pric 31-Jan-2007
Ben Finney
ben at benfinney.id.au
Wed Jan 31 22:27:17 UTC 2007
On 31-Jan-2007, Reinhard Mueller wrote:
> As far as I can tell, the message header fields indicate the mail has
> been sent from aso10.internetdsl.tpnet.pl, which is clearly not an
> address under FSFE's control.
Right. I missed the original Received field.
Received: from [192.168.0.202] (aso10.internetdsl.tpnet.pl [83.17.226.10])
by gadolin.fsfeurope.org (Postfix) with ESMTP id 6793B444002
for <discussion at fsfeurope.org>; Wed, 31 Jan 2007 09:26:51 +0100 (CET)
> The From: header is obviously forged.
Yes, I never believe that field on suspected spam :-)
> So there's not much we can do, unfortunately.
I thought for a while that the sender might be spoofing as an FSFE
machine, in which case it can be rejected immediately once it gives
its HELO; but that's not the case.
Thanks for investigating.
--
\ "If you ever fall off the Sears Tower, just go real limp, |
`\ because maybe you'll look like a dummy and people will try to |
_o__) catch you because, hey, free dummy." -- Jack Handey |
Ben Finney <ben at benfinney.id.au>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.fsfe.org/pipermail/discussion/attachments/20070201/3127c774/attachment.sig>
More information about the Discussion
mailing list