[Gllug] Unbelievable mail cockup again and again
Xander D Harkness
xander at harkness.co.uk
Fri Mar 14 21:05:49 UTC 2003
Formi wrote:
>
> I attach the headers of a spam email, if you look carefully you will
> find out that there is no deliverable email address in it.
>
> It seems to me that Vidoes at pop3.blueyonder.co.uk is the address that
> fooled that pile of crap of mta from m$hit bluewonder uses.
Is it not that blueyonder forwards all mail at *@dp.localdomain.org to
your mailbox. The reason that you did not receive three copies of it is
that some smtp daemons see three identical mails for one mailbox and
delivers just one copy.
>
> Personally I'm thinking of moving to one of the domain names I own,
> hosted on a machine I run, and ditching by email for ever. And then let
> that account to fill up for ever.
>
a little extra work; however lots of fun and great ability to tweak
incoming mail to your preferences.
>
>
> From formi Fri Mar 14 16:09:35 2003
> Return-Path: <bad_b_yyzqixr at hotmail.com>
> X-Original-To: formi at tp.localdomain.org
> Delivered-To: formi at tp.localdomain.org
> Received: from dp.localdomain.org (dp.localdomain.org [10.0.0.1])
> by tp.localdomain.org (Postfix) with ESMTP id 73EF827CF
> for <formi at tp.localdomain.org>; Fri, 14 Mar 2003 16:09:35 +0000 (GMT)
> Received: by dp.localdomain.org (Postfix)
> id 58D682FE9; Fri, 14 Mar 2003 16:09:33 +0000 (GMT)
> Delivered-To: formi at dp.localdomain.org
> Received: from localhost (localhost.localdomain [127.0.0.1])
> by dp.localdomain.org (Postfix) with ESMTP id 163542FE8
> for <formi at dp.localdomain.org>; Fri, 14 Mar 2003 11:09:33 -0500 (EST)
> Received: from pop3.blueyonder.co.uk
> by localhost with POP3 (fetchmail-6.1.0)
> for formi at dp.localdomain.org (single-drop); Fri, 14 Mar 2003 16:09:33 +0000 (GMT)
> Received: from hotmail.com ([4.23.131.10]) by blueyonder.co.uk with Microsoft SMTPSVC(5.5.1877.757.75);
> Fri, 14 Mar 2003 16:00:29 +0000
> Message-ID: <be9ed46f2785$b2e8c50d$e2383aa4 at wnv.th>
> From: <bad_b_yyzqixr at hotmail.com>
> To: Ultra at dp.localdomain.org, Hardcore at dp.localdomain.org,
> XxX at dp.localdomain.org, Vidoes at pop3.blueyonder.co.uk
Here I read it as deliver to three at dp.localdomain.org and someone
else who cannot spell videos.
It may be that they are trying every domain listed in blueyonder's dns.
It could be that blueyonders domain name servers allow domain transfers
from within their network and someone got a dump of all the domains
listed in their nameservers.
Kind regards
Xander
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list