Verify fake header
Hugo van der Kooij
hvdkooij at vanderkooij.org
Sat Oct 25 23:40:44 IST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
To the best of my knowledge this header should never occur on any valid
message:
X-AntiAbuse: Sender Address Domain - VANDERKOOIJ.ORG
The whole header set is:
Received: from host01.nabdhserv.net (nabdhserv.net [75.126.218.58])
by balin.waakhond.net (Postfix) with ESMTP id 5DEF617E8050
for <hvdkooij at VANDERKOOIJ.ORG>; Sat, 25 Oct 2008 10:41:59 +0200 (CEST)
Received: from [82.178.213.148] (helo=gmail.com)
by host01.nabdhserv.net with esmtpa (Exim 4.69)
(envelope-from <hvdkooij at VANDERKOOIJ.ORG>)
id 1KteiY-0006T2-K4
for hvdkooij at VANDERKOOIJ.ORG; Sat, 25 Oct 2008 12:41:57 +0400
To: hvdkooij at VANDERKOOIJ.ORG
From: hvdkooij at VANDERKOOIJ.ORG
Subject: ÏÑÏÔÉ ÌÏíÏÉ ÈÕ æÔæÝ - Come and See
Content-Type: text/html; charset=windows-1256"
X-AntiAbuse: This header was added to track abuse, please include it
with any abuse report
X-AntiAbuse: Primary Hostname - host01.nabdhserv.net
X-AntiAbuse: Original Domain - vanderkooij.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - VANDERKOOIJ.ORG
Message-Id: <20081025084203.5DEF617E8050 at balin.waakhond.net>
Date: Sat, 25 Oct 2008 10:41:59 +0200 (CEST)
Does anyone know a check to tackle these fakes in a more generic way?
That host is not listed in my SPF information so given that knowlegde it
should be clear that host01.nabdhserv.net is not allowed to do this for
my domain vanderkooij.org
Hugo.
- --
hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc
A: Yes.
>Q: Are you sure?
>>A: Because it reverses the logical flow of conversation.
>>>Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFJA6BrBvzDRVjxmYERAt9LAKCbTA87o+Dm/dZCiBKZBzN4C9Iz1QCfek99
AeCqssQo+QYpCuUmR7Rl2iI=
=kRbW
-----END PGP SIGNATURE-----
More information about the MailScanner
mailing list