[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Need some help on "spam" report

Subject: RE: [cobalt-users] Need some help on "spam" report
From: "Chuck Lewis" <clewis@xxxxxxxxxx>
Date: Tue Apr 20 12:06:01 2004
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Very interesting Al-Juhani, thanks !

Chuck

-----Original Message-----
From: cobalt-users-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-users-admin@xxxxxxxxxxxxxxx] On Behalf Of aljuhani
Sent: Tuesday, April 20, 2004 1:42 PM
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-users] Need some help on "spam" report

> I got a report that our Qube had been used for Spam and as far as I know
it
> is locked down pretty tight so I don't know what to make of this. I had
one
> person on the Dshield list say to check the maillogs and I tried that but
> they only go back to 4/16 and this happened on 4/13. Then someone else
just
> noted that they are not aware of any way to spoof the "NNTP-Posting-Host"
> that shows our IP address in this email and "You'll have to look for
> outbound HTTP connections to posting.google.com from your IP, not SMTP
> transactions."
>
> So how do I do that ?
>
> And is there a way to keep logs from rolling off so fast ?
>
> Thanks and here is the original email notice I received:
>

Seems a forged header see the link below:
http://news.spamcop.net/pipermail/spamcop-list/2001-April/009492.html

-and-

http://home.att.net/~marjie1/usenet.htm


Al-Juhani
aljuhani@xxxxxxxxx

References:
- Re: [cobalt-users] Need some help on "spam" report
  - From: aljuhani

Prev by Date: Re: [cobalt-users] Need some help on "spam" report
Next by Date: RE: [cobalt-users] Need some help on "spam" report
Previous by thread: Re: [cobalt-users] Need some help on "spam" report
Next by thread: [cobalt-users] Blocking massive DNS queries

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index