I am not up to speed on any of this kind of stuff and need some help, I was
contacted by the owner of the website that is for the company that my wife
works for and he was wondering what this was here is some of that message::
"Begin quote"
Dear Liaqat Khalfe, (Customer ID: 28641207)
We have gotten a complaint from another customer that his email address is
being spoofed by your server. Please see the header below and take steps to
secure your server.
Return-Path: <>
Delivery-Date: Sat, 15 Oct 2011 12:40:35 -0400
Received: from family-wellness-care.com (s15380079.onlinehome-server.com
[74.208.197.81])
by mx.perfora.net (node=mxus0) with ESMTP (Nemesis)
id 0LdoM7-1Qool62hrn-00ixsK for [email protected];
Sat, 15 Oct 2011 12:40:35 -0400
From: postmaster@S15380079
To: [email protected]
Date: Sat, 15 Oct 2011 12:40:35 -0400
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="9B095B5ADSN=_01CC745006BF338800001E54family?wellness?"
X-DSNContext: 7ce717b1 - 1196 - 00000002 - 00000000
Message-ID: <[email protected]>
Subject: Delivery Status Notification (Failure)
Envelope-To: [email protected]
--
Sincerely,
Security Team
1&1 Internet, Inc.
"End quote"
He is very paranoid and I have looked thru the event viewer and have seen
stuff like this:
Message delivery to the host '82.98.86.161' failed while delivering to the
remote domain 'yahoo.com.twm.tw' for the following reason: The remote server
did not respond to a connection attempt.
And
Message delivery to the host '168.95.5.53' failed while delivering to the
remote domain 'ms56.hinet.net' for the following reason: The remote server
did not respond to a connection attempt.
This guy [email protected] that is in the message used to be the web
guy and had access to the server but no more, very flakey.
The owner has tried contacting 1&1 and their abuse team is only available
from 9AM CST and I will call them tomorrow but I was wondering if there is
anything I can do on the server side this eve.
Mark Dodge
MD Computers
Houston, TX
