[spamdyke-users] Block "Wrong" To: ?

[Stefan Pausch]

Hello,

 

in the past days my server receives alot of spam from known and valid mailhosts 
(aim, hotmail, etc) and I am looking for a solution to greylist/blacklist those 
attempts.

 

If I look into the mailheaders the receiving mail-address is not even listed 
(guess th BCC field is used).

 

I attach two mail headers which are spam. Is there a solution for such emails?

 

#### Mailheader one ####

 

X-Spam-Checker-Version: SpamAssassin 3.1.7-deb3 (2006-10-05) on 

                h1406933.stratoserver.net

X-Spam-Level: 

X-Spam-Status: No, score=0.6 required=7.0 tests=HTML_MESSAGE,NO_REAL_NAME,

                UNPARSEABLE_RELAY autolearn=no version=3.1.7-deb3

Received: (qmail 2509 invoked from network); 3 Jun 2009 20:31:34 +0200

Received-SPF: pass (stefanpausch.com: domain of aim.com designates 
64.12.143.145 as permitted sender) client-ip=64.12.143.145; 
envelope-from=scazonak...@aim.com; helo=omr-m33.mx.aol.com;

Received: from omr-m33.mx.aol.com (64.12.143.145)

  by stefanpausch.com with SMTP; 3 Jun 2009 20:31:34 +0200

Received: from imo-da04.mx.aol.com (imo-da04.mx.aol.com [205.188.169.202])

                by omr-m33.mx.aol.com (8.14.1/8.14.1) with ESMTP id 
n53ICXql028666;

                Wed, 3 Jun 2009 14:12:33 -0400

Received: from scazonak...@aim.com

                by imo-da04.mx.aol.com  (mail_out_v40_r1.5.) id i.c99.4b08cd82 
(37533)

                 for <garyjc...@hotmail.com>; Wed, 3 Jun 2009 14:12:23 -0400 
(EDT)

Received: from smtprly-db02.mx.aol.com (smtprly-db02.mx.aol.com 
[205.188.249.153]) by cia-mb01.mx.aol.com (v123.4) with ESMTP id 
MAILCIAMB016-5c374a26bcf227; Wed, 03 Jun 2009 14:12:19 -0400

Received: from WEBMAIL-DZ24 (webmail-dz24.sim.aol.com [205.188.185.38]) by 
smtprly-db02.mx.aol.com (v123.4) with ESMTP id MAILSMTPRLYDB025-5c374a26bcf227; 
Wed, 03 Jun 2009 14:12:02 -0400

To: garyjc...@hotmail.com

Subject: Just want to inform you.

Date: Wed, 03 Jun 2009 14:12:02 -0400

X-AOL-IP: 79.33.107.112

X-MB-Message-Source: WebUI

MIME-Version: 1.0

From: scazonak...@aim.com

X-MB-Message-Type: User

Content-Type: multipart/alternative; 

 boundary="--------MB_8CBB28DED8ADDFF_177C_DCE_WEBMAIL-DZ24.sysops.aol.com"

X-Mailer: AIM WebMail 42952-STANDARD

Received: from 79.33.107.112 by WEBMAIL-DZ24.sysops.aol.com (205.188.185.38) 
with HTTP (WebMailUI); Wed, 03 Jun 2009 14:12:02 -0400

Message-Id: <8cbb28ded861953-177c-...@webmail-dz24.sysops.aol.com>

 

 

----------MB_8CBB28DED8ADDFF_177C_DCE_WEBMAIL-DZ24.sysops.aol.com

Content-Transfer-Encoding: 7bit

Content-Type: text/plain; charset="us-ascii"

 

#### Mailheader two ####

 

X-Spam-Checker-Version: SpamAssassin 3.1.7-deb3 (2006-10-05) on 

                h1406933.stratoserver.net

X-Spam-Level: 

X-Spam-Status: No, score=0.6 required=7.0 tests=HTML_MESSAGE,NO_REAL_NAME,

                UNPARSEABLE_RELAY autolearn=no version=3.1.7-deb3

Received: (qmail 7560 invoked from network); 4 Jun 2009 16:35:19 +0200

Received-SPF: pass (stefanpausch.com: domain of aim.com designates 
205.188.249.131 as permitted sender) client-ip=205.188.249.131; 
envelope-from=jabne...@aim.com; helo=omr-d33.mx.aol.com;

Received: from omr-d33.mx.aol.com (205.188.249.131)

  by stefanpausch.com with SMTP; 4 Jun 2009 16:35:19 +0200

Received: from imo-da02.mx.aol.com (imo-da02.mx.aol.com [205.188.169.200])

                by omr-d33.mx.aol.com (8.14.1/8.14.1) with ESMTP id 
n54EM8Zn024338;

                Thu, 4 Jun 2009 10:22:08 -0400

Received: from jabne...@aim.com

                by imo-da02.mx.aol.com  (mail_out_v40_r1.5.) id i.c31.590f1c25 
(37552)

                 for <bit...@kbbsnet.com>; Thu, 4 Jun 2009 10:21:57 -0400 (EDT)

Received: from smtprly-db02.mx.aol.com (smtprly-db02.mx.aol.com 
[205.188.249.153]) by cia-mb03.mx.aol.com (v123.4) with ESMTP id 
MAILCIAMB031-5c374a27d872b8; Thu, 04 Jun 2009 10:21:54 -0400

Received: from webmail-dh32 (webmail-dh32.sim.aol.com [205.188.170.134]) by 
smtprly-db02.mx.aol.com (v123.4) with ESMTP id MAILSMTPRLYDB025-5c374a27d872b8; 
Thu, 04 Jun 2009 10:21:38 -0400

To: bit...@kbbsnet.com

Subject: Hot news for you.

Date: Thu, 04 Jun 2009 10:21:38 -0400

X-AOL-IP: 83.230.175.12

X-MB-Message-Source: WebUI

MIME-Version: 1.0

From: jabne...@aim.com

X-MB-Message-Type: User

Content-Type: multipart/alternative; 

 boundary="--------MB_8CBB336E8484651_9F8_5313_webmail-dh32.sysops.aol.com"

X-Mailer: AIM WebMail 42952-STANDARD

Received: from 83.230.175.12 by webmail-dh32.sysops.aol.com (205.188.170.134) 
with HTTP (WebMailUI); Thu, 04 Jun 2009 10:21:38 -0400

Message-Id: <8cbb336e8411f46-9f8-2...@webmail-dh32.sysops.aol.com>

 

 

----------MB_8CBB336E8484651_9F8_5313_webmail-dh32.sysops.aol.com

Content-Transfer-Encoding: 7bit

Content-Type: text/plain; charset="us-ascii"

 

 


_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users