On Thu, 9 Jun 2011, m.roth at 5-cent.us wrote: > As, for the last three weeks or so, I've gotten a *bunch* of bounced > emails, or notifications that something couldn't be delivered, because > some scumbag has forged my email, putting it into the Reply-To: for their > spam. Yes, me too. It seems a regular thing here for my email addresses. I did have a catch-all email address, ie whatever at my-domain.net, but that is just *asking* for spam! Kind Regards, Keith Roberts > <snip> >> The important headers in question are the 'Received:' headers, paying >> close attention to the one that identifies where the mail entered >> a legitimate server -- eg one's inbound mail server. > > Yep. Look at the chain of them, and mostly at the bottom, or the bottom > two, and the Message-ID. If the IP's bogus (as in, 355.x.x.x, or the > MessageID is something completely different than where it claims to be > from, that's your givaway. > > mark > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > -- ----------------------------------------------------------------- Websites: http://www.karsites.net http://www.php-debuggers.net http://www.raised-from-the-dead.org.uk All email addresses are challenge-response protected with TMDA [http://tmda.net] -----------------------------------------------------------------