Re: spam -- but no received: heders?

To: Will Trillich <will@serensoft.com>
Cc: debian-user@lists.debian.org
Subject: Re: spam -- but no received: heders?
From: Oliver Elphick <olly@lfix.co.uk>
Date: Wed, 19 Nov 2003 18:29:20 +0000
Message-id: <[🔎] 1069266559.26368.222.camel@linda.lfix.co.uk>
In-reply-to: <[🔎] 20031119181729.GF22971@serensoft.com>
References: <[🔎] 20031119181729.GF22971@serensoft.com>

On Wed, 2003-11-19 at 18:17, Will Trillich wrote:
> normally there's a lot of "received:" headers that can track
> back to the original ip -- but this looks like it was sent from
> localhost...  eesh!
> 
> 	Received: from mail by boss.serensoft.com with spam-scanned (Exim 3.35 #1 (Debian))
> 		id 1AMVOt-00034C-00
> 		for <will@serensoft.com>; Wed, 19 Nov 2003 10:41:57 -0600
> 	Received: from localhost [127.0.0.1] by boss.serensoft.com
> 		with SpamAssassin (2.60 1.212-2003-09-23-exp);
> 		Wed, 19 Nov 2003 10:41:57 -0600
> 
> at least message-id implies it came thru yahoo.ca:
> 
> 	Message-Id: <FARCGWMJAFGVSAHNETQRJN@yahoo.ca>
> 
> i don't think i've been hacked (my server is port-forwarded from
> behind a clarkconnect.org firewall) -- but how can someone spoof
> 127.0.0.1 as an originating ip?

What do your mail logs show?

-- 
Oliver Elphick                                Oliver.Elphick@lfix.co.uk
Isle of Wight, UK                             http://www.lfix.co.uk/oliver
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839  932A 614D 4C34 3E1D 0C1C
                 ========================================
     "To show forth thy lovingkindness in the morning, and 
      thy faithfulness every night."     Psalms 92:2

Reply to:

References:
- spam -- but no received: heders?
  - From: Will Trillich <will@serensoft.com>

Prev by Date: Re: migration from RedHat to Debian, general question about Debian (dpkg, kernel, config)
Next by Date: Re: Asus A7N8X Deluxe and Debian?
Previous by thread: spam -- but no received: heders?
Next by thread: Re: spam -- but no received: heders?
Index(es):
- Date
- Thread