On 10/07/06, Bridgit Griffin (Withers) <[EMAIL PROTECTED]> wrote: > Received: from [220.70.206.152] (port=4460 helo=67.19.170.34) > by mustang.websitewelcome.com with smtp (Exim 4.52) > id 1Fv3uo-0006yP-G2 for [EMAIL PROTECTED]; Mon, > 26 Jun 2006 22:07:03 -0500 > Date: Mon, 26 Jun 2006 23:07:10 -0400 (EDT) > Date-warning: Date header was inserted by ms-mta-04.nyroc.rr.com > From: [EMAIL PROTECTED] > Subject: Re: hi > To: [EMAIL PROTECTED] > Message-id: <[EMAIL PROTECTED]> > X-AntiAbuse: This header was added to track abuse, > please include it with any abuse report > X-AntiAbuse: Primary Hostname - mustang.websitewelcome.com > X-AntiAbuse: Original Domain - colonichealth.net > X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12] > X-AntiAbuse: Sender Address Domain - colonichealth.net
Is 'colonichealth.net' your domain? If so, you're seeing very simple forged-header spam. Your provider could soup up their exim config to do extra checking before accepting incoming mail which forges its own domains. Note that this is spam forged as coming from you - but when the spammer connects to the next victim, the spam will be forged as coming from that victim - there's no evidence of using your provider's server to relay spam in your name. I don't know what box of tricks injects those X-AntiAbuse: headers, it isn't vanilla Exim - but whatever it is, it looks like it's being fooled by the forged spam. Have you spoken to the owner of the server? Peter -- Peter Bowyer Email: [EMAIL PROTECTED] -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
