[thelist] forged email address

Head Dragon:) dragon-vision at comcast.net
Fri Nov 22 20:52:01 CST 2002


--
[ Picked text/plain from multipart/alternative ]
Your ISP can stop this by slosing SMTP connections and seeting
password relogin times much shorter they probably gleamed your
address from a finger on the server.  Almost the entire header was
forged.

You will have to live with this or complain to postmaster at 95877.com.
That will probably not work since they come up in a slimeball report
for spamming and spoofing.

At 11:59 AM +1000 11/23/02, Adrian Fischer wrote:
>Hi all,
>
>I have been getting bounced emails with me as the from address.  I haven't
>sent them so I figured someone was forging my address for Spam purposes.  I
>contacted my host and got this reply:
><snip>
>It looks like someone is sending out Spam with a forged address at
>logo-logic.com. Unfortunately, there's not a lot you can do to prevent
>this; if you can determine who is actually sending the messages, you
>could consider legal action, but most likely that will be difficult,
>expensive and / or impossible.
></snip>
>
>surely there must be something I can do.  Sooner or later someone is going
>to get pissed off with getting Spam from my address and do something.
>
>Can it be stopped.
>
>This is the type of bounce message I'm getting:
><snip>
>SpamCop version 1.3.3 (c) Julian Haight, Joel Martin 1998-2002 All
>Rights Reserved
>
>Retrieved email:
>This page may be saved for future reference:
>http://spamcop.net/sc?id=z52675828z63d65afb1af79bffa65a0a10d80a4520z
>
>Return-Path: <admin3562y64 at logo-logic.com>
>Received: (qmail 22787 invoked by uid 50005); 21 Nov 2002 05:50:51 -0000
>Received: from admin3562y64 at logo-logic.com by smtpl.ha-net.ptd.net by uid
>50002 with qmail-scanner-1.14
>  (uvscan: v4.1.60/v4233. spamassassin: 2.31.  Clear:SA:1(33.3/5.0):.
>  Processed in 18.849653 secs); 21 Nov 2002 05:50:51 -0000
>X-Spam-Status: Yes, hits=33.3 required=5.0
>Received: from unknown (HELO logo-logic.com) ([211.144.107.170])
>(envelope-sender <admin3562y64 at logo-logic.com>)
>           by smtpl.ha-net.ptd.net (qmail-ldap-1.03) with SMTP
>           for <x>; 21 Nov 2002 05:50:32 -0000
>Received: from unknown (98.166.3.72)
>         by rly-xl04.mx.aolmd.com with local; 19 Nov 2002 23:50:25 +0600
>Received: from unknown (5.181.218.31)
>         by smtp-server1.cflrr.com with esmtp; 20 Nov 2002 05:40:28 +1200
>Received: from unknown (195.175.138.181)
>         by rly-xr01.nihuyatut.net with esmtp; 20 Nov 2002 17:30:31 +1200
>Reply-To: <admin3562y64 at logo-logic.com>
>Message-ID: <017d______________________0ba0 at yilxta>
>From: <>
>To: <x>,
>         <x>,
>         <x>,
>         <x>,
>         <x>
>Subject: Married and lonely?
>1986RESu1-352o-13
>Date: Thu, 21 Nov 2002 04:49:34 +0100
>MiME-Version: 1.0
>Content-Type: multipart/mixed;
>         boundary="----=_NextPart_000_00C7_53E13D3D.D8262A81"
>X-Priority: 3 (Normal)
>X-MSMail-Priority: Normal
>X-Mailer: Microsoft Outlook, Build 10.0.2616
>Importance: Normal
>
>Skip to Reports
>
>Parsing header:
>
>Received:  (qmail 22787 invoked by uid 50005); 21 Nov 2002 05:50:51 -0000
>no from
>no ip found in received line
>Ignored
>
>Received:  from admin3562y64 at logo-logic.com by smtpl.ha-net.ptd.net
>by uid 50002 with qmail-scanner-1.14 (uvscan: v4.1.60/v4233.
>spamassassin: 2.31. Clear:SA:1(33.3/5.0):. Processed in 18.849653
>secs); 21 Nov 2002 05:50:51 -0000
>no ip found in received line
>Ignored
>
>Received:  from unknown (HELO logo-logic.com) ([211.144.107.170])
>(envelope-sender <admin3562y64 at logo-logic.com>) by
>smtpl.ha-net.ptd.net (qmail-ldap-1.03) with SMTP for <x>; 21 Nov
>2002 05:50:32 -0000
>Possible spammer: 211.144.107.170
>host logo-logic.com (checking ip) ip = 66.33.197.53
>211.144.107.170 is not an MX for logo-logic.com
>ips don't match; logo-logic.com discarded as fake
>Taking name from IP...
>host 211.144.107.170 (getting name) no name
>211.144.107.170 is not an MX for logo-logic.com
>Received line partially untrusted
>
>Received:  from unknown (98.166.3.72) by rly-xl04.mx.aolmd.com with
>local; 19 Nov 2002 23:50:25 +0600
>host 211.144.107.170 (getting name) no name
>211.144.107.170 not listed in proxies.relays.monkeys.com
>Possible spammer: 98.166.3.72
>Taking name from IP...
>host 98.166.3.72 (getting name) no name
>    Chain test:rly-xl04.mx.aolmd.com =? 211.144.107.170
>    host rly-xl04.mx.aolmd.com (checking ip) ip not found ;
>rly-xl04.mx.aolmd.com discarded as fake.
>    no MXs for rly-xl04.mx.aolmd.com
>    no MXs for mx.aolmd.com
>    host 211.144.107.170 (getting name) no name
>    Chain test failed
>Routing details for 211.144.107.170
>[refresh/show] Cached whois for 211.144.107.170 : webmaster at 95877.com
>webmaster at 95877.com: abuse.net 95877.com = postmaster at 95877.com
>No abuse.net record for 95877.com
>Using default postmaster contacts postmaster at 95877.com
>Whois found postmaster at 95877.com
>Chain error rly-xl04.mx.aolmd.com not equal to last sender received
>line discarded
>
>Tracking message source:211.144.107.170:
>Routing details for 211.144.107.170
>[refresh/show] Cached whois for 211.144.107.170 : webmaster at 95877.com
>webmaster at 95877.com: abuse.net 95877.com = postmaster at 95877.com
>No abuse.net record for 95877.com
>Using default postmaster contacts postmaster at 95877.com
>Whois found postmaster at 95877.com
>211.144.107.170 not listed in formmail.relays.monkeys.com
>211.144.107.170 not listed in proxies.relays.monkeys.com
>211.144.107.170 not listed in relays.ordb.org.
>
>Would send message source reports to:
>
>Re:211.144.107.170 (Administrator of network where email originates)
>
>postmaster at 95877.com
>
>e64
></snip>
>
>
>there has got to be something I can do.
>
>Thanks
>
>Adrian Fischer
>
>--
>* * Please support the community that supports you.  * *
>http://evolt.org/help_support_evolt/
>
>For unsubscribe and other options, including the Tip Harvester
>and archives of thelist go to: http://lists.evolt.org
>Workers of the Web, evolt !


--
Sincerely,
Kid Stevens Webmaster Dragon Vision Design

"Warning,
Do not meddle in the affairs of Dragons.
They will make you crunchy and eat you with ketchup."
-Unknown Author



More information about the thelist mailing list