|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Is this spam or something else?
From: Jacob Hatt (jacobhatt
yahoo.co.uk)
Date: Tue Nov 02 2004 - 09:14:34 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Is there something that I can do about this forging of
the address of my user? Also, what does the existence
of those many entries of the spam domain
"something.domain.com" in maillog exactly mean? I have
installed this system only recently and I am concerned
that I haven't secured it enough.
Thank.
--- Robin Lynn Frank <rlfrankparadigm-omega.com>
wrote:
> On Tue, 2004-11-02 at 06:36, Jacob Hatt wrote:
> > I am seeing numerous entries like this in my
> maillog:
> >
> > Nov 1 09:14:06 mymailserver postfix/smtpd[11576]:
> > connect from
> "something.domain.com"[111.222.333.444]
> > Nov 1 09:14:06 mymailserver postfix/smtpd[11576]:
> > 2518297051A:
> > client="something.domain.com"[111.222.333.444]
> > Nov 1 09:14:07 mymailserver postfix/smtpd[11576]:
> > disconnect from
> > "something.domain.com"[111.222.333.444]
> >
> > I do not know anything about
> "something.domain.com",
> > but its IP "111.222.333.444" is listed on
> spamcop.net.
> >
> >
> > Additionally, one of my users had one of his
> messages
> > sent back to him with the following error:
> >
> > The original message was received at Tue, 2 Nov
> 2004
> > 13:43:59 GMT from localhost [127.0.0.1]
> >
> > ----- The following addresses had permanent
> fatal
> > errors ----- <"userdestination.com">
> > (reason: 553 5.3.0 Spam blocked see:
> > http://spamcop.net/bl.shtml?111.222.333.444)
> >
> > ----- Transcript of session follows ----- ...
> while
> > talking to
> > "mail.destination.com".:
> > >>> MAIL From:<"usermydomain.com">
> > <<< 553 5.3.0 Spam blocked see:
> > http://spamcop.net/bl.shtml?111.222.333.444
> >
> > Was my user's message seen as if it came from
> > 111.222.333.444 hence blocked by the destination
> > server which uses spamcop.net or what? If so, how
> > could this happen?
> >
> > Thank you.
> >
> Your user's address is being forged by the spammer.
> --
> Robin Lynn Frank
> Director of Operations
> Paradigm-Omega, LLC
> http://www.paradigm-omega.com/
>
====================================================================
> Spambots are welcome at
> http://paradigm-omega.net/cgi-bin/custmail.cgi
>
====================================================================
> In a perfect world there would be no politicians.
>
> ATTACHMENT part 2 application/pgp-signature
name=signature.asc
___________________________________________________________ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]