Re: How to interpret rejected message

[Kevin Peuhkurinen]

The only recieved headers you can trust are the ones that say that they 
were recieved by a machine that is in your control.   Any others can be 
forged.    You also want to believe only the IP address and possibly the 
reverse DNS lookup provided by your mail server as the name provided in 
the HELO can be forged as well.

Although you haven't provided entire header lines here, in your example 
it looks like the mail originated from 24.220.xx.xx which has the 
reverse DNS name of host-xx-xx-220-24.midco.net which is a dynamic 
address hosted by the ISP midco.net.

Dale Haman wrote:
Forgive me if this is not the right list for this. I am fairly new to SA
and linux email in general. My question is how to interpret a rejected
message like this section for instance:
The mail originated from: <[EMAIL PROTECTED]>
According to the 'Received:' trace, the message originated at:
  info.com (host-XX-XX-220-24.midco.net [24.220.XX.XX]) 

Which one did it actually come from? Hotmail or Midco.net? I have
received many of these with several different " The mail originated
from:" but the " According to the 'Received:' trace" is from the same
address. Do I believe the originated from or the trace?
I am running the configuration from this site:
http://www.geocities.com/scottlhenderson/spamfilter.html
postfix 
amavisd-new 
SpamAssassin (aka "SA") 
Razor

Thanks for your help.
Dale