Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Sorry if this is a bit off topic but you guys and ladies seem to have a thorough understanding of SMTP rules, I'm hoping you can help me learn... One of our users ("kathy" in the header below) has received about 30 messages from other people trying to unsubscribe from a mailing list called centerforgastricbypass.com. This domain has nothing to do with our company and she is in no way associated with that organization. I could block the messages at our gateway but I'm curious how this could be happening, there is no indication in the message that it's going to her until you look at the header (see below). I used the Sam Spade email header parser (a VERY cool tool by the way) and I can see where the suspicious activity begins as well as her address but it's not clear to me how that can be hidden in the message itself. I know you can hide the sender but I wasn't aware that you can hide the destination address. Here's what I'm looking for: 1) Any ideas on how the destination email address can be hidden so that you can't see it outside of the header, but it routes properly? 2) Suggestions on how to stop this aside from simply blocking the domain? Thanks in advance. Scott Note, I've replaced the following information in the header: The name of my company replaced with MYCOMPANY The IP address of my external smtp server replaced with 10.0.0.0 My server names have been changed to smtpserver, spamscanner and email. Internally, my mail goes from the Internet to "smtpserver" (SuSE linux running Postfix, ClamAV and SpamAssassin IP=10.0.0.0), then to "spamscanner" (Barracuda Spam Firewall IP=10.6.10.2), then to "email" (MS Exchange mailbox server). Sorry for all the obfuscation but I'm the paranoid, cynical one. ****HEADER START****
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |