[BBLISA] Someone is out to get me - spam pretending to be from me
John Orthoefer
jco at direwolf.com
Fri Jan 14 13:59:16 EST 2005
alex at basespace.net wrote:
>>Received: from info.lifename.com ([151.203.48.240]) by mc12-f16.hotmail.com
>>with Microsoft SMTPSVC(5.0.2195.6824); Thu, 13 Jan 2005 08:15:15 -0800
>>
>>
BTW if you where thinking this line had anything to do with DNS. You
are mistaken. That from is based on what the SMTP helo transaction
was. It's the name inside the (), that is the reverse look up of the
name. In this case there isn't a reverse.
This input-
[jco at tara jco]$ telnet localhost 25
Trying 127.0.0.1...
Connected to tara.direwolf.com (127.0.0.1).
Escape character is '^]'.
220 tara.direwolf.com ESMTP Postfix
helo Alex.basespace.net
Produces-
Received: from Alex.basespace.net (tara.direwolf.com [127.0.0.1])
by tara.direwolf.com (Postfix) with SMTP id AE7FC7148A
for <spamme at direwolf.com>; Fri, 14 Jan 2005 13:56:40 -0500 (EST)
johno
More information about the bblisa
mailing list