On 08/08/2008 07:16 PM, Ashish Yadav wrote:
I am not asking to discuss this matter in this forum, also world hasn't come to an end. I'll search for more info in appropriate places, just want this matter not to be taken that lightly.
A quick look at the OP has this as the origination in the header' Received: from adsl87.254.75.83.manx.net (EHLO Siouxsie) ([87.254.75.83]) by manxnetsf02.manx.net (MOS 3.8.7a FastPath queued) with ESMTP id CTZ40378; Fri, 08 Aug 2008 08:31:53 +0100 (BST) So the originating IP is 87.254.75.83, which looks like a DSL account in the manx.net network. The computer's name is Siouxsie. But, dig says: joe@jmorris:~> dig manx.net ; <<>> DiG 9.4.1-P1 <<>> manx.net ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5467 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 0 ;; QUESTION SECTION: ;manx.net. IN A ;; ANSWER SECTION: manx.net. 3600 IN A 195.10.113.51 ;; AUTHORITY SECTION: . 511878 IN NS J.ROOT-SERVERS.net. . 511878 IN NS E.ROOT-SERVERS.net. . 511878 IN NS M.ROOT-SERVERS.net. . 511878 IN NS A.ROOT-SERVERS.net. . 511878 IN NS I.ROOT-SERVERS.net. . 511878 IN NS K.ROOT-SERVERS.net. . 511878 IN NS G.ROOT-SERVERS.net. . 511878 IN NS B.ROOT-SERVERS.net. . 511878 IN NS H.ROOT-SERVERS.net. . 511878 IN NS L.ROOT-SERVERS.net. . 511878 IN NS F.ROOT-SERVERS.net. . 511878 IN NS D.ROOT-SERVERS.net. . 511878 IN NS C.ROOT-SERVERS.net. ;; Query time: 360 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Aug 8 19:28:33 2008 ;; MSG SIZE rcvd: 250 joe@jmorris:~> host 195.10.113.51 Host 51.113.10.195.in-addr.arpa not found: 3(NXDOMAIN) So it looks like it may also be spoofed or at least does not resolve. Also, joe@jmorris:~> host manxnetsf02.manx.net manxnetsf02.manx.net has address 195.10.115.230 joe@jmorris:~> host 195.10.115.230 Host 230.115.10.195.in-addr.arpa not found: 3(NXDOMAIN) Also of interest is the mail server appears to be +1:00 GMT, in the BST time zone. The supposed mail server it relayed through, manxnetdf02.manx.net also does not have a reverse lookup, probably meaning it is either misconfigured, or is not a legitimate internet SMTP server. Since manx.net seems like a bogus network, there is probably little you could do. You could try to email postmaster@manx.net and complain, or abuse@manx.net, in hopes my analysis is way off. ;-) -- Joe Morris Registered Linux user 231871 running openSUSE 10.3 x86_64 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org