I did some digging and found some info for you. Check out the evidence file near the bottom of this link:
http://dnsbl.net.au/lookup/?213.154.55.109
Received: from mycommail.com (mail.mycommail.com [213.154.55.109]) by mx1.reynolds.net.au (8.12.11/8.12.11) with ESMTP id j14MbMtf017528 for <[EMAIL PROTECTED]>; Sat, 5 Feb 2005 06:37:25 +0800
This is a very bad sign. With only 1 Received: header, it means that IMail didn't send the E-mail. What it does mean is that whatever program sent the E-mail was running on 213.154.55.109, but didn't add a Received: header. That means that it is a mail client. Normally, a mail client should never be running on a mailserver.
Most likely, the computer was hacked into.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000.
Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask for a free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
