On 24. 05. 2017 00:04, Joel Rees wrote: > Only you can tell, from the headers, and from your own setup, whether the > junk-fraudmailers just spoofed your address or actually used your computer > to send it.
For what is worth: a few hours ago I've received several mails that look similar. They are seemingly sent from valid Gmail accounts (received by my inbound SMTP from Google outbound servers and authenticated via SPF and DKIM). They all contain an angry/sad reply on top of a quoted spam message. My email and name is quoted as the original author of the spam message. The spam message looks similar to what Fungi4All quoted. The interesting part is that all the mails have a In-Reply-To and References headers. These headers contain message ID from one of my previous mails to debian-user. I see no indications in my server's log files that the quoted spam originated from my server. My guess is that these were genuine replies from Gmail users to spam sent with my address in a spoofed From: field. Perhaps someone figured out that using Message IDs from valid mails allows them to circumvent Google's spam and SPF/DKIM checks. Best regards Tomaž
signature.asc
Description: OpenPGP digital signature