[Esa-l] Weird E-Mail
esa-l at pcguru.com.au
Tue May 1 02:43:02 PDT 2001
I've received two very weird e-mails in the last two days.
Both were addressed to a user at my domain that does not exist... I
won't include the full text but the content looks like a brute force
username test against HotMail... *weird*.
Anyway - I noticed both emails had forged route host names...
Is it possible to block when the claimed host name doesn't match the
resolved one? Is it dumb?
Received: by swami.pcguru.com.au (mbox jas)
(with Cubic Circle's cucipop (v1.31 1998/05/13) Tue May 1 17:23:13
X-From_: MAILER-DAEMON at swami.pcguru.com.au Tue May 1 15:41:31 2001
Return-Path: <MAILER-DAEMON at swami.pcguru.com.au>
Received: from iris1.iris-system.com (nstnt6.szptt.net.cn
[22.214.171.124] (may be forged))
by swami.pcguru.com.au (8.11.2/8.11.0) with ESMTP id f417fMU16923
for <cokoso62 at pcguru.com.au>; Tue, 1 May 2001 15:41:29 +0800
From: postmaster at iris1.iris-system.com
To: cokoso62 at pcguru.com.au
Date: Tue, 1 May 2001 15:27:39 +0800
X-Security: MIME headers sanitized on swami.pcguru.com.au
for details. $Revision: 1.129 $Date: 2001-04-14 20:20:43-07
Content-Type: multipart/report; report-type=delivery-status;
Message-ID: <wr2UAaTzv0000ad2f at iris1.iris-system.com>
Subject: Delivery Status Notification (Delay)
More information about the esd-l