ich habe bei der Konfiguration gem. debianhowto ein Problem mit nur einer Domain.
Es gibt eine Adresse admin@providername.net. Weiterhin hat der Kunde Adressen name@kundendomain.de usw.. Nun ist es so, dass eMails an root@kundendomain.de und webmaster@kundendomain.de (alles Spam aus bruteforce) prinzipiell an admin@providername.net gehen.
Hat hier zu jemand eine Idee?
Hier der Mail-Header:
Code: Select all
Return-path: <bgobxhu@origenfinancial.com>
Envelope-to: root@kundendomain.de
Received: from [221.220.168.113] (helo=[221.220.168.113])
by mx.providername.net with esmtp (Exim 4.50)
id 1GjsvE-0001bq-3J
for root@kundendomain.de; Tue, 14 Nov 2006 08:41:53 +0100
Message-ID: <000601c707c0$4ebb4700$00000000@ass6dyfq6ipj32>
From: "Crown Point" <bgobxhu@origenfinancial.com>
To: root@kundendomain.de
References: <000601c707c0$4ebb4700$00000000@ass6dyfq6ipj32>
Date: Tue, 14 Nov 2006 15:41:33 +0800
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="----=_NextPart_000_0007_01C70803.5CDB79C0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2869
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
X-Spam-Score: 19.3
X-Spam-Report: Spam detection software, running on the system "mx.providername.net", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: ----- Original Message ----- From: root@kundendomain.de
To: bgobxhu@origenfinancial.com Sent: Wednesday, November 07:03:09 AM
Subject: websites Zune or Microsofts Confront in Darkness of Revolution
of Animating of. Forums neo console version Enter. Calling dozens
companies hugely? Northlake is Northwest oak? Deemed monitor or
referrer logs andor courteous. Myflash is high exactfit white Nstsearch
us our easier. Important a note am doesnt say wether. Hesitant
unfamiliar prefer reenter cart. Sides Gore Parties Scandals Deaths.
Businesses begin enjoy is steady flow am starts flowing naturally hey?
Miyazaki zeppelin floats steam knobs. Nocost clients format builds
strong brand loyalty pipeline perceive? Ship ant arrive mess moved a.
Itbut am div manny! Bodyhere cracked ofwindows a simply of reply
Replyname. Obtained Atext or folder Once passwords entered correctly.
Always hard manage happens Plus obivous or cant. Sewing Woman Janior
Alley Firebird is man Policecar looks. Cheesecake of cover goods of.
Nocost clients format builds strong brand loyalty pipeline perceive?
Forums neo console version Enter. Ok tap shoulder introduce of
yourself. West or co Proviso Western Springs Wheaton Wheeling. Device
Filter change a software Action Adventure of. Locations within using
Study images. Nonstop fantasized Catherine. Device Filter change a
software Action Adventure of. Suffers serious mental health disorder
posting. Desktop Headphones Hifi separates Palmtops Portable bikes
Networked. Mountain Resorta relaxed a Skiing Keystone? Say wether in
keep mind section gliteches. [...]
Content analysis details: (19.3 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.2 EXTRA_MPART_TYPE Header has extraneous Content-type:...type= entry
0.1 HTML_40_50 BODY: Message is 40% to 50% HTML
0.0 HTML_MESSAGE BODY: HTML included in message
1.0 RCVD_IN_NJABL_PROXY RBL: NJABL: sender is an open proxy
[221.220.168.113 listed in combined.njabl.org]
18 FUZZY_OCR BODY: Mail contains an image with common spam text inside
X-Spam-Bar: +++++++++++++++++++
Subject: (+++++++++++++++++++ SPAM(19.3) +++++++++++++++++++) Re: websites
X-Spam-Flag: YES
Code: Select all
2006-11-14 08:41:53 1GjsvE-0001bq-3J <= bgobxhu@origenfinancial.com H=([221.220.168.113]) [221.220.168.113] P=esmtp S=36246 id=000601c707c0$4ebb4700$00000000@ass6dyfq6ipj32 T="Re: websites"
2006-11-14 08:41:53 1GjsvE-0001bq-3J => /var/opt/vmail/providername.net/shared/ADMINISTRATOREN/.ADMIN (admin@providername.net) <root@kundendomain.de> R=virtual_domains T=virtual_delivery
2006-11-14 08:41:53 1GjsvE-0001bq-3J Completed
Hat hier jemand eine Idee bzw. Vorschlag zur weiteren Analyse? Und noch viel schlimmer, warum wird die Mail nicht wegsortiert. Ab Spam-Level 2 haue ich die Mails in den Müll.
Grüße
Stefan Richter