Facebook
Twitter
dragnovich
Basic Pleskian
Hello Im concern about an "ODD thing" I see in all the email Im getting at my servers. All uses Plesk Mostly 8.6 and some 9.x.
Ok let's say in the server I got domain1.com, domain2.com domain3.com, etc....
When any email is received for [email protected] some of the email headers looks like this....
---
Received: (qmail 871 invoked from network); 10 Jul 2009 17:40:26 -0500
Received: from 201-1-76-254.dsl.telesp.net.br (201.1.76.254)
by domain3.com with SMTP; 10 Jul 2009 17:40:25 -0500
From: [email protected]
To: [email protected]
---
First ODD thing I see, is that the email is been received BY domain3.com (not domain1.com as it was sent to that email) and this receiver domain is randomly changed at each email received. ODDer is that I got emails received at the server from DOMAINS that are just pointed to the server, DNS records, and not in the server configured to respond as alias or something.
So why this emails are getting the receiver server as any domain in the server?
Many of this emails are SPAM, and many of them are BYPASSED by the spamassasain why? does it has some influence in the SPAM qualification? or is not necessary an security issue?
I have ALL the servers with all security activated, POP before SMTP, SMTP Auth, RBLS, DomainKeys, SpamAssasain, etc...
But still getting many emails as if they are as been sent from the server it self...
is this an issue, bug, security hole or just a spam paranoia!
Ok let's say in the server I got domain1.com, domain2.com domain3.com, etc....
When any email is received for [email protected] some of the email headers looks like this....
---
Received: (qmail 871 invoked from network); 10 Jul 2009 17:40:26 -0500
Received: from 201-1-76-254.dsl.telesp.net.br (201.1.76.254)
by domain3.com with SMTP; 10 Jul 2009 17:40:25 -0500
From: [email protected]
To: [email protected]
---
First ODD thing I see, is that the email is been received BY domain3.com (not domain1.com as it was sent to that email) and this receiver domain is randomly changed at each email received. ODDer is that I got emails received at the server from DOMAINS that are just pointed to the server, DNS records, and not in the server configured to respond as alias or something.
So why this emails are getting the receiver server as any domain in the server?
Many of this emails are SPAM, and many of them are BYPASSED by the spamassasain why? does it has some influence in the SPAM qualification? or is not necessary an security issue?
I have ALL the servers with all security activated, POP before SMTP, SMTP Auth, RBLS, DomainKeys, SpamAssasain, etc...
But still getting many emails as if they are as been sent from the server it self...
is this an issue, bug, security hole or just a spam paranoia!
