Here is a header for some spam I got: >Return-Path: [EMAIL PROTECTED] >Received: from karabalta.kg ([195.38.186.2] verified) by mx.4pi.com >(Stalker SMTP Server 1.8b9d3) with ESMTP id
But, an A-record lookup on karabalta.kg yields 192.168.0.1. IOW, they are either deliberately obfuscating this, or are simply stupid with their DNS. Enough looking around shows that 195.38.186.2 is ns.karabalta.kg. How does SIMS do this again? I thought it did a reverse lookup on the IP, then if it gets a PTR record, it checks the PTR result to see if there is a matching A record. Only then does it mark it as verified. But in this case, there is no PTR record for 195.38.186.2, AFAICT. Stefan Jeglinski ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
