Jump to content
Sign in to follow this  
kilowatt

IP/DNS/Host identity issues

Recommended Posts

Problem observed with trusted mailhost

- spam received from [68.251.57.159]:

Received: from ppp-68-251-57-159.dsl.chcgil.ameritech.net

(ppp-68-251-57-159.dsl.chcgil.ameritech.net [68.251.57.159])

by ernie.stpeters.lcl (8.12.10/8.12.10) with SMTP id i372vbLX003337;

Tue, 6 Apr 2004 21:57:38 -0500

Received: from 71.56.62.31 by 68.251.57.159; Wed, 07 Apr 2004 00:53:30 -0300

Message-ID: <YGITVIHDFUQEIKHKB[at]hotmail.com>

From: "Norma Dunbar" <x>

Reply-To: "Norma Dunbar" <x>

To: x

Subject: re[15]

Date: Wed, 07 Apr 2004 07:50:30 +0400

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="--95573211000167873"

X-Priority: 3

- But dsl IP is pegged as Yahoo trusted mailhost:

Parsing header:

0: Received: from ppp-68-251-57-159.dsl.chcgil.ameritech.net

(ppp-68-251-57-159.dsl.chcgil.ameritech.net [68.251.57.159])

by ernie.stpeters.lcl (8.12.10/8.12.10) with SMTP id i372vbLX003337; Tue, 6 Apr

2004 21:57:38 -0500

ernie received mail from Yahoo ( 68.251.57.159 )

Hostname verified: ppp-68-251-57-159.dsl.chcgil.ameritech.net

- And the bogus 71.56.62.31, which belongs to IANA is pegged as the spam originator:

1: Received: from 71.56.62.31 by 68.251.57.159; Wed, 07 Apr 2004 00:53:30 -0300

Yahoo received mail from 71.56.62.31

All mail hosts in chain recognized

Best Regards,

Kilowatt

Share this post


Link to post
Share on other sites
Problem observed with trusted mailhost

- spam received from [68.251.57.159]:

Received: from ppp-68-251-57-159.dsl.chcgil.ameritech.net

    (ppp-68-251-57-159.dsl.chcgil.ameritech.net [68.251.57.159])

        by ernie.stpeters.lcl (8.12.10/8.12.10) with SMTP id i372vbLX003337;

        Tue, 6 Apr 2004 21:57:38 -0500

Received: from 71.56.62.31 by 68.251.57.159; Wed, 07 Apr 2004 00:53:30 -0300

Message-ID: <YGITVIHDFUQEIKHKB[at]hotmail.com>

From: "Norma Dunbar" <x>

Reply-To: "Norma Dunbar" <x>

To: x

Subject: re[15]

Date: Wed, 07 Apr 2004 07:50:30 +0400

MIME-Version: 1.0

Content-Type: multipart/alternative;

        boundary="--95573211000167873"

X-Priority: 3

- But dsl IP is pegged as Yahoo trusted mailhost:

Parsing header:

0: Received: from ppp-68-251-57-159.dsl.chcgil.ameritech.net

(ppp-68-251-57-159.dsl.chcgil.ameritech.net [68.251.57.159])

by ernie.stpeters.lcl (8.12.10/8.12.10) with SMTP id i372vbLX003337; Tue, 6 Apr

2004 21:57:38 -0500

ernie received mail from Yahoo ( 68.251.57.159 )

Hostname verified: ppp-68-251-57-159.dsl.chcgil.ameritech.net

- And the bogus 71.56.62.31, which belongs to IANA is pegged as the spam originator:

1: Received: from 71.56.62.31 by 68.251.57.159; Wed, 07 Apr 2004 00:53:30 -0300

Yahoo received mail from 71.56.62.31

All mail hosts in chain recognized

Best Regards,

Kilowatt

Are those the full headers? Send me the tracking url and your registered SC name -- it looks to me like there is a topmost header missing.

Send to deputies <at> spamcop.net

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×