Re: [PLUG] SPAM Question

George A. Theall on 6 Nov 2008 04:04:57 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] SPAM Question

From: "George A. Theall" <theall@tifaware.com>

To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>

Subject: Re: [PLUG] SPAM Question

Date: Thu, 6 Nov 2008 07:04:47 -0500

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Mutt/1.5.16 (2007-06-09)

On Wed, Nov 05, 2008 at 08:51:32PM -0500, Brian Vagnoni wrote: > I found this in my inbox. I didn't send it, bvagod@nu-star.com isn't my address or a domain I recognize. Any ideas? The body of the message was html and something about msn. Your email address was probably used to send some spam. It's hard to know with certainty, though, since all you have is one message that appears to be a bounce. Anyway... > Hi. This is the qmail-send program at mg.greatlakes-is.com. > I'm afraid I wasn't able to deliver your message to the following addresses. > This is a permanent error; I've given up. Sorry it didn't work out. > > <bvagod@nu-star.com>: nu-star.com has two MX records, and the one with the higher priority is mx1-mg.greatlakes-is.com. So this seems normal. > 208.79.240.2 failed after I sent the message. nu-star.com's other MX record points to mail.rollernet.us (208.79.240.2). > Remote host said: 550 5.7.1 Message content rejected, spam score is too high. > > --- Below this line is a copy of the message. > > Return-Path: <bvagnoni@v-system.net> This generally comes from the envelope sender (ie, "MAIL FROM") and explains why you got the bounce. > Received: (qmail 7194 invoked by uid 89); 4 Nov 2008 20:40:24 -0000 > Received: by simscan 1.3.1 ppid: 7191, pid: 7192, t: 0.4180s > scanners:none > Received: from unknown (HELO casa-9plhr7737j) (189.26.205.187) > by 0 with SMTP; 4 Nov 2008 20:40:24 -0000 Assuming this is accurate, the IP belongs to Global Village Telecom, which appears to be an ISP in Brazil. > Received-SPF: softfail (0: transitioning SPF record at v-system.net does not designate 189.26.205.187 as permitted sender) If you run your own DNS, you may have a record of this transaction. > X-Originating-IP: [826.4.779.37] Really... 826.? Must be one of those new-fangled IPv5 addresses. :-) George -- theall@tifaware.com ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] SPAM Question
From: "Michael Lazin" <microlaser@gmail.com>

References:

[PLUG] SPAM Question
From: "Brian Vagnoni" <bvagnoni@v-system.net>

Prev by Date: [PLUG] OpenSuse 11.1 Beta 4

Next by Date: Re: [PLUG] SPAM Question

Previous by thread: [PLUG] SPAM Question

Next by thread: Re: [PLUG] SPAM Question

Index(es):

Date

Thread