You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by John Fleming <jo...@wa9als.com> on 2005/05/11 19:05:54 UTC

Help spoofed addy

This will be boring for many of you, but I need some advice.  I run a 
low-volume mail server for friends/family/church and have had a very good 
experience with SA and site-wide Bayes.  I know that email addys can be 
spoofed, but I know nothing about the details of that.

I just got my first spam where it looks like my own addy was spoofed for an 
email TO ME (and who knows who else!).  For reasons I've forgotten, I had my 
own addy in the white_list with a large negative score, so of course, the 
spam got through.  I know that this is a reason not to use the whitelist, or 
at least maybe not with such a high score.

Is there anything else I can do to guard against this?  What is the most 
common way someone's addy can get picked for spoofing, or is it all done via 
robots etc...?

Any advice welcomed!  Thanks - John

Return-Path: <jo...@wa9als.com>
X-Original-To: john@wa9als.com
Delivered-To: john@wa9als.com
Received: from Elena (125.Red-213-96-119.pooles.rima-tde.net 
[213.96.119.125])
 by wa9als.com (Postfix) with ESMTP id 2D61633E676
 for <jo...@wa9als.com>; Wed, 11 May 2005 11:24:27 -0500 (EST)
Received: from mnsf3445.broadcast.teleplo.net ([172.26.0.2] 
helo=localhost.localdomain)
 by Elena with esmtp (Exim 4.43)
 id 1DVu0W-0008TY-HW
 for john@wa9als.com; Wed, 11 May 2005 18:24:24 +0200
Date: Wed, 11 May 2005 18:24:24 +0200
To: john@wa9als.com
From: Sofia <jo...@wa9als.com>
Subject: Re: info request
Message-ID: <b6...@localhost.localdomain>
X-Priority: 1
X-Mailer: PHPMailer [version 1.72]
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="b1_b66434f7fad33d906d6679e3e8277ba2"
X-Virus-Status: No
X-Virus-Checker-Version: Luke wa9als.com running clamassassin 1.2.1 with 
ClamAV 0.84/875/Tue May 10 06:27:59 2005 signatures 31.875
X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on Luke.wa9als.com
X-Spam-Level:
X-Spam-Status: No, score=-96.1 required=5.0 tests=BAYES_00,HTML_40_50,
 HTML_MESSAGE,HTML_SHORT_LENGTH,PORN_URL_SEX,RAZOR2_CHECK,
 RCVD_IN_BL_SPAMCOP_NET,USER_IN_WHITELIST autolearn=no version=3.0.2
Status: