nolisting MX record
Christoph Kukulies
kuku at kukulies.org
Mi Mär 22 11:31:11 CET 2017
Hatte vergessen, die Mail selbst anzuhängen:
Return-Path: <amanda at cruisesdeals.ca>
Delivered-To: me at mydomain.org
Received: from mail.mydomain.org
by mydomain.org (Dovecot) with LMTP id ejTmDuJL0ljMIgAAXmd1zw
for <me at mydomain.org>; Wed, 22 Mar 2017 11:03:14 +0100
Received: from localhost (localhost [127.0.0.1])
by mail.mydomain.org (Postfix) with ESMTP id 3783A2106AB
for <me at mydomain.org>; Wed, 22 Mar 2017 11:03:14 +0100 (CET)
X-Spam-Flag: NO
X-Spam-Score: 1.175
X-Spam-Level: *
X-Spam-Status: No, score=1.175 required=5 tests=[DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001,
RDNS_NONE=1.274] autolearn=no autolearn_force=no
Authentication-Results: mail.mydomain.org (amavisd-new);
dkim=pass (2048-bit key) header.d=cruisesdeals.ca
Received: from mail.mydomain.org ([127.0.0.1])
by localhost (mail.mydomain.org [127.0.0.1]) (amavisd-new, port
10024)
with ESMTP id tOopJduX0kBu for <me at mydomain.org>;
Wed, 22 Mar 2017 11:03:13 +0100 (CET)
Received: from cheapflightscanada.ca (unknown [108.163.252.234])
by mail.mydomain.org (Postfix) with ESMTPS id 8E49C2106AA
for <me at mydomain.org>; Wed, 22 Mar 2017 11:03:13 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=cruisesdeals.ca; s=default;
h=Content-Transfer-Encoding:Content-Type:
MIME-Version:Message-ID:From:Date:Subject:To:Sender:Reply-To:Cc:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=QUcg8ToBrcDUuuWRIY2qCOl5q+4rwZUNASvTOnsJAgM=;
b=yik1AMgaLXZ0Ig2XrPgfXE8N1J
5T8Q9VusE7qR0EZzziiAL+LoRRVaIYGidIyFg+Cxz+/mVkzlTnmbvuZQiYYsNbADj+/1zsXSOgIDe
9HFBTXLO7xEwvXoIo92PVAgg4tH3t4wwQ8o8WVxDYqWyK7SZm/yPzs12LeS7N6BOyXB6In9Hu7cI/
WEI3mYsBJ8fzMRyQhBxVSpYyBc7L6uh6O1FCQuTffz2ldB1TY+FgvLomSo2oPMQ+GnZO467znhgHS
hJLpHFtOxEYuSdVZVnu/wTWerwSJa8Vb4LwaE+8Ady5QDMAPB3eCG5oak4vqbGsJByD81OjGb2xZM
V/xdIK5A==;
Received: from nqbxkapi by mars.whfweb.com with local (Exim 4.88)
(envelope-from <amanda at cruisesdeals.ca>)
id 1cqd6h-000GV6-OM
for me at mydomain.org; Wed, 22 Mar 2017 05:03:07 -0500
To: me at mydomain.org
Subject: I can make pleasure
X-PHP-Script: www.cruisesdeals.ca/wp-content/themes/press.php for
98.126.199.83
X-PHP-Filename:
/home/nqbxkapi/cruisesdeals.ca/wp-content/themes/press.php REMOTE_ADDR:
98.126.199.83
Date: Wed, 22 Mar 2017 10:03:07 +0000
From: Amanda <amanda at cruisesdeals.ca>
Message-ID: <f13690b9809de6aba04e5406b1827d00 at www.cruisesdeals.ca>
X-Priority: 3
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_f13690b9809de6aba04e5406b1827d00"
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse, please include it
with any abuse report
X-AntiAbuse: Primary Hostname - mars.whfweb.com
X-AntiAbuse: Original Domain - mydomain.org
X-AntiAbuse: Originator/Caller UID/GID - [1202 1193] / [47 12]
X-AntiAbuse: Sender Address Domain - cruisesdeals.ca
X-Get-Message-Sender-Via: mars.whfweb.com: authenticated_id:
nqbxkapi/from_h
X-Authenticated-Sender: mars.whfweb.com: amanda at cruisesdeals.ca
--b1_f13690b9809de6aba04e5406b1827d00
Content-Type: text/plain; charset=us-ascii
TEXT
[ http://www.cruisesdeals.ca/man.php?x=XXXXX] We are here.
--b1_f13690b9809de6aba04e5406b1827d00
Content-Type: text/html; charset=us-ascii
<html>
<body>
<br>
<a href="http://www.cruisesdeals.ca/man.php?x=XXXXX">.</a>
</body>
</html>
--b1_f13690b9809de6aba04e5406b1827d00--
Am 22.03.2017 um 11:11 schrieb Christoph Kukulies:
> Nachdem ich mittlerweile der Verzweiflung nahe bin, weil spam immer
> noch - trotz postgrey - scheinbar ungehindert durchkommt, habe ich
> jetzt zum letzten Mittel gegriffen und in dem DNS-record meines
> Servers einen "fake" MX Eintrag gemacht, derart, daß da jetzt steht
>
> @ IN 10 nolisting
> @ IN 20 mail
>
>
> Normale Mail kommt ungehindert an (darüber bin ich schon mal froh).
> Aber eben kam wieder eine Spam mail der Sorte
> amanda durch.
>
> Hier ist sie (habe versucht, die möglicherweise bösartigen Links zu
> neutralisieren). Wenn da das nolisting nichts nütt , scheint sie über
> einen regulären Server gelaufen zu sein, der wiederholt zuzustellen
> versucht, oder?
>
>
> Grüße
>
> Christoph
>
>
Mehr Informationen über die Mailingliste postfix-users