I'm getting the same for several days. There are few recent comments over on the Imail forum, but nothing that clears up their purpose.
What I find worrisome over the few weeks is the increase of all the various spam problems. Number of Nigerian letters are way up; spam coming through passing most all of the tests or with very low score are up; etc. Add to it the recent "discovery" of spam failing Declude tests but getting NO ACTIONS WERE TAKEN. John C -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Beckstrom Sent: Monday, June 05, 2006 10:24 PM To: [email protected] Subject: [Declude.JunkMail] Please take a look at this - forged mail headers? I've been receiving some strange spam today on various email addresses of ours. Its almost like they are profiling various addresses to see if they are working. The "from" and "to" addresses are the same email address and they are valid addresses on our domain. However, it appears they are forging headers. Can someone take a look at these headers and tell me if its something I need to worry about? The body of the emails are a series of 3 to 4 numbers -- nothing meaningful. Which is why I think we are being profiled for some nefarious reason. The return-path, from and to address, smtp sender and message-id all look like valid headers for our mail server. However, the "sever name" is obviously not ours. So they aren't sending via our mail server (we haven't been hacked) however everything else is forged. What would be the purpose? Here are the headers: Return-Path: <[EMAIL PROTECTED]> Mon Jun 05 22:03:23 2006 Received: from catv25.avis.ne.jp [202.247.193.25] by perseus.sixthweb.com with SMTP; Mon, 5 Jun 2006 22:03:23 -0500 Date: Tue, 06 Jun 2006 11:59:17 +0900 To: "Racing" <[EMAIL PROTECTED]> From: "Racing" <[EMAIL PROTECTED]> Subject: 586876 Message-ID: <[EMAIL PROTECTED]> MIME-Version: 1.0 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: 7bit X-RBL-Warning: SPFUNKNOWN: SPF returned UNKNOWN for this E-mail. X-RBL-Warning: Filter_Country: Message failed Filter_Country test (line 110, weight 3) X-Note: ======================================== X-Note: Spam Score: [4] X-Note: Scan Time: 22:03:35 on 05 Jun 2006 X-Note: Spool File: 30844292.EML X-Note: Server Name: catv25.avis.ne.jp X-Note: SMTP Sender: [EMAIL PROTECTED] X-Note: Reverse DNS & IP: catv25.avis.ne.jp [202.247.193.25] X-Note: Recipient(s): <fwd>[EMAIL PROTECTED] X-Note: Country Chain: JAPAN->destination X-Note: Failed Weights: SPFUNKNOWN [1], Filter_Country [3] X-Note: ======================================== X-Rcpt-To: <[EMAIL PROTECTED]> --- [This E-mail scanned for viruses by Declude Virus] [This E-mail scanned for viruses by Declude EVA] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. [This E-mail scanned for viruses by Declude EVA] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
