Hello all,
I have 3 mx records for my domain. The first 2 are pointing to the external
mail gateways (primary and backup) both running Imail with declude
junkmail/virus. The 3rd mx record points directly to my internal exchange
server (running scanmail), which bypasses all junkmail and virus scanning by
declude, and I thought only would be used if the first two mailservers fail.
I have noticed in the last few weeks a few spam messages being sent directly
to my internal exchange mailserver. I was not aware that this is possible
when my mx records are configured as they are. If someone can explain how
this can be happening, and any suggestions for a more secure setup would be
much appreciated. Below is the header of one of the messages.
Received: from 68.60.235.20 (12-207-220-249.client.attbi.com
[12.207.220.249]) by chirala.psr.edu with SMTP (Microsoft Exchange Internet
Mail Service Version 5.5.2653.13)
id N9GX5QVR; Mon, 14 Jul 2003 11:15:44 -0700
Return-Path: Received: from 82.49.149.76 ([82.49.149.76]) by hd.regsoft.net
with asmtp; Jul, 14 2003 12:23:25 PM +1200
Received: from [24.118.23.60] by n9.groups.yahoo.com with SMTP; Jul, 14 2003
11:02:40 AM +1200
Received: from [135.12.72.250] by ssymail.ssy.co.kr with SMTP; Jul, 14 2003
10:05:37 AM -0100
From: 1-800-Patches <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Beyond Ephedra, Beyond Everything!
Sender: 1-800-Patches <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/html; charset="iso-8859-1"
Date: Mon, 14 Jul 2003 12:24:44 -0600
X-Mailer: The Bat! (v1.52f) Business
Thanks for your help,
Jeffrey
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
