> I have an issue where spam is being sent through Squirrel > Mail by using a valid user's account. asulfsted@xxxxxxxxx is > a valid user on our server. Our mail server address is > 216.23.70.55. What concerns me, is this : > > Received: from 81.199.161.117.ipplanet.net ([81.199.161.117]) > (SquirrelMail authenticated user asulfsted) > by mail.comey.com with HTTP > > Any suggestions would be greatly appreciated. > Here are the headers in full: > > HEADERS: > > Return-Path: <*asulfsted@xxxxxxxxx* <mailto:asulfsted@xxxxxxxxx>> > Received: from rly-mf03.mail.aol.com (rly-mf03.mail.aol.com > [172.20.29.173]) by air-mf10.mail.aol.com (v115.11) with > ESMTP id MAILINMF104-94c465adf06203; Mon, 28 May 2007 09:54:32 -0400 > Received: from mail2.comey.com (mail2.comey.com > [216.23.70.55]) by rly-mf03.mail.aol.com (v115.13) with ESMTP > id MAILRELAYINMF032-94c465adf06203; Mon, 28 May 2007 09:54:15 -0400 If your MTA supports some form of header checks, you can reject messages with the obvious forgeries. Learn what your MTA inserts for its Received headers and reject email that doesn't match. > Received: from mail2.comey.com (localhost.localdomain [127.0.0.1]) > by mail2.comey.com (8.13.3/8.13.3) with ESMTP id l4SDsD4D020637 > for <jdavechase@xxxxxxx <mailto:jdavechase@xxxxxxx>>; Mon, > 28 May 2007 > 09:54:14 -0400 > Received: (from www@localhost <mailto:www@localhost>) > by mail2.comey.com (8.13.3/8.13.3/Submit) id l4SDsBjG020625; > Mon, 28 May 2007 09:54:11 -0400 > Received: from 81.199.161.117.ipplanet.net ([81.199.161.117]) > (SquirrelMail authenticated user asulfsted) > by mail.comey.com with HTTP; > Mon, 28 May 2007 09:54:11 -0400 (EDT) > Message-ID: <3101.81.199.161.117.1180360451.squirrel@xxxxxxxxxxxxxx > <mailto:3101.81.199.161.117.1180360451.squirrel@xxxxxxxxxxxxxx>> > Date: Mon, 28 May 2007 09:54:11 -0400 (EDT) > Subject: Notification Letter!! > From: asulfsted@xxxxxxxxx <mailto:asulfsted@xxxxxxxxx> > Reply-To: *agent_frank7@xxxxxxxxxxx* <mailto:agent_frank7@xxxxxxxxxxx> > User-Agent: SquirrelMail/1.4.4 > MIME-Version: 1.0 > Content-Type: text/plain;charset=iso-8859-1 > X-Priority: 3 (Normal) > Importance: Normal > Content-Transfer-Encoding: quoted-printable > X-MIME-Autoconverted: from 8bit to quoted-printable by > mail2.comey.com id l4SDsD4D020637 > X-AOL-IP: 216.23.70.55 > X-AOL-SCOLL-SCORE: 0:2:494944716:6710886 > X-AOL-SCOLL-URL_COUNT: 0 ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ -- squirrelmail-users mailing list Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines List Address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
