Re: [exim] FW: Undeliverable Mail

Top Page
This message is part of the following thread:
M--\the complete thread tree sorted by date
M..MRobert Cates at <-
M+\Andreas Metzler at ->
Delete this message
Reply to this message
Author: Marc Sherman
Date:  
To: exim-users
Subject: Re: [exim] FW: Undeliverable Mail
Robert Cates wrote:
>
> How is this happening, and what can/should I do to my configuration to stop
> it? Actually, is it even coming from my server? I mean, I don't think so,
> but I do not know enough to be able to really tell. I tried to grep
> 'isellsurplus.com' in my log file for 26/27 Nov., but it returned nothing.
> Is that sign enough that the mail was not sent through my server?

It's a virus sending mail from rcqsyep.net [67.8.174.175], faking your
address as the sender. The receiver (milton.aspiresite.com) is
collateral spamming by accepting the undeliverable message and then
bouncing it, instead of rejecting at SMTP time. Check the bounced
Received headers to confirm that this isn't your fault:

> Received: from rcqsyep.net [67.8.174.175] by milton.aspiresite.com
> (SMTPD32-8.15) id AF091180116; Sat, 26 Nov 2005 22:15:37 -0800

- Marc



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] FW: Undeliverable Mail[exim] Re: FW: Undeliverable Mail->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)