[Mimedefang] Mail and spam problem
Vivek Kumar
vivekk at gorave.net
Thu Jul 22 10:32:14 EDT 2004
Hi all,
Look at the following header information. THe user got this mail but it
was never sent by one internal user (harv) to SAMMY. They also said that
it contained virus. Now I think that this mail was generated from
jillian.org.
Now what all can I diagnose from this. How the mail is generated from
outside domain using internal user name etc. ??
Any help or diagnosis is highly appreciated.
Thanks
Vivek
Received: from localhost.localdomain (191.0.0.1 [191.0.0.1]) by
virtual02.gorave.net with SMTP (Microsoft Exchange Internet Mail Service
Version 5.5.2653.13)
id 3RNHWNKC; Wed, 21 Jul 2004 14:21:21 -0400
Received: from advanceserver (advanceserver [127.0.0.1])
by localhost.localdomain (8.12.11/8.12.10) with ESMTP id i6LIKiaL012792
for <SAMMY at GORAVE.NET <mailto:SAMMY at GORAVE.NET> >; Wed, 21 Jul 2004
14:20:44 -0400
Received: from Jillian.org (adsl-66-120-254-18.dsl.lsan03.pacbell.net
[66.120.254.18])
by gorave.net (VaMailArmor-2.0.2-6) id 12753-5A1C3251;
Wed, 21 Jul 2004 14:20:42 -0400
Date: Wed, 21 Jul 2004 11:30:35 -0800
To: "SAMMY" <SAMMY at gorave.net <mailto:SAMMY at gorave.net> >
From: "Harv" <harv at gorave.net <mailto:harv at gorave.net> >
Subject: Virus Found in message "Re:"
Message-ID: <bpiijtockayslqmylrk at GORAVE.NET
<mailto:bpiijtockayslqmylrk at GORAVE.NET> >
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="--------oijkoluwnkhliypsdsda"
X-AntiVirus: checked by Vexira MailArmor (version: 2.0.2-6; VAE:
6.26.0.3; VDF: 6.26.0.38; host: advanceserver)
X-Spam-Status: No, hits=2.7 required=8.0
tests=AWL,BASE64_ENC_TEXT,HTML_20_30,MIME_HTML_ONLY,RCVD_IN_ORBS
version=2.55
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
X-Scanned-By: MIMEDefang 2.38
----------oijkoluwnkhliypsdsda
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: base64
----------oijkoluwnkhliypsdsda--
More information about the MIMEDefang
mailing list