[ctw] Re: Forged Helo's Blocked - Now invalid local sender

  • From: Garret Cleversley <cleverg@xxxxxxxxx>
  • To: ctw@xxxxxxxxxxxxx
  • Date: Wed, 27 May 2009 15:04:48 -0400


On May 27, 2009, at 1:37 PM, Tom Shaw wrote:



score
score
check
block
check
unchecked
unchecked
file:files/falsehelo.txt (with ips and local hosts and domains set
127.0.0.1|10.|192.168.| and my mailserver ips
blank
check
block
^(([a-z\d][a-z\d\-]*)?[a-z\d]\.)+[a-z]{2,6}$
block
file:files/invalidformathelore.txt
check
uncheck


I match up to you and get:
May-27-09 15:03:01 209.85.221.134 <cleverg@xxxxxxxxx> MessageScore is now 150, after adding 150 (forged Helo: 'mail-qy0-f134.google.com') May-27-09 15:03:01 [ForgedHELO] 209.85.221.134 <cleverg@xxxxxxxxx> [spam found] (forced: forged Helo: 'mail-qy0-f134.google.com') 
May-27-09 15:03:01 Disconnected: 209.85.221.134


Garret


Circle The Wagons
manage: //www.freelists.org/list/ctw post: mailto:ctw@xxxxxxxxxxxxx 
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq

Other related posts:

  1. Home
  2. ctw
  3. Archive
  4. 05-2009