On Thu, 9 Jun 2011, m.roth@5-cent.us wrote:
As, for the last three weeks or so, I've gotten a *bunch* of bounced emails, or notifications that something couldn't be delivered, because some scumbag has forged my email, putting it into the Reply-To: for their spam.
Yes, me too.
It seems a regular thing here for my email addresses.
I did have a catch-all email address, ie whatever@my-domain.net, but that is just *asking* for spam!
Kind Regards,
Keith Roberts
<snip> > The important headers in question are the 'Received:' headers, paying > close attention to the one that identifies where the mail entered > a legitimate server -- eg one's inbound mail server.
Yep. Look at the chain of them, and mostly at the bottom, or the bottom two, and the Message-ID. If the IP's bogus (as in, 355.x.x.x, or the MessageID is something completely different than where it claims to be from, that's your givaway.
mark
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos