[prev in list] [next in list] [prev in thread] [next in thread]
List: security-basics
Subject: Re: Fwd: Re: question on spoofed email
From: Rob Hughes <rob () robhughes ! com>
Date: 2002-04-30 17:32:42
[Download RAW message or body]
It's spoofing by a spammer. As several others have already mentioned,
this is trivial. It's done on the assumption that any mail from you from
anywhere to you on your own server will be accepted. The way you fix it
is to disallow relaying by domain, and only allow relaying by IP
address/range, or to require authentication to the SMTP server. Consult
with your email admin(s) about this, as they should be familiar with the
required procedures.
On Mon, 2002-04-29 at 12:33, John P. Leonard wrote:
> The header info is as follows:
>
> received: from newsserver
> ([213.154.159.215])
> by mail.laporte.com; Tue, 23 Apr 2002 21:01:48 -0500
> From: "jleonard" <jleonard@laporte.com>
> To: "jleonard" <jleonard@laporte.com>
> Subject: Dear jleonard , as you reguested...
> Date: Tue, 23 Apr 02 20:42:28 E. Europe Daylight Time
> MIME-Version: 1.0
> Content-Type: multipart/mixed;boundary= "----=_NextPart_000_0058_B7E15E7B.8365DDA0"
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2462.0000
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000
>
> I have traced the IP address to western Europe.
>
> Thanks
> ----
>
> From: Rob Hughes <rob@robhughes.com>
> To: John P. Leonard <jleonard@laporte.com>
> Cc: SECURITY-BASICS@SECURITYFOCUS.COM
> Subject: Re: question on spoofed email
> Date: 26 Apr 2002 13:41:56 -0500
>
> On Thu, 2002-04-25 at 15:35, John P. Leonard wrote:
> > I have received several e-mails from my own email address with the subject line as follows:
> >
> > Dear jleonard , as you reguested...
> >
> > There is nothing in the body of the message and there are no attachments.
> >
> >
> > I did not originate these messages. Has anyone else seen this? Any suggestions?
> >
> > Thanks,
> >
> > John
> >
>
> A copy of the headers might be helpful.
>
>
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic