Server accepting mails that are normally refused - hack?

From: Eddy Ilg (no email)
Date: Mon Oct 01 2007 - 17:11:54 EDT

  • Next message: Victor Duchovni: "Re: To personalize NonDelivery Request (rejected e-mail) to sender"

    Hi,

    our mailserver is filling it's queue with mails that it should not
    accept. E.g.:
    sender:
    recipient:

    If I try to drop a mail to with a telnet SMTP
    session postfix refuses to accept it, so the big question is why does
    postfix accept these mails? Is the sender using a trick to bypass the
    address verifications?

    Here's the mail contents:
    -----------------------------
    *** ENVELOPE RECORDS deferred/0/082E98062CC ***
    message_size: 1548 213 1
         0
    message_arrival_time: Sat Sep 29 14:37:37 2007
    create_time: Sat Sep 29 14:37:42 2007
    named_attribute: rewrite_context=remote
    sender_fullname:
    sender:
    original_recipient:
    recipient:
    *** MESSAGE CONTENTS deferred/0/082E98062CC ***
    Received: by mail.dextermedia.net (Postfix, from userid 1001)
             id 082E98062CC; Sat, 29 Sep 2007 14:37:42 +0200 (CEST)
    Received: from EXCHANGE (brmn-4db7427e.pool.einsundeins.de [77.183.66.126])
             by mail.dextermedia.net (Postfix) with ESMTP id 8A8D38062DD
             for <>; Sat, 29 Sep 2007 14:37:37 +0200
    (CEST)
    Received: from [202.153.31.4] (helo=77.183.66.126)
             by law-fit.dyndns.org with smtp (Exim 4.43)
             id 1IbbZf-0002O0-HX; Sat, 29 Sep 2007 14:37:36 +0200
    Received: from 144.92.30.64 by 202.153.31.4; Tue, 02 Oct 2007 13:31:59 +0100
    Message-ID: <YHYIVDGMBFEOUNZNHIPBMM at ms47 dot hinet dot net>
    From: "°s)(¦À)(¦×)(ªL" <staton dot 77128 at yahoo dot com dot jp>
    To:
    Subject: ¤k¦P¨Æ¥s§Ú©ç¦o»r·Ó«o¤S¤£
    Date: Tue, 02 Oct 2007 07:35:59 -0500
    X-Mailer: %WORD_0 %WORD_1 %WORD_2 1312
    MIME-Version: 1.0
    Content-Type: multipart/alternative;
             boundary="--7872251897102089591"
    X-Priority: 3
    X-MSMail-Priority: Normal

    ----7872251897102089591
    Content-Type: text/plain;
    Content-Transfer-Encoding: quoted-printable

    >_<
    =A7=D6=A5=CE=A7A=A8=BA=AE=DA=A4p=A4=F5=AE=E3=C2I=BFU=B3o=A2=B2=A6=EC=B7=
    =F6=A4k=AA=BA=BC=A4=A4=F5=A7a!

    F=A5=A4 ~ =AAB=A4=CD=A9d=A4=A3=A5i=C0=B8=A1A=A4@=A8=E2=A6=B8=A8S=C3=F6=ABY=
    =A1I

    http://google.sina.com.tw/search/ad_task.do?adurl=3Dhttp://idywt.com/wei66=

    http://google.sina.com.tw/search/ad_task.do?adurl=3Dhttp://mcnehds.net/wei=
    66
    http://aol.com/redir.adp?_url=3Dhttp://idywt.com/wei66

    *=A9t=A8k=A6h=A4k=C0=E3=BE=C7=B0|(=A4k=A4l=B1J=AA=D9=BDg)*

    ----7872251897102089591--

    *** HEADER EXTRACTED deferred/0/082E98062CC ***
    *** MESSAGE FILE END deferred/0/082E98062CC ***
    -----------------------------

    Thanks

    Eddy

  • Next message: Victor Duchovni: "Re: To personalize NonDelivery Request (rejected e-mail) to sender"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    		Powered By FreeBSD   Powered By FreeBSD