Help with SPAM header please

B

bjseiler

Verified User
Joined
Jun 19, 2003
Messages
182
I have received two of these TOS notifications from AOL about a spammer on a server but I am not sure whether it is actually coming from our server (www8.leadasp.com) or if somebody on that server (my client) is the one clicking on the AOL SPAM button and the headers are just being confused by AOL as coming from www8.leadasp.com. Any help would be appreciated.

Return-Path: <[email protected]>
Received: from rly-xi01.mx.aol.com (rly-xi01.mail.aol.com [172.20.116.6]) by air-xi01.mail.aol.com (v103.7) with ESMTP id MAILINXI12-4c041db5ec7337; Tue, 04 Jan 2005 22:28:20 -0500
Received: from www8.leadasp.com (www8.leadasp.com [66.243.176.47]) by rly-xi01.mx.aol.com (v103.7) with ESMTP id MAILRELAYINXI16-4c041db5ec7337; Tue, 04 Jan 2005 22:28:07 -0500
Received: from [222.64.228.112] (helo=truebritney.com)
by www8.leadasp.com with smtp (Exim 4.24)
id 1Cm1nN-000EOU-Fo; Tue, 04 Jan 2005 21:25:16 -0600
Message-ID: <[email protected]>
Date: Wed, 05 Jan 2005 08:59:12 +0700
From: "luciano ceo" <[email protected]>
User-Agent: AOL 7.0 for Windows US sub 118
X-Accept-Language: en-us
MIME-Version: 1.0
To: <Undisclosed Recipients>
Subject: You are going out for pain relief?
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-AOL-IP: 66.243.176.47
X-Mailer: Unknown (No Version)
 
Someone at the mailserver at 222.64.228.112 is spoofing the name truebritney.com and connecting to your server, and using it to relay email to an address at AOL.

Unless you've changed your DA configuration it's probably that either one of your clients is doing it, or you've been hacked.

If one of your clients is doing it, you'll find evidence of who they are by searching your logs for that IP#. If you've been hacked you probably won't find anything but you'll continue to get complaints and your IP# will eventually end up on blocklists (it's not on any now).

Jeff
 
Well, I found out that my client was the one complaining to AOL about the SPAM. Her email comes from our server as a forwarder so I hope that explains why AOL got confused as to why our server was shown as a SPAM relay. Thanks for the help!
 
You must log in or register to reply here.
Back
Top