[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Is my server being used

Subject: RE: [cobalt-users] Is my server being used
From: "Dan Kriwitsky" <webhosting@xxxxxxxxx>
Date: Wed Jul 25 23:08:10 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> I have received, yes received a couple of emails lately that have
> a "From:"
> listed something like the following
>
> From: _XxHustlerxX_@xxxxxxxxxxxxxxxxxxxxxx

I'm guessing it's spam.

>
> I have no user with the name,
>
> The maillog has the following:
>
> from=<_XxHustlerxX_@xxxxxxxxx>, size=17779, class=0, nrcpts=1, msgid=<>,
> proto=ESMTP, daemon=MTA, relay=femail13.sdc1.sfba.home.com [24.0.95.140]
>
> to=<tags@xxxxxxxxxx>, delay=00:00:00, xdelay=00:00:00, mailer=local,
> pri=47310, dsn=2.0.0, stat=Sent

Some spamware has the ability of applying the recipient mail server MX info
as the From: address for each piece of spam so it won't get bounced instead
of just sending using Bcc.
If it was spam, make sure you forward complete headers to
abuse@xxxxxxxxxxxxx and there should have been some more info in the headers
showing the actual IP of the sender since 24.0.95.140 is and @Home mail
server.
--
Dan Kriwitsky

Follow-Ups:
- Re: [cobalt-users] Is my server being used
  - From: Steve Werby

References:
- [cobalt-users] Is my server being used
  - From: David Lucas

Prev by Date: RE: [cobalt-users] User Quota's
Next by Date: RE: [cobalt-users] hosts other than www
Previous by thread: RE: [cobalt-users] Is my server being used
Next by thread: Re: [cobalt-users] Is my server being used

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index