[NOTE: Your mail server [216.83.193.70] is missing a reverse DNS entry. All Internet hosts are required to have a reverse DNS entry. The missing reverse DNS entry will cause your mail to be treated as spam on some servers, such as AOL.]
i got the same message from him alot of spammers are using that mypersonalemail.com as theri spoofed domain. He runs a free email service by himself and i had exchanged a few more emails with him. He is a pretty nice guy really just pissed off with what spammers are doing to him ---------- Original Message ---------------------------------- From: "R. Scott Perry" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Date: Fri, 08 Mar 2002 11:11:08 -0500 > >>Below are the headers of a message that got caught by the CR vulnerability >>test in Declude Virus. I got an email from the >>[EMAIL PROTECTED] bitching me out because I was an idiot, as an >>admin I should know how to read headers, and that the headers clearly >>indicate that this email had nothing to do with @mypersonalemail.com, and >>that my bounce messages getting sent to him are just as bad as the spam they >>are generated from. From what I can tell, he's really right (except about >>the idiot part. :-)). > >The remote postmaster bounce messages by default go to the postmaster at >the domain that was used to send the message, which is often NOT shown in >the headers. That's the "return address"; the same address that bounce >messages will go to. > >>X-Intouch-Note: Sender:[[EMAIL PROTECTED]] > >In this case, the spammer used an address at mypersonalemail.com for bounce >messages to go to, so that is the address that Declude sent >to. Unfortunately, spammers often forge addresses that they use. This can >cause collateral damage to the postmasters at those domains (who people >will send spam complaints to), as well as notifications such as these. > >>How can we handle this? We don't want to disable notifications altogether >>(and I think that's our only option in D.Virus, on or off). Most (if not >>all) of the CR catches are SPAM. Can notifications for ALL other tests that >>Declude Virus does be seperated from the 'generic' virus notification, much >>like the bannotify.eml does? > >That is something that we are planning to add. In the meantime, it is >possible to turn off the Outlook CR Vulnerability test (with a line >"BANCRVIRUSES OFF" in the virus.cfg file). > -Scott > >--- >[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > >This E-mail came from the Declude.Virus mailing list. To >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >type "unsubscribe Declude.Virus". You can E-mail >[EMAIL PROTECTED] for assistance. You can visit our web >site at http://www.declude.com . > ________________________________________________________________ Sent via the WebMail system at lohrtech.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
