[CentOS] Paypal phishing warning

Thu Jun 9 13:32:44 UTC 2011
Keith Roberts <keith at karsites.net>

On Thu, 9 Jun 2011, m.roth at 5-cent.us wrote:

> As, for the last three weeks or so, I've gotten a *bunch* of bounced
> emails, or notifications that something couldn't be delivered, because
> some scumbag has forged my email, putting it into the Reply-To: for their
> spam.

Yes, me too.

It seems a regular thing here for my email addresses.

I did have a catch-all email address, ie 
whatever at my-domain.net, but that is just *asking* for 
spam!

Kind Regards,

Keith Roberts

> <snip>
>> The important headers in question are the 'Received:' headers, paying
>> close attention to the one that identifies where the mail entered
>> a legitimate server -- eg one's inbound mail server.
>
> Yep. Look at the chain of them, and mostly at the bottom, or the bottom
> two, and the Message-ID. If the IP's bogus (as in, 355.x.x.x, or the
> MessageID is something completely different than where it claims to be
> from, that's your givaway.
>
>        mark
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

-- 
-----------------------------------------------------------------
Websites:
http://www.karsites.net
http://www.php-debuggers.net
http://www.raised-from-the-dead.org.uk

All email addresses are challenge-response protected with
TMDA [http://tmda.net]
-----------------------------------------------------------------