Below are the header lines of a piece of spam. I am certain that my mail
server (65.38.154.56) delivered the e-mail to mail.tahoemountainclub.com (an
exchange server).
Is the mail.com server (63.243.127.170) sending spam to [EMAIL PROTECTED]
I noticed mail.com is a free web based e-mail service with free mail
forwarding. Can I trust these lines in the header indicating that mail.com
is sending to ewparnters.com?
63.243.127.170 is USLEC and mail.com has an MX record of 202.77.181.10,
which is also ns1.portal2.com and the SOA for the mail.com domain.
Can I determine with certainty who sent this to ewpartners.com?
I appreciate any insight on the subject.
Thanks.
ron
Microsoft Mail Internet Headers Version 2.0
Received: from ewpartners.com ([65.38.154.56]) by mail.tahoemountainclub.com
with Microsoft SMTPSVC(5.0.2195.5329);
Fri, 20 Jun 2003 20:23:56 -0700
Received: from SMTP32-FWD by ewpartners.com
(SMTP32) id A0000062C; Fri, 20 Jun 2003 21:13:48 -0600
Received: from mail.com [63.243.127.170] by ewpartners.com
(SMTPD32-7.07) id AD65A000DC; Fri, 20 Jun 2003 21:13:41 -0600
To: All <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
X-Mailer: OutLook Express 3.14159
Subject: All, Get Rid of SPAM for GOOD!
MIME-Version: 1.0
Content-type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <[EMAIL PROTECTED]>
X-RBL-Warning: DSBL: http://dsbl.org/listing?ip=63.243.127.170
X-RBL-Warning: SPAMCOP: Blocked - see
http://spamcop.net/bl.shtml?63.243.127.170
X-RBL-Warning: BADHEADERS: This E-mail was sent from a broken mail client
[c020020c].
X-RBL-Warning: SPAMHEADERS: This E-mail has headers consistent with spam
[c020020c].
X-RBL-Warning: SNIFFER: Message failed SNIFFER: 63.
X-RBL-Warning: WEIGHT10: Weight of 31 reaches or exceeds the limit of 10.
X-RBL-Warning: WEIGHT11: Weight of 31 reaches or exceeds the limit of 11.
X-RBL-Warning: WEIGHT12: Weight of 31 reaches or exceeds the limit of 12.
X-RBL-Warning: WEIGHT13: Weight of 31 reaches or exceeds the limit of 13.
X-RBL-Warning: WEIGHT14: Weight of 31 reaches or exceeds the limit of 14.
X-RBL-Warning: WEIGHT15: Weight of 31 reaches or exceeds the limit of 15.
X-RBL-Warning: WEIGHT20: Weight of 31 reaches or exceeds the limit of 20.
X-Declude-Sender: [EMAIL PROTECTED] [63.243.127.170]
X-Declude-Spoolname: Dcd6500a000dc0d0b.SMD
X-Note: This E-mail was scanned by Declude JunkMail (www.declude.com) for
spam.
X-Spam-Tests-Failed: DSBL, SPAMCOP, BADHEADERS, IPNOTINMX, SPAMHEADERS,
SNIFFER, WEIGHT10, WEIGHT11, WEIGHT12, WEIGHT13, WEIGHT14, WEIGHT15,
WEIGHT20
X-Country-Chain:
X-Note: This E-mail was sent from uslec-63-243-127-170.cust.uslec.net
([63.243.127.170]).
Precedence: bulk
Sender: [EMAIL PROTECTED]
Date: Fri, 20 Jun 2003 21:13:48 -0600
Return-Path: [EMAIL PROTECTED]
X-OriginalArrivalTime: 21 Jun 2003 03:23:56.0279 (UTC)
FILETIME=[8C328070:01C337A4]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
