[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Weird message header?

On Wed, Dec 27, 2000 at 11:09:23PM +0100, Peczoli Zoltan wrote:

> Envelope-to: somebody@mydomain.com
> Received: from [212.108.236.133] (helo=d4t2e9)
>         by mydomain.com with smtp (Exim 3.16 #1 (Debian))
>         id 149C7D-0000vQ-00
>         for <somebody@mydomain.com>; Thu, 21 Dec 2000 21:15:04 +0100
> MIME-Version: 1.0
> Content-Type: multipart/mixed; boundary="--VE74123GD23SXEF4TEZW167"
> Message-Id: <E149C7D-0000vQ-00@mydomain.com>
> From: Remote Mail Delivery System <>
> Bcc:
> Date: Thu, 21 Dec 2000 21:15:04 +0100
> Status:   
> X-PMFLAGS: 570949760 0 1 P29A60.CNM

You are being targetted from a probably spoofed ip with this junk. That ip
doesn't resolve, although it is "close" to that .hu domain that Karsten
mentioned. For my money that doesn't make it any more likely that that is
where it originated.

> 2. What was the route of this mail? It looks that my system relayed the
> given host's outgoing mail.

No. Receiving mail is not relaying mail. 

> It's impossible, I've told exim not to do so

What you've told Exim is not to act as an SMTP host for anyone but your
local users. This mail was addressed to your system. So why shouldn't you
receive it?

> How can I do this?

Just for the heck of it drop the _entire_ message, with ALL headers, into
Spamcop and see what it comes up with. 

http://spamcop.net

Then ask Karsten for help with a procmail recipe! <g>

-- 
Bob Bernstein
at
Esmond, Rhode Island, USA
Reply to: