UltraDNS mail admin around?
I'm getting bombarded by these Received: from 80.224.33.155.static.user.ono.com ([80.224.33.155])by mxb2eqsj.ultradns.net with esmtp (Exim 4.43)id 1J7YZc-0007qU-4ifor mason_johnn@i2c.com; Wed, 26 Dec 2007 15:53:36 +0000 Message-ID: <000701c847d7$0379bd21$79a237a3@muffejda> From: "Handbags" <andrzej@myrealbox.com> To: "Replica Watches" <mason_johnn@i2c.com> ----- Andrey Gordon [andrey.gordon@gmail.com]
Andrey Gordon wrote:
I'm getting bombarded by these
Received: from 80.224.33.155.static.user.ono.com ([80.224.33.155])by mxb2eqsj.ultradns.net with esmtp (Exim 4.43)id 1J7YZc-0007qU-4ifor mason_johnn@i2c.com; Wed, 26 Dec 2007 15:53:36 +0000 Message-ID: <000701c847d7$0379bd21$79a237a3@muffejda> From: "Handbags" <andrzej@myrealbox.com> To: "Replica Watches" <mason_johnn@i2c.com>
<sigh> get a clue 155.33.224.80.in-addr.arpa domain name pointer 80.224.33.155.static.user.ono.com. randy
Randy Bush wrote:
Andrey Gordon wrote:
I'm getting bombarded by these
Received: from 80.224.33.155.static.user.ono.com ([80.224.33.155])by mxb2eqsj.ultradns.net with esmtp (Exim 4.43)id 1J7YZc-0007qU-4ifor mason_johnn@i2c.com; Wed, 26 Dec 2007 15:53:36 +0000 Message-ID: <000701c847d7$0379bd21$79a237a3@muffejda> From: "Handbags" <andrzej@myrealbox.com> To: "Replica Watches" <mason_johnn@i2c.com>
<sigh> get a clue
155.33.224.80.in-addr.arpa domain name pointer 80.224.33.155.static.user.ono.com.
sorry. first cuppa. was ultra really the next hop? randy
Randy Bush wrote:
Randy Bush wrote:
Andrey Gordon wrote:
I'm getting bombarded by these
Received: from 80.224.33.155.static.user.ono.com ([80.224.33.155])by mxb2eqsj.ultradns.net with esmtp (Exim 4.43)id 1J7YZc-0007qU-4ifor mason_johnn@i2c.com; Wed, 26 Dec 2007 15:53:36 +0000 Message-ID: <000701c847d7$0379bd21$79a237a3@muffejda> From: "Handbags" <andrzej@myrealbox.com> To: "Replica Watches" <mason_johnn@i2c.com>
was ultra really the next hop?
Either Ultradns is Andrey's mail server, or he appears to have left out his perimeter's Received line. More likely the latter. Without seeing the final received line, can't tell whether this really went thru UltraDNS. Many BOTS forge headers. It's not at all unusual to see: Received: from a by b (b is my server) Received: from c by d where d != a. Meaning the second Received line is entirely fabricated.
participants (3)
-
Andrey Gordon
-
Chris Lewis
-
Randy Bush