In general, all the others could be forged. With some human investigation you might be able to decide that some other "Received: from" lines are valid, but I don't know of an automated way to do that.
-Tod
On May 2, 2004, at 10:12 AM, David Haney wrote:
Guys,
Here is the header on one of incoming spam messages. There are 3 IP
addresses in the header as "Received: from". Which one, or should all 3 be
listed "Black Listed" section in SIMS under the SMTP Settings / Anti-Spam
Options / Blacked Listed section?
*********************************************************************
Return-Path: [EMAIL PROTECTED]
Received: from 213.228.211.190 ([213.228.211.190] verified) by
davidhaney.com (Stalker SMTP Server 1.8b8) with SMTP id S.0000136642 for
<[EMAIL PROTECTED]>; Sun, 02 May 2004 05:46:42 -0700
X-Message-Info: 168VQJho2ay75ZwwJ203gp9dndfTgoHyhtPRSor3q
Received: from dbzmail.com ([80.220.154.208]) by ms3-o3.dbzmail.com with
Microsoft SMTPSVC(6.2.1517.0510);
Sun, 04 May 2003 22:21:48 +0400
Received: from dbzmail.com (dbzmail.com [160.62.56.71])
by dbzmail.com (8.12.10/8.12.9) with ESMTP id djt376JMRS5153
for <[EMAIL PROTECTED]>; Sun, 04 May 2003 20:28:48 +0200 (EST)
(envelope-from [EMAIL PROTECTED])
Received: from TTQ8018350452 (modemcable811.1365-664.zz.dbzmail.com
[40.19.87.96])
(authenticated bits=2)
by dbzmail.com (8.12.10/8.12.9) with ESMTP id S03goh95BMV691
for <[EMAIL PROTECTED]>; Sun, 04 May 2003 12:19:48 -0600 (EST)
(envelope-from [EMAIL PROTECTED])
Message-ID: <[EMAIL PROTECTED]>
From: "Kirsten Hagen" <[EMAIL PROTECTED]>
*********************************************************************
David Haney ADVANCED DATABASE SYSTEMS (ADS) ______________________________________ [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Tel: (602) 992-3800 Fax: (602) 992-2428 ICQ: 10323533 AIM: david123haney MSN: [EMAIL PROTECTED] Yahoo: david123haney iChat: [EMAIL PROTECTED] ____________________________________ EasyACCOUNTING with FileMaker Pro http://www.filemakeraccounting.com ftp://ftp.filemakeraccounting.com ____________________________________ HOSTING-Lasso/PHP/FileMaker/4D/mySQL http://www.davidhaney.com ftp://ftp.davidhaney.com ftp://music.davidhaney.com ftp://applications.davidhaney.com ____________________________________
############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
