[sanesecurity] FP: INetMsg.SpamDomain-2w.uninet-ide_com_mx

• From: René Berber <r.berber@xxxxxxxxxxxx>
• To: sanesecurity@xxxxxxxxxxxxx
• Date: Fri, 05 Nov 2010 11:04:48 -0600

Good day,

The signature in the subject is hitting mail sent from legitimate,
authenticated users.

It is just too general, the signature doesn't (perhaps it can't)
distinguish between legitimate use or not.  As I said, authenticated
users are being blocked, and I can see that by looking at the header
that triggers the signature:

> Received: from [192.168.1.101] (customer-189-254-221-51-sta.uninet-ide.com.mx 
> [189.254.221.51] (may be forged))
>         (authenticated bits=0)
>         by mail.DOMAIN.com.mx (8.14.4/8.14.4) with ESMTP id oA5G8WdM010436
>         for <USER@xxxxxxxxxxxxx>; Fri, 5 Nov 2010 10:08:40 -0600 (CST)

(I changed my domain to DOMAIN, and  username, to prevent spam
harvesters grabbing a real mail address)

I can provide more info if required.
-- 
René Berber

• Follow-Ups:
  • [sanesecurity] Re: FP: INetMsg.SpamDomain-2w.uninet-ide_com_mx
    • From: Bill Landry

Other related posts:

• » [sanesecurity] FP: INetMsg.SpamDomain-2w.uninet-ide_com_mx - René Berber
• » [sanesecurity] Re: FP: INetMsg.SpamDomain-2w.uninet-ide_com_mx- Bill Landry
• » [sanesecurity] Re: FP: INetMsg.SpamDomain-2w.uninet-ide_com_mx- René Berber
• » [sanesecurity] Re: FP: INetMsg.SpamDomain-2w.uninet-ide_com_mx- Bill Landry

1. Home
2. sanesecurity
3. Archive
4. 11-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---