Hello71 Posted May 11, 2014 Share Posted May 11, 2014 Received: from 72.30.236.237 (72.30.236.237) by 98.139.210.210(98.139.210.210); Sun, 11 May 2014 14:52:56 +0000 Received: from 127.0.0.1 (EHLO mail-wi0-f193.google.com) (209.85.212.193) by mta1306.mail.bf1.yahoo.com with SMTPS; Sun, 11 May 2014 14:52:55 +0000 Received: by mail-wi0-f193.google.com with SMTP id bs8so982314wib.0 for <x>; Sun, 11 May 2014 07:52:54 -0700 (PDT) SpamCop says: Parsing header: Received: from 72.30.236.237 (72.30.236.237) by 98.139.210.210(98.139.210.210); Sun, 11 May 2014 14:52:56 +0000 Masking IP-based 'by' clause. Received: from 72.30.236.237 (72.30.236.237) by 98.139.210.210 ; Sun, 11 May 2014 14:52:56 +0000 host 72.30.236.237 (getting name) = web162314.mail.bf1.yahoo.com. web162314.mail.bf1.yahoo.com is 72.30.236.237 Possible spammer: 72.30.236.237 Received line accepted Received: from 127.0.0.1 (EHLO mail-wi0-f193.google.com) (209.85.212.193) by mta1306.mail.bf1.yahoo.com with SMTPS; Sun, 11 May 2014 14:52:55 +0000 host 209.85.212.193 = mail-wi0-f193.google.com (cached) mail-wi0-f193.google.com is 209.85.212.193 72.30.236.237 not listed in cbl.abuseat.org 72.30.236.237 not listed in dnsbl.sorbs.net 72.30.236.237 is not an MX for web162314.mail.bf1.yahoo.com 72.30.236.237 is not an MX for mta1306.mail.bf1.yahoo.com Possible spammer: 209.85.212.193 Host mta1306.mail.bf1.yahoo.com (checking ip) = 72.30.234.107 72.30.234.107 not listed in cbl.abuseat.org 72.30.234.107 not listed in dnsbl.sorbs.net 209.85.212.193 is not an MX for mta1306.mail.bf1.yahoo.com 72.30.236.237 is not an MX for mta1306.mail.bf1.yahoo.com Looks like a forgery Tracking message source: 72.30.236.237: Routing details for 72.30.236.237 [refresh/show] Cached whois for 72.30.236.237 : abuse[at]yahoo-inc.com Using best contacts yahoo[at]admin.spamcop.net Yum, this spam is fresh! Message is 0 hours old 72.30.236.237 not listed in cbl.abuseat.org 72.30.236.237 not listed in dnsbl.sorbs.net 72.30.236.237 not listed in accredit.habeas.com 72.30.236.237 not listed in plus.bondedsender.org 72.30.236.237 not listed in iadb.isipp.com From what I can tell though, the appropriate recipient should be gmail, not yahoo. Is this a bug, or is my analysis incorrect? Link to comment Share on other sites More sharing options...
SpamCopAdmin Posted May 11, 2014 Share Posted May 11, 2014 If you will EMAIL the full headers to me, I will be happy to take a look. - Don D'Minion - SpamCop Admin - - Service[at]Admin.SpamCop.net - Link to comment Share on other sites More sharing options...
lisati Posted May 12, 2014 Share Posted May 12, 2014 From what I see here, it seems to me as well that Yahoo received an email from Google. The reference to 127.0.0.1 somehow seems out of place to my tired eyes. I've seen similar referneces to 127.0.0.1 in mail I've received via Yahoo. Link to comment Share on other sites More sharing options...
SpamCopAdmin Posted May 30, 2014 Share Posted May 30, 2014 - Received: from 98.137.13.221 (98.137.13.221) by - 208.71.41.139(208.71.41.139); Thu, 29 May 2014 18:26:10 +0000 >- by 208.71.41.139 208.71.41.139 is not a valid server name. The Yahoo server handling the email should identify itself with its true name, not its IP address. That "Received" line should look like this: Received: from 98.137.13.221 (98.137.13.221) by deli10126.mail.gq1.yahoo.com (208.71.41.139); Thu, 29 May 2014 18:26:10 +0000 Yahoo changed their headers and SpamCop is having trouble with them. It could go on for a while. We're working with Yahoo to get it fixed. All you can do for now is keep trying, and delete what you can't report. Sorry for all the trouble. - Don D'Minion - SpamCop Admin - - Service[at]Admin.SpamCop.net - Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.