Why did this mail come through ?

P

Philipp

Renowned Member
Nov 22, 2009
18
0
66
Hi,
I set "Verify Receivers" under "Mail/Options" to either yes/450 or yes/550, which worked fine for us for a long time.
Since weeks we are flooded by a wave of mails like this (unchanged source code):
Return-Path: aphelionsfp9@reinbou.com
Received: from proxmox.newvision-it.de ([192.168.246.5])
by mail.newvision-it.de
; Sun, 22 Nov 2009 16:03:46 +0100
Received: from proxmox.newvision-it.de (localhost [127.0.0.1])
by proxmox.newvision-it.de (Proxmox) with ESMTP id D379724629;
Sun, 22 Nov 2009 16:03:46 +0100 (CET)
Received: from mailgate.witcom.de (mailgate.witcom.de [217.19.176.12])
by proxmox.newvision-it.de (Proxmox) with ESMTP id 62D8024627;
Sun, 22 Nov 2009 16:03:44 +0100 (CET)
Received: from 20129074087.user.veloxzone.com.br (20129074087.user.veloxzone.com.br [201.29.74.87] (may be forged))
by mailgate.witcom.de (8.13.6/8.13.6/SuSE Linux 0.8) with ESMTP id nAMF3eLH030709;
Sun, 22 Nov 2009 16:03:42 +0100
Date: Sun, 22 Nov 2009 13:03:37 -0300
From: "Marceline brugger" <aphelionsfp9@reinbou.com>
Subject: Einkaufer gesucht
To: <46efc9ae.8010900@newvision-it.de>
Message-ID: <000d01ca6b84$f8400240$6400a8c0@aphelionsfp9>
MIME-Version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.0.6001.18049
X-Mailer: Microsoft Windows Mail 6.0.6001.18000
Content-type: text/plain; format=flowed; charset=iso-8859-1; reply-type=original
Content-transfer-encoding: 7bit
X-Priority: 3
X-MSMail-priority: Normal

Fuer unser Unternehmen werden bundesweit Einkaeufer gesucht. Vorkenntnisse nicht erforderlich. Wir arbeiten Sie gruendlich ein. Auch ideal fuer Fruehrentner und Arbeitslose.
Bewerbung bitte an riedelElfreda@gmail.com

There is no mailbox like <46efc9ae.8010900@newvision-it.de>
I wonder how this mail got through.
Any hints are welcome.

Regards from Germany,
Philipp
 
OK - further investigation shows that only mails from our ISP's backup MX are coming through like this?
Is this because we followed the best practices in the promox manuals to have this host whitelisted in the global whitelist?
Are these hosts excluded from all checks ?

- Philipp
 
Philipp said:
OK - further investigation shows that only mails from our ISP's backup MX are coming through like this?
Is this because we followed the best practices in the promox manuals to have this host whitelisted in the global whitelist?
Click to expand...

Best practice is to do not use backup MX without any spam detection.

Philipp said:
Are these hosts excluded from all checks ?
Click to expand...

Yes.
 
You must log in or register to reply here.
Top Bottom