bounce spam

Tue, 12 Nov 2024 04:06:41 -0800 

Hi
What methods do you have to fight with bounce spam? Last time i get some spam 

Return-Path: <>
Delivered-To: bi...@domain.ltd
Received: from MX ([xx.xx.xx.5])
by dovecot3.local with LMTP
id aMFYFA8ALWcUjQAApYCB1g:P1
(envelope-from <>)
for <bi...@domain.ltd>; Thu, 07 Nov 2024 18:59:43 +0100
Received: from mx.xxx.yy ([xx.xx.xx.5])
by mx with LMTP
id aMFYFA8ALWcUjQAApYCB1g
(envelope-from <>)
for <bi...@domain.ltd>; Thu, 07 Nov 2024 18:59:43 +0100
Received: from localhost (unknown [xxx.xxx.xxx.234])
by mx.xxx.yy (Postfix) with ESMTP id 4XkqbM1B4Qz1Q9tD
for <bi...@domain.ltd.pl>; Thu, 7 Nov 2024 18:59:43 +0100 (CET)
X-Virus-Scanned: Skaner antywirusowy amavis3-ng-nowy
X-Amavis-Alert: BAD HEADER SECTION, Missing required header field: "Date"
Received: from mx.xxx.yy ([xxx.xxx.xxx.199])
by localhost (amavis2-ng.xxx.yy [xxx.xxx.xxx.234]) (amavisd-new, port 10628)
with ESMTP id IN23A4PWUyeB for <bi...@domain.ltd>;
Thu, 7 Nov 2024 18:59:42 +0100 (CET)

Received-SPF: None (no SPF record) identity=helo; 
client-ip=34.83.93.130; helo=[10.88.0.4]; envelope-from=<>; 
receiver=<UNKNOWN>
Received: from [10.88.0.4] (130.93.83.34.bc.googleusercontent.com 
[34.83.93.130])

by mx.xxx.yy (Postfix) with ESMTP id 4XkqbL3qxkz1Q9rk
for <bi...@domain.ltd>; Thu, 7 Nov 2024 18:59:41 +0100 (CET)

Content-Type: multipart/related; 
boundary="===============2292679747394156761=="

MIME-Version: 1.0
From: "domain" <no-re...@domain.ltd>
To: bi...@domain.ltd

Subject: 
=?utf-8?q?=5Bbiuro=40domain=2Eltd=5D=3A_Please_confirm_to_continue=2E?=

X-Priority: 2

In amavis log:

Nov  7 18:59:42 amavis3 amavis[1174755]: (1174755-04) p001 1/1 
Content-Type: text/html, base64, size: 734, SHA1 digest: 
777995bb72e45cfb3f9a6d87cf93fab4ef8d7ed7
Nov  7 18:59:42 amavis3 amavis[1174755]: (1174755-04) check_header: 7, 
Missing required header field: "Date"
Nov  7 18:59:43 amavis3 amavis[1174755]: (1174755-04) wbl: whitelisted 
sender <>, <no-re...@domain.ltd>
Nov  7 18:59:43 amavis3 amavis[1174755]: (1174755-04) bounce 
unverifiable, <> -> <bi...@domain.ltd>


Probably amavis whitelisted "<>"


What seems obvious is that '<>' mainly represents bounces or 
non-delivery reports (NDRs)."




--























					Reply via email to