Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Bradley Hope (ursus_at_olypen.com)
Date: Thu Dec 05 2002 - 12:14:09 CST
----- Original Message -----
From: "Joe Topjian" <joeportsys.net>
Sent: Thursday, December 05, 2002 9:37 AM
Subject: Re: [discuss] Security breach?
> > I am receiving returned as undeliverable spam emails addressed to
> > apachemydomain.net with From addresses showing up as people who
> > shouldn't
> > have access to the mail systems. Far as I know, apache shouldn't have
> > any
> > way of sending email..or does it..could it? Any ideas as to why apache
> > would/could be used as the return address/user for sent mail?
> Possibly someone forging the return address to your domain. When the
> mail gets bounced on the remote host, it gets sent to the forged
> address (ie, you in this case)
> Can you view the headers of the email you're receiving?
> That will show where it really originated from.
> Joe Topjian
> email: joeportsys.net
> web: http://terrarum.net/joe
A sample of what I am receiving. It "looks" like the sender is
pretty.com6joana2.thorngarden.net but there is no such user and the
domain/virtual domain of joana2.thorngarden.net does not exist. This entry
seems to change with just about every return I get.