Re: Another example...

Thu, 08 Jun 2006 07:04:26 -0700

Looks like you have [EMAIL PROTECTED] whitelisted somewhere. That's probably a bad idea. Spam usually uses a spoofed address. 

NW7US, Tomas wrote:
Here are headers from another example of spam, that is marked STRONGLY as NOT being spam. What is VERY interesting about THIS one, is that it seems to actually be FROM me!!! However, it made its rounds on other servers, first. Is it possible someone is spoofing my email address?? Or, is there a gateway e-mail hole on my server? 


Here are the headers: (and, I deleted my whitelists, like the auto learn 
one, etc.)



Return-Path:     <[EMAIL PROTECTED]>   
X-Spam-Checker-Version:     SpamAssassin 3.1.3 (2006-06-01)
                            on helios.hfradio.org   
X-Spam-Level:        
X-Spam-Status:     No, score=-86.2 required=1.0 tests=HTML_MESSAGE,

                MIME_HTML_ONLY, MIME_HTML_ONLY_MULTI,

                
MPART_ALT_DIFF,RCVD_ILLEGAL_IP,RCVD_NUMERIC_HELO,                
UNPARSEABLE_RELAY,URIBL_JP_SURBL,URIBL_OB_SURBL,

                URIBL_SBL, URIBL_SC_SURBL,URIBL_WS_SURBL,

                USER_IN_WHITELIST autolearn=no version=3.1.3   
Received:     from 60.234.111.150 ([60.234.111.150]) by 
helios.hfradio.org

                (8.12.11/8.12.11) with ESMTP id k586UPVE019859 for

                <[EMAIL PROTECTED]>; Wed, 7 Jun 2006 23:30:28 -0700   
Envelope-to:     [EMAIL PROTECTED]   
Delivery-date:     Thu, 08 Jun 2006 18:36:11 +1200   
Received:     from [242.112.30.100] (helo=86678721) by 60.234.111.150
                with smtp (Exim 4.60 (FreeBSD)) 
(envelope-from                
<[EMAIL PROTECTED]>)                id 
W3mNJ-2xnyDQA-8Kx for [EMAIL PROTECTED];                Thu, 08 Jun 
2006 18:36:11 +1200   
Received:     from gallery48.freeserve.co.uk (02055232 [17238173668])

                by 124.1.211.112 (Qmailv1) with ESMTP id 0FJ2Y8TBN for

                <[EMAIL PROTECTED]>; Thu, 08 Jun 2006 17:36:07 +1200   
Date:     Thu, 08 Jun 2006 17:36:07 +1200   
From:     "Jon R. Pirrello Jr" <[EMAIL PROTECTED]>   
X-Mailer:     The Bat! (v2.12.00) Personal   
X-Priority:     3   
Message-ID:     <[EMAIL PROTECTED]>   
To:     [EMAIL PROTECTED]   
Subject:     General health store   
X-IMAPbase:     1148015368 4545   
Status:     O   
X-UID:     4545   
Content-Length:     11005   
X-Keywords:        
X-Antivirus:     AVG for E-mail 7.1.394 [268.8.2/357]   
Mime-Version:     1.0   
Content-Type:     multipart=mixed; 
b0undary="=======AVGMAIL-4487C4C83823======="



(I changed the last header, in case it might case a problem... the 
message has an attachment that contained a virus or trojan.)




I could really use some help in figuring out how to end this sort of 
activity.


Thanks,

73 de Tomas, NW7US ( http://ic-discipleship-ministries.org/ )

: Propagation Editor for CQ, CQ VHF, Popular Communications :
: Creator; live propagation center http://prop.hfradio.org/ :
: Associate Member of Propagation Studies Committee of RSGB :
: 122.93W 47.67N / Brinnon, Washington USA CN87 CW/SSB/DIGI :
: 10x56526, FISTS 7055, FISTS NW 57, Lighthouse Society 144 :
: Technical Writer for http://entirenet.net  (Microsoft KB) :
























					Reply via email to