I am currently running Exim 3.33 on a Linux 2.2.16 box.
I have the following problem:
My mailserver has been listed in the bl.spamcop.net blackhole list
because of alegged spam sent through the machine.
This is a copy of the headers of the alleged spam from spamcop:
Received: from SMTP32-FWD by ryk.dk
(SMTP32) id A00000384; Tue, 6 May 2003 05:52:56 +0200
Received: from hotmail.com [65.54.169.77] by
NTDK3.goldenplanet.gpserver.dk with ESMTP
(SMTPD32-6.06) id A18D67B50118; Tue, 06 May 2003 05:52:45 +0200
Received: from mail pickup service by hotmail.com with Microsoft
SMTPSVC;
Mon, 5 May 2003 20:06:22 -0700
Received: from ww.xx.yy.zz by bay3-dav47.bay3.hotmail.com with DAV;
Tue, 06 May 2003 03:06:21 +0000
X-Originating-IP: [ww.xx.yy.zz]
X-Originating-Email: [mvenisia6wyngmw@???]
To: "Guillebeau Ghamdi" <x>
From: "Rosemarie Womble" <RosemarieWomble@???>
Subject: Your Old Septic Tank Young Again
X-Mailer: Internet Mail Service (5.5.2656.59)
X-Accept-Language: en
Content-Type: multipart/alternative;
boundary="Uc46SIBhQ4ivO4Vl4sd33YRX21yn2pCtgF88mTPW03Mv28d0NfAYTuwxBjn1hX3Bo4a"
Content-Transfer-Encoding: 7bit
Message-ID: <BAY3___________________06a0@???>
X-OriginalArrivalTime: 06 May 2003 03:06:22.0396 (UTC)
FILETIME=[790837C0:01C3137C]
Date: 5 May 2003 20:06:22 -0700
X-UIDL: 320874777
Status: U
I substitued my actual address with ww.xx.yy.zz.
I do not see an entry in my mainlog at this time for such an alleged
message. Could this be spoofed (using my address?), and what is that
X-Originating-IP header for?
Any help will be greatly appreciated.
- Jaco van der Schyff
