kolor

spam--mail

3 posts in this topic

The only IP that can be trusted is the one that handed the message to your mail system (since your mail system directly interacted with it).  Anything before that could be forged header lines, and can't be trusted.  You will see this on nearly every email you submit to SpamCop.

Share this post


Link to post
Share on other sites

I am not sure I entirely understand the question.  What I see is a email that came from 98.142.233.71 and the email speedy.com.ar has given authorization through a spf check.

What happened is that 98.142.233.71 was involved to send the email.  If that IP is behind a NAT, then any number of hosts (which use that NAT) could have been used to send the email, including the NAT router itself.  What we do know is that any of these devices could have been hacked or else the email was sent by a legitimate person.

I am guessing that this is what you meant by possible forgery.

Also, if you have any ties to 98.142.233.71, it might be in your best interest to check for hacking to prevent further usage of that IP by spammer jerks.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now