BarkerJr wrote:
Is it possible that the email is not spam at all, and just caused by the fact that ctzuhc.com does not resolve?
I don't know, I'm asking here to understand why of this email...
thanks for your patience
| Linode Forum https://forum.linode.com/ |
|
| Considered UNSOLICITED BULK EMAIL, apparently from you https://forum.linode.com/viewtopic.php?f=11&t=5062 |
Page 1 of 2 |
| Author: | sblantipodi [ Sat Jan 16, 2010 6:50 am ] |
| Post subject: | Considered UNSOLICITED BULK EMAIL, apparently from you |
Code: A message from <apache@mydomain.org> I often receive email like this, my VPS isn't an open relay and my email forms are quite secure. May I need to worry about this? What does it means? Have you ever received mail like this? |
|
| Author: | BarkerJr [ Sat Jan 16, 2010 11:37 pm ] |
| Post subject: | |
With your obfuscation, I'm having trouble determining what that email means. Does it show your VPS's IP address in the sender's header? I receive spoofed spam bounces from time to time, but they usually don't have my server's IP. |
|
| Author: | sblantipodi [ Sun Jan 17, 2010 7:19 am ] |
| Post subject: | |
BarkerJr wrote: With your obfuscation, I'm having trouble determining what that email means. Does it show your VPS's IP address in the sender's header? I receive spoofed spam bounces from time to time, but they usually don't have my server's IP.
No obfuscation in my post, I only changed the domain name in mydomain.org ... |
|
| Author: | BarkerJr [ Sun Jan 17, 2010 9:12 am ] |
| Post subject: | |
Is it possible that the email is not spam at all, and just caused by the fact that ctzuhc.com does not resolve? |
|
| Author: | sblantipodi [ Sun Jan 17, 2010 10:09 am ] |
| Post subject: | |
BarkerJr wrote: Is it possible that the email is not spam at all, and just caused by the fact that ctzuhc.com does not resolve?
I don't know, I'm asking here to understand why of this email... thanks for your patience
|
|
| Author: | kbrantley [ Sun Jan 17, 2010 12:51 pm ] |
| Post subject: | |
Quote: The message carried your return address, so it was either a genuine mail from you, or a sender address was faked and your e-mail address abused by third party
It is absolutely trivial to send email "from" anyone at all. If you've double and triple checked your setup and your logs, this would be the reason. |
|
| Author: | sblantipodi [ Sun Jan 17, 2010 3:44 pm ] |
| Post subject: | |
kbrantley wrote: Quote: The message carried your return address, so it was either a genuine mail from you, or a sender address was faked and your e-mail address abused by third party It is absolutely trivial to send email "from" anyone at all. If you've double and triple checked your setup and your logs, this would be the reason. I receive mail like this once a week and I don't want that my email address will be inserted in some spam list... what do you think about that? my mail logs is huge, is there a way to filter it to see only the email sent from my server? in that way I can see if someone non authorized is using my vps to send email... thanks. |
|
| Author: | kbrantley [ Sun Jan 17, 2010 4:04 pm ] |
| Post subject: | |
cat /var/log/maillog | grep 'from=<my@email.com>' ... or similar. It would likely depend on your mailserver. |
|
| Author: | sblantipodi [ Sun Jan 17, 2010 4:46 pm ] |
| Post subject: | |
kbrantley wrote: cat /var/log/maillog | grep 'from=<my@email.com>'
... or similar. It would likely depend on your mailserver. it seems that there is nothing of strange in my log, can't understand why I receive this email... am I the only one who receive this kind of email? |
|
| Author: | vonskippy [ Sun Jan 17, 2010 4:57 pm ] |
| Post subject: | |
sblantipodi wrote: and I don't want that my email address will be inserted in some spam list...
It's a big bad internet out there and spammers could care less what you think about them using your email address as their spoofed from/reply to address. Nor is there anything you can do to stop them. You would hope that people would be smart enough to have filters on THEIR email server to drop mail that doesn't have matching sender IP vs sender domain - but don't count on it. |
|
| Author: | kbrantley [ Sun Jan 17, 2010 5:29 pm ] |
| Post subject: | |
sblantipodi wrote: kbrantley wrote: cat /var/log/maillog | grep 'from=<my@email.com>' ... or similar. It would likely depend on your mailserver. it seems that there is nothing of strange in my log, can't understand why I receive this email... am I the only one who receive this kind of email? I've got a few over the years. People send email "from" my address and I get the backscatter. SPF can prevent a lot of this, but very few people set it up, never mind correctly. |
|
| Author: | BarkerJr [ Sun Jan 17, 2010 9:56 pm ] |
| Post subject: | |
I setup SPF then bitch at admins who bounce email, I didn't send, to me. |
|
| Author: | Xan [ Mon Jan 18, 2010 4:55 am ] |
| Post subject: | |
SPF isn't required to get after admins for this. They should be rejecting mail at SMTP time, not generating new bounce mails and firing them wherever the spam told them to. Admins doing that are almost as bad as the spammers. |
|
| Author: | BarkerJr [ Mon Jan 18, 2010 8:31 pm ] |
| Post subject: | |
Right, but if the admin checks SPF, then at least he can be sure that he bounces it back to the right person. That is assuming that the sending domain has SPF configured. |
|
| Author: | Xan [ Mon Jan 18, 2010 8:44 pm ] |
| Post subject: | |
My point is that it is a misconfigured server which generates new bounce messages. A properly configured server rejects mail at SMTP time, and that's all it has to do. If you're generating bounce emails you've already lost. |
|
| Page 1 of 2 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|