NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2004-11

Re: Is this spam or something else?

From: Robin Lynn Frank (rlfrankparadigm-omega.com)
Date: Tue Nov 02 2004 - 08:44:32 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2004-11-02 at 06:36, Jacob Hatt wrote:
> I am seeing numerous entries like this in my maillog:
>
> Nov 1 09:14:06 mymailserver postfix/smtpd[11576]:
> connect from "something.domain.com"[111.222.333.444]
> Nov 1 09:14:06 mymailserver postfix/smtpd[11576]:
> 2518297051A:
> client="something.domain.com"[111.222.333.444]
> Nov 1 09:14:07 mymailserver postfix/smtpd[11576]:
> disconnect from
> "something.domain.com"[111.222.333.444]
>
> I do not know anything about "something.domain.com",
> but its IP "111.222.333.444" is listed on spamcop.net.
>
>
> Additionally, one of my users had one of his messages
> sent back to him with the following error:
>
> The original message was received at Tue, 2 Nov 2004
> 13:43:59 GMT from localhost [127.0.0.1]
>
> ----- The following addresses had permanent fatal
> errors ----- <"userdestination.com">
> (reason: 553 5.3.0 Spam blocked see:
> http://spamcop.net/bl.shtml?111.222.333.444)
>
> ----- Transcript of session follows ----- ... while
> talking to
> "mail.destination.com".:
> >>> MAIL From:<"usermydomain.com">
> <<< 553 5.3.0 Spam blocked see:
> http://spamcop.net/bl.shtml?111.222.333.444
>
> Was my user's message seen as if it came from
> 111.222.333.444 hence blocked by the destination
> server which uses spamcop.net or what? If so, how
> could this happen?
>
> Thank you.
>
Your user's address is being forged by the spammer.
--
Robin Lynn Frank
Director of Operations
Paradigm-Omega, LLC
http://www.paradigm-omega.com/
====================================================================
Spambots are welcome at http://paradigm-omega.net/cgi-bin/custmail.cgi
====================================================================
In a perfect world there would be no politicians.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Sed quis custodiet ipsos custodes?

iD8DBQBBh51Mo0pgX8xyW4YRAkQoAKDlw0+C9sdEUh5/oRsPR04FeaXEGwCgoG2h
snXdJ0izKJFWtxXQBAuO5fI=
=xgKy
-----END PGP SIGNATURE-----

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]