You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by John Fleming <jo...@wa9als.com> on 2005/05/11 19:05:54 UTC
Help spoofed addy
This will be boring for many of you, but I need some advice. I run a
low-volume mail server for friends/family/church and have had a very good
experience with SA and site-wide Bayes. I know that email addys can be
spoofed, but I know nothing about the details of that.
I just got my first spam where it looks like my own addy was spoofed for an
email TO ME (and who knows who else!). For reasons I've forgotten, I had my
own addy in the white_list with a large negative score, so of course, the
spam got through. I know that this is a reason not to use the whitelist, or
at least maybe not with such a high score.
Is there anything else I can do to guard against this? What is the most
common way someone's addy can get picked for spoofing, or is it all done via
robots etc...?
Any advice welcomed! Thanks - John
Return-Path: <jo...@wa9als.com>
X-Original-To: john@wa9als.com
Delivered-To: john@wa9als.com
Received: from Elena (125.Red-213-96-119.pooles.rima-tde.net
[213.96.119.125])
by wa9als.com (Postfix) with ESMTP id 2D61633E676
for <jo...@wa9als.com>; Wed, 11 May 2005 11:24:27 -0500 (EST)
Received: from mnsf3445.broadcast.teleplo.net ([172.26.0.2]
helo=localhost.localdomain)
by Elena with esmtp (Exim 4.43)
id 1DVu0W-0008TY-HW
for john@wa9als.com; Wed, 11 May 2005 18:24:24 +0200
Date: Wed, 11 May 2005 18:24:24 +0200
To: john@wa9als.com
From: Sofia <jo...@wa9als.com>
Subject: Re: info request
Message-ID: <b6...@localhost.localdomain>
X-Priority: 1
X-Mailer: PHPMailer [version 1.72]
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_b66434f7fad33d906d6679e3e8277ba2"
X-Virus-Status: No
X-Virus-Checker-Version: Luke wa9als.com running clamassassin 1.2.1 with
ClamAV 0.84/875/Tue May 10 06:27:59 2005 signatures 31.875
X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on Luke.wa9als.com
X-Spam-Level:
X-Spam-Status: No, score=-96.1 required=5.0 tests=BAYES_00,HTML_40_50,
HTML_MESSAGE,HTML_SHORT_LENGTH,PORN_URL_SEX,RAZOR2_CHECK,
RCVD_IN_BL_SPAMCOP_NET,USER_IN_WHITELIST autolearn=no version=3.0.2
Status: