Polaris Posted December 16, 2008 Share Posted December 16, 2008 Here is an example: (I have replaced my host's server address with servername.address ) Return-Path: <nobody[at] servername.address > Received: from servername.address (localhost [127.0.0.1]) by servername.address (8.13.6/8.13.6) with ESMTP id mBGMS08w023915; Tue, 16 Dec 2008 16:28:00 -0600 Received: (from nobody[at]localhost) by servername.address (8.13.6/8.13.3/Submit) id mBGMS0Cm023914; Tue, 16 Dec 2008 16:28:00 -0600 Date: Tue, 16 Dec 2008 16:28:00 -0600 Message-Id: <200812162228.mBGMS0Cm023914[at]dalsen1.propagation.net> From: Rewalk4[at]narod.ru X-Scanned-By: milter-spamc/1.2.361 (localhost [0.0.0.0]); Tue, 16 Dec 2008 16:28:05 -0600 X-spam-Status: NO, hits=-0.90 required=5.00 Status: How do I report spam of this nature since there is no real return path? On some occasions the return path is my email address? Thanks Link to comment Share on other sites More sharing options...
Wazoo Posted December 16, 2008 Share Posted December 16, 2008 How do I report spam of this nature since there is no real return path? On some occasions the return path is my email address? Actually, your specific question and Subject Title are way off base. Te data within the 'return path' has nothing to so with the way the SpamCop.net Parsing & Reporting tools work. The reality of the situation of the data you've presented is that this e-mai never actually hit the 'internet' .... all the 'action' occurred on the same server, so any complaints would have to be manually generated and sent to that ISP/Host. This 'problem' is usually seen with AOL to AOL, GMail to GMail, etc. e-mail. Per your example, this would be some user sending e-mail from servername.address to another user on servername.address. Trying to guess (but can't) as to why all your munging didn't include the Message-ID: line content ..??? If you hadn't munged out so much specific detail, there are some folks that could have run some tests on the server itself. However, due to your munging actions, I'd not trust the details seen in that allegedly un-munged line. Link to comment Share on other sites More sharing options...
Farelf Posted December 16, 2008 Share Posted December 16, 2008 Following from above - FWIW 66.34.225.202 doesn't appear to be relaying on SMTP tests. Link to comment Share on other sites More sharing options...
DavidT Posted December 17, 2008 Share Posted December 17, 2008 How do I report spam of this nature since there is no real return path? On some occasions the return path is my email address? As the first response indicated, SpamCop doesn't care about the return path, or the "From" or anything else that can be "spoofed" (forged). Those elements are frequently false in spam messages. The parsing has to do with the true source IP of the message. BTW, there's another problem with what you've shown us, in that there's an extra blank link between the Message-id and the From -- surely that wasn't the case in the actual source of the message? There must not be any such blank lines until the separation between the headers and the body of the message. If you want to show us an example, you really need to have the reporting system parse it and then post a Tracking URL here. See the FAQ about how to do that. DT Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.