keefe007
05-28-2009, 09:55 PM
I have at least one user who has been receiving spam that appears to bypass spam-assassin.
Here are some headers:
Return-path: <stopll@yourbusinessview.com>
Envelope-to: mark@mycustomersdomain.com
Delivery-date: Thu, 28 May 2009 14:11:32 -0500
Received: from ip-174-142-68-70.static.privatedns.com ([174.142.68.70]
helo=mx1.yourbusinessview.com)
by astra.techwarepc.com with smtp (Exim 4.69)
(envelope-from <stopll@yourbusinessview.com>)
id 1M9l0m-0002o9-7m
for mark@mycustomersdomain.com; Thu, 28 May 2009 14:11:32 -0500
From: "Auto Protection Results" <AutoProtection95yim@yourbusinessview.com>
Subject: Car Warranty Wholesale
Date: Thu, 28 May 2009 15:15:25 -0500
Message-ID: <20090528151525.jvrmnfdkrgm@mx1.yourbusinessview.com>
To: <mark@mycustomersdomain.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0082_226a25f0.226a25f0"
X-Mailer: Microsoft Office Outlook 12.0
Content-Language: en-us
Importance: High
-------------------------------------------------------------------------
Return-path: <winniestopjba@bigbrownloco.com>
Envelope-to: mark@mycustomersdomain.com
Delivery-date: Thu, 28 May 2009 14:11:58 -0500
Received: from [208.87.91.51] (helo=mx2.bigbrownloco.com)
by astra.techwarepc.com with smtp (Exim 4.69)
(envelope-from <winniestopjba@bigbrownloco.com>)
id 1M9l0Y-0002ms-Ss
for mark@mycustomersdomain.com; Thu, 28 May 2009 14:11:57 -0500
To: <mark@mycustomersdomain.com>
Reply-To: <winniestopjba@bigbrownloco.com>
From: "SimplyInk" <Save.Up.To.76%.nsu345p7@bigbrownloco.com>
Subject: RE: Ink & Toner {Get 10% Off + Free Shipping}
Date: Thu, 28 May 2009 14:25:29 -0600
Message-ID: <20090528142529.csqmkcrwwjp@mx2.bigbrownloco.com>
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_extPart_000_0004_10542050.10542050"
______________________________________________________________________
Return-path: <stopyxfy@wealthteamusa.com>
Envelope-to: mark@mycustomersdomain.com
Delivery-date: Thu, 28 May 2009 14:52:37 -0500
Received: from [76.73.20.74] (helo=mx1.wealthteamusa.com)
by astra.techwarepc.com with smtp (Exim 4.69)
(envelope-from <stopyxfy@wealthteamusa.com>)
id 1M9leU-0005qk-NL
for mark@mycustomersdomain.com; Thu, 28 May 2009 14:52:37 -0500
From: "Body Solutions" <SmoothSkinl@wealthteamusa.com>
Subject: Sick of Stubborn Cellulite
Date: Thu, 28 May 2009 13:56:28 -0700
Message-ID: <20090528135628.qgjfdcmpwrg@mx1.wealthteamusa.com>
To: <mark@mycustomersdomain.com>
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_NextPart_000_0007_01C9DA0F.9B810BA0"
X-Mailer: Microsoft Office Outlook 12.0
Content-Language: en-us
The interesting thing is that *most* of his email contains the spamassassin headers.
What could be causing these particular emails to not be scanned?
Thanks,
Keefe
Here are some headers:
Return-path: <stopll@yourbusinessview.com>
Envelope-to: mark@mycustomersdomain.com
Delivery-date: Thu, 28 May 2009 14:11:32 -0500
Received: from ip-174-142-68-70.static.privatedns.com ([174.142.68.70]
helo=mx1.yourbusinessview.com)
by astra.techwarepc.com with smtp (Exim 4.69)
(envelope-from <stopll@yourbusinessview.com>)
id 1M9l0m-0002o9-7m
for mark@mycustomersdomain.com; Thu, 28 May 2009 14:11:32 -0500
From: "Auto Protection Results" <AutoProtection95yim@yourbusinessview.com>
Subject: Car Warranty Wholesale
Date: Thu, 28 May 2009 15:15:25 -0500
Message-ID: <20090528151525.jvrmnfdkrgm@mx1.yourbusinessview.com>
To: <mark@mycustomersdomain.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0082_226a25f0.226a25f0"
X-Mailer: Microsoft Office Outlook 12.0
Content-Language: en-us
Importance: High
-------------------------------------------------------------------------
Return-path: <winniestopjba@bigbrownloco.com>
Envelope-to: mark@mycustomersdomain.com
Delivery-date: Thu, 28 May 2009 14:11:58 -0500
Received: from [208.87.91.51] (helo=mx2.bigbrownloco.com)
by astra.techwarepc.com with smtp (Exim 4.69)
(envelope-from <winniestopjba@bigbrownloco.com>)
id 1M9l0Y-0002ms-Ss
for mark@mycustomersdomain.com; Thu, 28 May 2009 14:11:57 -0500
To: <mark@mycustomersdomain.com>
Reply-To: <winniestopjba@bigbrownloco.com>
From: "SimplyInk" <Save.Up.To.76%.nsu345p7@bigbrownloco.com>
Subject: RE: Ink & Toner {Get 10% Off + Free Shipping}
Date: Thu, 28 May 2009 14:25:29 -0600
Message-ID: <20090528142529.csqmkcrwwjp@mx2.bigbrownloco.com>
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_extPart_000_0004_10542050.10542050"
______________________________________________________________________
Return-path: <stopyxfy@wealthteamusa.com>
Envelope-to: mark@mycustomersdomain.com
Delivery-date: Thu, 28 May 2009 14:52:37 -0500
Received: from [76.73.20.74] (helo=mx1.wealthteamusa.com)
by astra.techwarepc.com with smtp (Exim 4.69)
(envelope-from <stopyxfy@wealthteamusa.com>)
id 1M9leU-0005qk-NL
for mark@mycustomersdomain.com; Thu, 28 May 2009 14:52:37 -0500
From: "Body Solutions" <SmoothSkinl@wealthteamusa.com>
Subject: Sick of Stubborn Cellulite
Date: Thu, 28 May 2009 13:56:28 -0700
Message-ID: <20090528135628.qgjfdcmpwrg@mx1.wealthteamusa.com>
To: <mark@mycustomersdomain.com>
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_NextPart_000_0007_01C9DA0F.9B810BA0"
X-Mailer: Microsoft Office Outlook 12.0
Content-Language: en-us
The interesting thing is that *most* of his email contains the spamassassin headers.
What could be causing these particular emails to not be scanned?
Thanks,
Keefe