On Thu, June 14, 2007 10:28, MrC said: > >> I have an issue where spam is being sent through Squirrel >> Mail by using a valid user's account. asulfsted@xxxxxxxxx is >> a valid user on our server. Our mail server address is >> 216.23.70.55. What concerns me, is this : >> >> Received: from 81.199.161.117.ipplanet.net ([81.199.161.117]) >> (SquirrelMail authenticated user asulfsted) >> by mail.comey.com with HTTP >> >> Any suggestions would be greatly appreciated. >> Here are the headers in full: >> >> HEADERS: >> >> Return-Path: <*asulfsted@xxxxxxxxx* <mailto:asulfsted@xxxxxxxxx>> >> Received: from rly-mf03.mail.aol.com (rly-mf03.mail.aol.com >> [172.20.29.173]) by air-mf10.mail.aol.com (v115.11) with >> ESMTP id MAILINMF104-94c465adf06203; Mon, 28 May 2007 09:54:32 -0400 >> Received: from mail2.comey.com (mail2.comey.com >> [216.23.70.55]) by rly-mf03.mail.aol.com (v115.13) with ESMTP >> id MAILRELAYINMF032-94c465adf06203; Mon, 28 May 2007 09:54:15 -0400 > > If your MTA supports some form of header checks, you can reject messages > with the obvious forgeries. Learn what your MTA inserts for its Received > headers and reject email that doesn't match. For sendmail, look up SPF milter > >> Received: from mail2.comey.com (localhost.localdomain [127.0.0.1]) >> by mail2.comey.com (8.13.3/8.13.3) with ESMTP id l4SDsD4D020637 >> for <jdavechase@xxxxxxx <mailto:jdavechase@xxxxxxx>>; Mon, >> 28 May 2007 >> 09:54:14 -0400 >> Received: (from www@localhost <mailto:www@localhost>) >> by mail2.comey.com (8.13.3/8.13.3/Submit) id l4SDsBjG020625; >> Mon, 28 May 2007 09:54:11 -0400 >> Received: from 81.199.161.117.ipplanet.net ([81.199.161.117]) >> (SquirrelMail authenticated user asulfsted) >> by mail.comey.com with HTTP; >> Mon, 28 May 2007 09:54:11 -0400 (EDT) >> Message-ID: <3101.81.199.161.117.1180360451.squirrel@xxxxxxxxxxxxxx >> <mailto:3101.81.199.161.117.1180360451.squirrel@xxxxxxxxxxxxxx>> >> Date: Mon, 28 May 2007 09:54:11 -0400 (EDT) >> Subject: Notification Letter!! >> From: asulfsted@xxxxxxxxx <mailto:asulfsted@xxxxxxxxx> >> Reply-To: *agent_frank7@xxxxxxxxxxx* <mailto:agent_frank7@xxxxxxxxxxx> >> User-Agent: SquirrelMail/1.4.4 >> MIME-Version: 1.0 >> Content-Type: text/plain;charset=iso-8859-1 >> X-Priority: 3 (Normal) >> Importance: Normal >> Content-Transfer-Encoding: quoted-printable >> X-MIME-Autoconverted: from 8bit to quoted-printable by >> mail2.comey.com id l4SDsD4D020637 >> X-AOL-IP: 216.23.70.55 >> X-AOL-SCOLL-SCORE: 0:2:494944716:6710886 >> X-AOL-SCOLL-URL_COUNT: 0 > > ------ William R. Mussatto Systems Engineer http://www.csz.com 909-920-9154 ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ -- squirrelmail-users mailing list Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines List Address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
