Odd, that. :-)
Thx, D.
At 10:07 AM 11/29/2004, you wrote:
I was wondering about that since the site states that it accurately identifies the ISP that sent the spam.
Darin Cox wrote:
We get these from a variety of sources...these are postmasters who don't know what they're doing...and are contributing to the spam problem by replying to forged spam/virus messages.
Darin.
----- Original Message ----- From: "Dale McDiarmid" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, November 29, 2004 11:27 AM Subject: [IMail Forum] [EMAIL PROTECTED]
Hello...
I've been getting a steady stream of automated emails generated by [EMAIL PROTECTED] (www.hendricom.com) accusing my server of allowing spam. The IP and domains in the spam headers do not point to my domain and nothing in my logs indicates the messages went through my server.
Is anyone else seeing these? I'll be contacting [EMAIL PROTECTED] directly, but thought I'd find out if anyone else is getting these false positives.
Here's the text of on automated reply. I've snipped the included spam message, and included the [EMAIL PROTECTED] footer:
Thank you, D. __________________ I believe this email either originated from your domain, your domain was involved in it's delivery, or you are the victim of the spammer spoofing your domain information. All of the information is included for you to take action.
Here is the SMTP information.
IP Address(es) traced to 81.30.234.18 216.19.12.142 Domain(s) traced to BOOKMANS.COM HA-VEL.CZ Abuse address(es) traced to [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
== SMTP Start ========== Return-path: <[EMAIL PROTECTED]> Envelope-to: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] Delivery-date: Sun, 28 Nov 2004 21:31:32 -0500 Received: from [81.30.234.18] (helo=xx) by ping.dizinc.com with smtp (Exim 4.43) id 1CYbK7-0001oL-ET; Sun, 28 Nov 2004 21:31:32 -0500 Received: from yohaa.com (mmds-216-19-12-142.mm.az.commspeed.net [216.19.12.142]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <[EMAIL PROTECTED]> for [EMAIL PROTECTED]; Mon, 29 Nov 2004 07:24:05 +0500 Date: Sun, 28 Nov 2004 23:24:05 -0300 From: Roland Souza <[EMAIL PROTECTED]> X-Accept-Language: en-us, en To: [EMAIL PROTECTED] Subject: Re[1]: Where to buy in Canada MIME-Version: 1.0 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: 7Bit
<snip spam>
== SMTP End =========== Generated by [EMAIL PROTECTED] version 3.0.3 www.hendricom.com
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
