:41/d:2352
Received: from unknown (HELO winxp) ([EMAIL PROTECTED])
by 0 with ESMTPA; 8 Jan 2007 01:04:33 -0000
From: "168.1.49.97dgrrtgr" <>
Subject: =?GB2312?B?yeixuM6s0N653MDt?=
To: [EMAIL PROTECTED]
Content-Type: text/plain
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Date: Mon, 8 Jan 2007 09:08:40 +0800
Headers are NOT reliable. Once a client has authenticated with a valid
username and password, they can say whatever they want about who they are
for the rest of the conversation.
Seriously, you have a compromised account, or a user who is intentionally
spamming through your server. Shut them down.
Hi,
Just a thought..... Did you upgrade over an older copy of the toaster ?
Perhaps one where the smtp-auth code required the domain.com name
listed in the run file ?
If so, when you upgraded did you just use the old run file and not
upgrade as you should, there by leaving yourself as an open relay
(because using the old run file with the new code allows anyone to
authenticate) ?
Regards,
Rick
