Answer the question
In order to leave comments, you need to log in
R
R
r1der2011-02-27 19:01:26
r1der, 2011-02-27 19:01:26
Spam came which, judging by the headlines, could not reach me! Anomaly?
The situation is this: there is a mailing address on gmail.com, spam came to it, with the following content
Добрый день.<br/>
<br/>
Оперативно доставлю и растaможу вaши грузы из К Н Р<br/>
<br/>
**************** Людмила Захарова<br/>
<br/>
только _сборные грузы за 21день авиа или жд<br/>
<br/>
Sun, 27 Feb 2011 13:21:59Here are the headers of that email:
Delivered-To: ******@gmail.com<br/>
Received: by 10.42.217.197 with SMTP id hn5cs37585icb;<br/>
Sun, 27 Feb 2011 05:22:30 -0800 (PST)<br/>
Received: by 10.223.97.140 with SMTP id l12mr583059fan.65.1298812949419;<br/>
Sun, 27 Feb 2011 05:22:29 -0800 (PST)<br/>
Return-Path: <[email protected]><br/>
Received: from maild.rambler.ru (maild.rambler.ru [81.19.66.33])<br/>
by mx.google.com with ESMTP id o19si2831461fal.60.2011.02.27.05.22.28;<br/>
Sun, 27 Feb 2011 05:22:29 -0800 (PST)<br/>
Received-SPF: pass (google.com: domain of [email protected] designates 81.19.66.33 as permitted sender) client-ip=81.19.66.33;<br/>
Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 81.19.66.33 as permitted sender) [email protected]<br/>
Received: from 62-142-95-178.pool.ukrtel.net (unknown [178.95.142.62])<br/>
(Authenticated sender: [email protected])<br/>
by maild.rambler.ru (Postfix) with ESMTP id BE3BF84494;<br/>
Sun, 27 Feb 2011 16:22:07 +0300 (MSK)<br/>
Date: Sun, 27 Feb 2011 17:17:57 +0400<br/>
From: =?Windows-1251?B?y/7k7Ojr4CDH4PXg8O7i4A==?= <[email protected]><br/>
To: [email protected]<br/>
Subject: =?Windows-1251?B?7+Xw5eLu5+rgIOPw8+fu4iDo51/q7fA=?=<br/>
X-Mailer: The Bat! (v3.5) Home<br/>
X-Priority: 3 (Normal)<br/>
MIME-Version: 1.0<br/>
Content-Type: text/plain; charset=Windows-1251<br/>
Content-Transfer-Encoding: 8bit<br/>
Message-Id: <[email protected]>the only mention of my address is in the Delivered-To header, how could this even happen?
2 answer(s)
@whitequark
(X-Original-To shoves, if I'm not mistaken, a virtual rewrite map in postfix-e)
W
whitequark, 2011-02-27 @whitequark
All of these headers will only match if the email is sent through a normal SMTP client. And spammers, of course, don't.
Behold:
$ telnet mail.whitequark.org 25 Trying 2002:59b3:f5e8::1:1... Connected to mail.whitequark.org. Escape character is '^]'. EHLO mannaz 220 mail.whitequark.org ESMTP Postfix (Debian/GNU) 250-mail.whitequark.org 250-PIPELINING 250-SIZE 100000000 250-VRFY 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSNs MAIL FROM:<[email protected]> 250 2.1.0 OK RCPT TO:<[email protected]> 250 2.1.5 Ok DATA 354 End data with <CR><LF>.<CR><LF> From: [email protected] This is a text full of marketing crap. . 250 2.0.0 Ok: queued as DA39E6F5CD QUIT 221 2.0.0 Bye Connection closed by foreign host.
Return-Path: <[email protected]> X-Original-To: [email protected] Delivered To: [email protected] Received: by mail.whitequark.org (Postfix, from userid 107) id DA7AC38; Sun, 27 Feb 2011 22:11:18 +0300 (MSK) Received: from mannaz (unknown [IPv6:2002:59b3:f5e8:0:225:d3ff:fe78:6a75]) by mail.whitequark.org (Postfix) with ESMTP id DA39E6F5CD for <[email protected]>; Sun, 27 Feb 2011 22:09:49 +0300 (MSK) From: [email protected] Message-Id: <[email protected]> Date: Sun, 27 Feb 2011 22:11:18 +0300 (MSK) To: undisclosed-recipients:; This is a text full of marketing crap.
(X-Original-To shoves, if I'm not mistaken, a virtual rewrite map in postfix-e)
Similar questions
B
P
B
B
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question