and this bit
was the host in question running some sort of http-proxy like squidX-Mailer: mPOP Web-Mail 2.19 X-Originating-IP: 127.0.0.1 via proxy [216.239.175.40]
or junkbuster? incorrectly configured they can be used to forward http requests.
On Monday, July 21, 2003, at 04:10 PM, Bob Crandell wrote:
Hi,This is a Signature: Someday soon it will have clever sayings and URL's
The computer they are complaining about [216.239.175.40] is not running sendmail or
qmail, yet spamers are using it somehow. Please tell me there is enough information
here to determine that they are spoofing. This computer is not supposed to be
handling email at all.
I'm trying to help this guy but I don't know enough to be very good at it.
Thanks.
----- Original Message ----- From: "David Hodgert" <[EMAIL PROTECTED]> To: "Jim Bauer" <[EMAIL PROTECTED]> Sent: Monday, July 21, 2003 12:21 PM Subject: FW: spam
-
-----Original Message----- From: Matt Freitag [mailto:[EMAIL PROTECTED] Sent: Monday, June 02, 2003 9:51 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: FW: spam Importance: High
Jim,
You really need to get this taken care of.
-Matt
-----Original Message-----
From: sales [mailto:[EMAIL PROTECTED]
Sent: Sunday, June 01, 2003 9:52 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED];[EMAIL PROTECTED];
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: spam
Spam is simultaneously being send from host 216.239.175.40, reply-to [EMAIL PROTECTED]
Header below
---------------------------------------------------------------------- ----Return-Path: <[EMAIL PROTECTED]>=?koi8- r?Q?=F3=CC=D5=D6=C2=C1=20=D0=CF=C4=C4=C5=D2=D6=CB=C9=20=C2=C5=D3=D0=C
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 58839 invoked by uid 89); 1 Jun 2003 01:20:13 +0400 (MSD)
Received: from unknown (HELO mx1.valuehost.ru) (62.118.251.15)
by mail.valuehost.ru with SMTP; 1 Jun 2003 01:20:13 +0400 (MSD)
Received: by mx1.valuehost.ru (Postfix, from userid 198)
id 5A65D181969; Sun, 1 Jun 2003 01:20:13 +0400 (MSD)
Received: from f21.mail.ru (f21.mail.ru [194.67.57.54])
by mx1.valuehost.ru (Postfix) with ESMTP id 2E39818193D
for <[EMAIL PROTECTED]>; Sun, 1 Jun 2003 01:20:13 +0400
(MSD)
(envelope-from [EMAIL PROTECTED])
Received: from mail by f21.mail.ru with local
id 19MDlt-000PpF-00
for [EMAIL PROTECTED]; Sun, 01 Jun 2003 01:20:13 +0400
Received: from [216.239.175.40] by koi.mail.ru with HTTP;
Sun, 01 Jun 2003 01:20:13 +0400
From: "ipxsn_ln19umzu3 ipxsn_ln19umzu3" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject:
C=C1=D4=CE=CF=CA=20=D0=CF=DE=D4=CF=D7=CF=CA=20=D3=C9=D3=D4=C5=CD=D9=20= 20=20
=20=20=20?=. Mime-Version: 1.0 X-Mailer: mPOP Web-Mail 2.19 X-Originating-IP: 127.0.0.1 via proxy [216.239.175.40] Date: Sun, 01 Jun 2003 01:20:13 +0400 Reply-To: "ipxsn_ln19umzu3 ipxsn_ln19umzu3" <[EMAIL PROTECTED]> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit Message-Id: <[EMAIL PROTECTED]>
xcvxcvxcv xcvxcv xcvxcv
-- Bob Crandell Assured Computing When you need to be sure. [EMAIL PROTECTED] www.assuredcomp.com Voice - 541-689-9159 FAX - 541-463-1627 Eugene, Oregon
_______________________________________________ EuG-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
_______________________________________________ EuG-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
