mip: mail fraud? Anybody seen this?
Jeff A. Earickson
jaearick at colby.edu
Tue Nov 11 16:42:20 GMT 2008
First, I hope that you and your various internal organs are
doing reasonably well.
I got pinged by a user today who asked "why did this copied
reply get munged up by MailScanner?"
> From: <MailScanner has detected a possible fraud attempt from "mip:"
> claiming to be xxx at aol.com <mip://firstname.lastname@example.org> >
> Date: Tue, 11 Nov 2008 08:14:40 EST
> To: <MailScanner has detected a possible fraud attempt from "mip:" claiming
> to be yyy at upanewtonma.org <mip://email@example.com>
and so on for all of the other email addresses in the quoted reply.
I would guess that the mip: construct is something that an AOL MTA
or mail client added. I googled for it and found zilch. Anybody
else seen this?
BTW: running MS 4.72.5-1 on Solaris 10.
More information about the MailScanner