[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Any ideas why spammers can use anyname@xxxxxxxxxxxxxxxx?

Subject: RE: [cobalt-users] Any ideas why spammers can use anyname@xxxxxxxxxxxxxxxx?
From: aljuhani <aljuhani@xxxxxxxxx>
Date: Wed Jul 31 16:35:00 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Hi.

the spammer is using his ISP mail server which is mail.telepac.pt located in 
Portugal.  OK there is something confusing in the header, it is the 
[210.55.4.173] which is simply his computer name and not a real IP address.  
The real IP [210.55.4.173] is located in New Zealand !.

Is your domain a catch all account.

regards,

aljuhani

>===== Original Message From cobalt-users@xxxxxxxxxxxxxxx =====
>Does anyone have any ideas why spammers can use anyname@xxxxxxxxxxxxxxxx
>email address and I can't?
>
>I cut my spam down to a trickle but I still some how get email addressed
>similar to below:
>
>anyname@xxxxxxxxxxxxxxxx
>
>I have pop before relay activated, and this is the weird bit, I can't sent
>email to the same address myself without getting:
>
>553 <anyname@xxxxxxxxxxxxxxxx>... No such user here
>
>I've checked to see if my server is open to relay and its not. I've also
>checked the chkrootkit output which gives 'eth0 is not promisc'. Of coarse I
>have a few www email addresses which I know will forward email to me like
>admin@xxxxxxxxxxxxxxxxx
>
>I've asked the company that have my Raq3 and where the DNS  is held but they
>don't seem to know either.
>
>I've enclosed the header from the last spam, maybe this will help:
>
>Received: from fep02-svc.mail.telepac.pt (fep02-svc.mail.telepac.pt
>[194.65.5.201])
>    by www.mydomain.com (8.9.3/8.9.3) with ESMTP id XAA30661
>    for <info@xxxxxxxxxxxx>; Tue, 30 Jul 2002 23:10:12 +0100
>From: bdkr8xxxmeb13mxy@xxxxxxx
>Received: from [210.55.4.173] ([213.13.204.104])
>          by fep02-svc.mail.telepac.pt
>          (InterMail vM.5.01.04.13 201-253-122-122-113-20020313) with SMTP
>          id
><20020730214101.PETW8091.fep02-svc.mail.telepac.pt@[210.55.4.173]>;
>          Tue, 30 Jul 2002 22:41:01 +0100
>To: <Susan@xxxxxxxxxxxxxxxx>
>Subject: Make $500 - $2500/Week on Ebay
>Date: Tue, 30 Jul 2002 17:44:24 -0400
>MIME-Version: 1.0
>Content-Type: text/html;
>    charset="iso-8859-1"
>Content-Transfer-Encoding: quoted-printable
>X-Priority: 3
>X-MSMail-Priority: Normal
>Reply-To: bdkr8xxxmeb13mxy@xxxxxxx
>Message-Id:
><20020730214101.PETW8091.fep02-svc.mail.telepac.pt@[210.55.4.173]>
>
>I hope this makes sense? I would love to get rid of the acceptance of email
>addressed to 'www' totally. I hope one of you Gurus can help... I don't
>really want to start messing around with the 'virtusertable' file.
>
>Regards,
>
>Charles Teton

Prev by Date: [cobalt-users] Any ideas why spammers can use anyname@xxxxxxxxxxxxxxxx?
Next by Date: [cobalt-users] Re:Any ideas why spammers can use anyname@xxxxxxxxxxxxxxxx?
Previous by thread: [cobalt-users] Re:Any ideas why spammers can use anyname@xxxxxxxxxxxxxxxx?
Next by thread: [cobalt-users] Arghhh...they have my address

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index