On Sun, 3 Dec 2006, Chris wrote:
> I got this in my inbox today, I believe it to be real, however I'll post the
> headers below. The reason I think it may be real is that there is some
> person out there named Carol Pollock who for some reason and some how is
> using the email address of [EMAIL PROTECTED] How, I haven't the
> faintest clue. Here are the headers:
>
> X-Spam-Untrusted: Relays [ ip=216.35.62.79
> rdns=arm79.bigfootinteractive.com
> helo=bigfootinteractive.com by=mx-bracke.atl.sa.earthlink.net ident=
> envfrom= intl=0 id=1gQWIB30u3Nl34i6 auth= ]
> X-Spam-Level:
> X-Spam-RBL: Results <dns:email.capitalone.com?type=MX> [20
> arm.bigfootinteractive.com.]
> <dns:email.capitalone.com> [206.132.3.45]
> Status: U
> Return-Path: <[EMAIL PROTECTED]>
> Received: from pop.earthlink.net [209.86.93.201]
> by localhost with POP3 (fetchmail-6.2.5)
> for [EMAIL PROTECTED] (single-drop); Sun, 03 Dec 2006 13:11:30
> -0600 (CST)
> Received: from bigfootinteractive.com ([216.35.62.79])
> by mx-bracke.atl.sa.earthlink.net (EarthLink SMTP Server) with SMTP
[snip..]
I'd vote for this being a legit case of pilot error on the
original user's part. Much to their shame, CapitalOne -does- use
BFI for sending out many of their mailings.
I even had to go so far as to whitelist_from_rcvd [EMAIL PROTECTED]
sent via bigfootinteractive.com
Now to be fair, CapitalOne isn't the only culprit in this crime,
email.discovercard.com & email.chase.com use BFI too.
Dave
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
