Jump to content

spam return path is my server address


Polaris
 Share

Recommended Posts

Here is an example: (I have replaced my host's server address with servername.address )

Return-Path: <nobody[at] servername.address >

Received: from servername.address (localhost [127.0.0.1])

by servername.address (8.13.6/8.13.6) with ESMTP id mBGMS08w023915;

Tue, 16 Dec 2008 16:28:00 -0600

Received: (from nobody[at]localhost)

by servername.address (8.13.6/8.13.3/Submit) id mBGMS0Cm023914;

Tue, 16 Dec 2008 16:28:00 -0600

Date: Tue, 16 Dec 2008 16:28:00 -0600

Message-Id: <200812162228.mBGMS0Cm023914[at]dalsen1.propagation.net>

From: Rewalk4[at]narod.ru

X-Scanned-By: milter-spamc/1.2.361 (localhost [0.0.0.0]); Tue, 16 Dec 2008 16:28:05 -0600

X-spam-Status: NO, hits=-0.90 required=5.00

Status:

How do I report spam of this nature since there is no real return path? On some occasions the return path is my email address?

Thanks

Link to comment
Share on other sites

How do I report spam of this nature since there is no real return path? On some occasions the return path is my email address?

Actually, your specific question and Subject Title are way off base. Te data within the 'return path' has nothing to so with the way the SpamCop.net Parsing & Reporting tools work.

The reality of the situation of the data you've presented is that this e-mai never actually hit the 'internet' .... all the 'action' occurred on the same server, so any complaints would have to be manually generated and sent to that ISP/Host.

This 'problem' is usually seen with AOL to AOL, GMail to GMail, etc. e-mail. Per your example, this would be some user sending e-mail from servername.address to another user on servername.address. Trying to guess (but can't) as to why all your munging didn't include the Message-ID: line content ..??? If you hadn't munged out so much specific detail, there are some folks that could have run some tests on the server itself. However, due to your munging actions, I'd not trust the details seen in that allegedly un-munged line.

Link to comment
Share on other sites

How do I report spam of this nature since there is no real return path? On some occasions the return path is my email address?

As the first response indicated, SpamCop doesn't care about the return path, or the "From" or anything else that can be "spoofed" (forged). Those elements are frequently false in spam messages. The parsing has to do with the true source IP of the message. BTW, there's another problem with what you've shown us, in that there's an extra blank link between the Message-id and the From -- surely that wasn't the case in the actual source of the message? There must not be any such blank lines until the separation between the headers and the body of the message.

If you want to show us an example, you really need to have the reporting system parse it and then post a Tracking URL here. See the FAQ about how to do that.

DT

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...