Verify fake header

Sat Oct 25 23:40:44 IST 2008

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

To the best of my knowledge this header should never occur on any valid
message:
	X-AntiAbuse: Sender Address Domain - VANDERKOOIJ.ORG

The whole header set is:

To: hvdkooij at VANDERKOOIJ.ORG
From: hvdkooij at VANDERKOOIJ.ORG
Subject: ÏÑÏÔÉ ÌÏíÏÉ ÈÕ æÔæÝ - Come and See
Content-Type: text/html; charset=windows-1256"
with any abuse report
X-AntiAbuse: Primary Hostname - host01.nabdhserv.net
X-AntiAbuse: Original Domain - vanderkooij.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - VANDERKOOIJ.ORG
Message-Id: <20081025084203.5DEF617E8050 at balin.waakhond.net>
Date: Sat, 25 Oct 2008 10:41:59 +0200 (CEST)

Does anyone know a check to tackle these fakes in a more generic way?

That host is not listed in my SPF information so given that knowlegde it
should be clear that host01.nabdhserv.net is not allowed to do this for
my domain vanderkooij.org

Hugo.

- --
hvdkooij at vanderkooij.org               http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc

	A: Yes.
	>Q: Are you sure?
	>>A: Because it reverses the logical flow of conversation.
	>>>Q: Why is top posting frowned upon?

Bored? Click on http://spamornot.org/ and rate those images.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFJA6BrBvzDRVjxmYERAt9LAKCbTA87o+Dm/dZCiBKZBzN4C9Iz1QCfek99
AeCqssQo+QYpCuUmR7Rl2iI=
=kRbW
-----END PGP SIGNATURE-----