On 24 Jun 2002, at 10:23, Dave C. wrote:
> > A nontrivial proportion of the spam that gets past the other
> > defences does indeed utilise the trick of counterfeiting a local
> > user as the envelope sender.
> Really? That is unusual. I get tons of spam, and very little of it has
> an address in my domain as the sender.
Four dais ago i received a complaint for a reception of a "virus
delivery notice" .
It turned that someone send a virus to an user in my domain using
a forged return address, and the filter sent a "discard notice" to that
user.
The "original message [virus]" was sent FROM A MACHINE IN MY
DOMAIN (that btw forged the helo address, but not the IP) USING
AN OPEN RELAY IN ANOTHER DOMAIN !!!!!!!
Leonardo Boselli
nucleo informatico e telematico
Dipartimento Ingegneria Civile
Universita` di Firenze
V. S. Marta 3 - I-50139 Firenze
tel +39()0554796431
cel +39 3488605348
fax +39()055495333
http://www.dicea.unifi.it/~leo
