[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Strange locally-originating spam messages from sport.qc.ca

Hi Jeremy!

On Thu, Mar 30, 2023 at 05:03:47PM +0800, Jeremy Ardley wrote:
> 
> On 30/3/23 16:30, Julian Gilbey wrote:
> > I'm getting a significant number of spam messages being sent to my MTA
> > (exim) for the address FRPJXbKeKuek at sport.qc.ca, and now I'm
> > starting to see some sent to www-data at aether.toine.be.  What is
> > disturbing is that the machine is on a local network, and my
> > internet-facing router does not forward anything to this machine.  So
> > I presume that these mails are originating from the machine itself.
> 
> The first problem I see is you have just published the internal DNS name of
> a machine in your local network.

To clarify: these are the addresses that the email was addressed to.
They have absolutely no relationship with my personal network(s),
hostname(s) or personal email addresses.

But I think I've just solved the problem (by grepping for this email
address across my system); my local machine was - unknown to me -
running fetchmail.  These spam messages must have been sent to the
mail server being read by fetchmail.  That is a relief!

Best wishes,

   Julian
Reply to: