[Mimedefang] HBEDV Reporting broken? - False Positives Reported
Ashley M. Kirchner
ashley at pcraft.com
Sun Dec 15 18:07:01 EST 2002
Albert E. Whale wrote:
>Received: from [202.9.153.20] (HELO mdss1.kebi.com) by wks02
>
That's forged:
----------
% dig mdss1.kebi.com
;; QUESTION SECTION:
;mdss1.kebi.com. IN A
;; ANSWER SECTION:
mdss1.kebi.com. 7142 IN A 210.116.116.81
mdss1.kebi.com. 7142 IN A 210.116.116.105
mdss1.kebi.com. 7142 IN A 210.116.116.25
mdss1.kebi.com. 7142 IN A 210.116.116.66
----------
In fact, the 202.9.153.20 IP belongs to:
----------
inetnum: 202.9.128.0 - 202.9.159.255
netname: DISHNET
descr: DISHNETDSL LTD
descr: 19, Cathedral Garden Road
descr: Nungambakkam
descr: CHENNAI
country: IN
----------
So, your message came from a server in India, with headers that are
pointing to mdss1.kebi.com, a server in Korea.
AMK4
More information about the MIMEDefang
mailing list