[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [vps-mail] sendmail / procmail / spamassassin and black smtp holes on VPS1 C

Subject: RE: [vps-mail] sendmail / procmail / spamassassin and black smtp holes on VPS1 C
From: "Martin Fischer" <martin.fischer@xxxxxxxxxxxxx>
Date: Fri, 10 Oct 2003 21:28:48 +0200

no received headers, SPAM attached

-----Original Message-----
From: owner-vps-mail@xxxxxxxxxxxx [mailto:owner-vps-mail@xxxxxxxxxxxx] On Behalf Of Scott Wiersdorf
Sent: Friday, October 10, 2003 8:42 PM
To: vps-mail@xxxxxxxxxxxx
Subject: Re: [vps-mail] sendmail / procmail / spamassassin and black smtp holes on VPS1 C


On Fri, Oct 10, 2003 at 08:26:00PM +0200, Martin Fischer wrote:
> Sorry, I did not mention it before, we are using spamc / spamd
> 
> 
> Here we go with two headers: 1st with log entrys (port 3065!) second 
> without

Can you post the FULL headers of the message (including Received headers)? That will help us know what path it came into the server.

The port 3065 was spamassassin talking, not sendmail. It was received by sendmail (h9A7JAkX084245) via SMTP on your server--no magic
there. Why SA said it got the message from 3065 I dont' know.

Scott

> 1)
> ------------------------
> Message-ID: <200310100719.h9A7JAkX084245@xxxxxxxxxxxxxxxxxxxxxx>
> From: Robinson <sally_rose@xxxxxxxxxxxx>
> To: enconet <enconet@xxxxxxxxxxx>
> Subject: Me/n .A Power/ful 'Herb " wfa,vzw
> Date: Fri, 10 Oct 2003 09:25:44 +0200
> MIME-Version: 1.0
> X-Mailer: Internet Mail Service (5.5.2653.19)
> Content-Type: multipart/alternative;
> 	boundary="----_=_NextPart_003_01C38F01.C64AB570"
> 
> <XX>Oct 10 09:19:17 sendmail[84245]: h9A7JAkX084245: 
> from=<sally_rose@xxxxxxxxxxxx>, size=2737, class=0, nrcpts=1, 
> msgid=<200310100719.h9A7JAkX084245@xxxxxxxxxxxxxxxxxxxxxx>, 
> proto=ESMTP, relay=client-200.106.10.154.speedy.net.pe 
> [200.106.10.154] (may be forged) connection from 
> atvirt14.atvirtual.net [213.198.31.177] at port 3065 processing 
> message <200310100719.h9A7JAkX084245@xxxxxxxxxxxxxxxxxxxxxx> for 
> enconet:8113. clean message (4.9/5.0) for enconet:8113 in 27.9 
> seconds, 3110 bytes.
> 
> 
> 2)
> --------------------
> Message-ID: <pisg5sp1hx1k6142k6h5ft5d0pm@xxxxxxx>
> From: Ward Wood <k546oiqq@xxxxxxxxxxx>
> Reply-To: Ward Wood <k546oiqq@xxxxxxxxxxx>
> To: enconet <enconet@xxxxxxxxxxx>
> Subject: re:  Unleash Your Cable Power!
> Date: Fri, 10 Oct 2003 07:15:18 +0200
> MIME-Version: 1.0
> X-Mailer: Internet Mail Service (5.5.2653.19)
> Content-Type: multipart/alternative;
> 	boundary="----_=_NextPart_003_01C38F01.C64AB570"
> 
> 
> ----
> Because port 3065 is not open on VPS1 (C), SPAM is delivered local by 
> VERIO SPAMMERS ???? !!!!
> 
> 
> ======================================================================
> Technical questions regarding this list may be sent to 
> <vps-mail-owner@xxxxxxxxxxxx>. You may request an automated help 
> response by sending an email with the word 'help' (w/o quotes) in the 
> BODY of the message (subject is ignored) to 
> <vps-mail-request@xxxxxxxxxxxx>. 
> ======================================================================

-- 
Scott Wiersdorf
scottw@xxxxxxxxxxxx ======================================================================
Technical questions regarding this list may be sent to <vps-mail-owner@xxxxxxxxxxxx>. You may request an automated help response by
sending an email with the word 'help' (w/o quotes) in the BODY of the message (subject is ignored) to
<vps-mail-request@xxxxxxxxxxxx>. ======================================================================

--- Begin Message ---

Subject: Me/n .A Power/ful 'Herb " wfa,vzw
From: "Robinson" <sally_rose@xxxxxxxxxxxx>
Date: Fri, 10 Oct 2003 09:25:44 +0200

Male Sexual Enhancer with Growth!!

- Natural Ingredients
- No Side Effects
- Great Results
- Be?st Prices!

S <http://wjons@xxxxxxxxxx/c/iron.html?mamadke=2mBDxOr> ee How It Works

ple <http://uhie0@wewineedo/shml?spenser=3WsH0> ase send no more?




?I would make peace with the whole kind! But I now indulge the snowy ground. Early in the morning, before she had risen, he. Fine,
very fine! You have done up your hair in this new way for 
?

?  ?

--- End Message ---

--- Begin Message ---

Subject: re: Unleash Your Cable Power!
From: "Ward Wood" <k546oiqq@xxxxxxxxxxx>
Date: Fri, 10 Oct 2003 07:15:18 +0200


Unleash The Power
     Of Your Digital Cable 

The filter allows you to receive all the channels
that you order with your remote control!



 <http://www.ulikeit.biz/promo.php?id=93800> Get More Details Here 


Under $40 while supplies last! 





====================
 <http://www.ulikeit.biz/remove.php?id=93800> No thanks, I'm not interested 













































celeritydenizenb hd 
l nvdgfkwtnzt

--- End Message ---

Follow-Ups:
- Re: [vps-mail] sendmail / procmail / spamassassin and black smtp holes on VPS1 C
  - From: Scott Wiersdorf

References:
- Re: [vps-mail] sendmail / procmail / spamassassin and black smtp holes on VPS1 C
  - From: Scott Wiersdorf

Prev by Date: Re: [vps-mail] sendmail / procmail / spamassassin and black smtp holes on VPS1 C
Next by Date: Re: [vps-mail] sendmail / procmail / spamassassin and black smtp holes on VPS1 C
Previous by thread: Re: [vps-mail] sendmail / procmail / spamassassin and black smtp holes on VPS1 C
Next by thread: Re: [vps-mail] sendmail / procmail / spamassassin and black smtp holes on VPS1 C
Index(es):
- Date
- Thread

Main Index | Thread Index