how to avoid these spam mails

Forum for getting help with Project Gamera, Spamassassin, Clamav, qmail-scanner and other anti-spam tools.
BruceLee
Forum Regular
Forum Regular
Posts: 879
Joined: Sat Mar 28, 2009 6:58 pm
Location: Germany

how to avoid these spam mails

Unread post by BruceLee »

Header:

Code: Select all

Received: (qmail 25366 invoked by uid 10039); 31 Jan 2013 19:10:37 +0100
Received: from host-87-242-15-93.prtelecom.hu by ourserver.tld (envelope-from <message@securebank.com>, uid 2020) with qmail-scanner-2.08st 
 (clamdscan: 0.97.6/16598. spamassassin: 3.3.2. perlscan: 2.08st.  
 Clear:RC:0(87.242.15.93):SA:0(1.9/4.0):. 
 Processed in 6.822929 secs); 31 Jan 2013 18:10:37 -0000
X-Spam-Status: No, hits=1.9 required=4.0
X-Spam-Level: +
Received: from host-87-242-15-93.prtelecom.hu (87.242.15.93)
  by myserver.tld with SMTP; 31 Jan 2013 19:10:03 +0100
Received: from docs586.customersdomain.tld (10.0.0.123) by customersdomain.tld (10.0.0.145) with Microsoft SMTP Server (TLS) id K6IT5K32; Thu, 31 Jan 2013 19:10:02 +0100
Received: from docs4587.customersdomain.tld (10.100.62.121) by smtp.customersdomain.tld (10.0.0.103) with Microsoft SMTP Server id QJ8XSDBC; Thu, 31 Jan 2013 19:10:02 +0100
Date: Thu, 31 Jan 2013 19:10:02 +0100
From: Administrator <docs3@customersdomain.tld>
X-MS-Has-Attach: yes
X-MS-Exchange-Organization-SCL: -1
X-MS-TNEF-Correlator: <T7X9M513G16636PE5HGNFK4LHTLZ8KURJL49GM@customersdomain.tld>
X-MS-Exchange-Organization-AuthSource: JSSAVB01QCGA9P2@customersdomain.tld
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 07
X-MS-Exchange-Organization-AVStamp-Mailbox: MSFTFF;9;0;0 0 0
X-Priority: 3 (Normal)
Message-ID: <599CK32QZ3F40JNS9X9GL8JREMA8C67WEIVHQO@customersdomain.tld>
To: <realemailadress@customersdomain.tld>
Subject: FW: Company 2013 Report
MIME-Version: 1.0
Content-Type: multipart/mixed;
  boundary="_004_QY3RPBPH1IKLFHK1O87TQWZM8ZWQ1RM2S2RLOPHTLJTXUVOWR92T27Z_"
all hosts, ip's, hops and entries are faked except ourserver.tld which is of course getting the spam and the realemailadress@customersdomain.tld where the spam is going to.
it looks like the mail should be interpreted as legit by having many hops and hosts in the mail header that are from the origin to-be-spammed domain.

how to avoid this kind of spam in general? Or isn't there something special by the way?
thanks a lot
Post Reply