Recently ,one of the end-user email account receiving email scam/spam with the same From and To email address , what more baffling is it is his own email address , but the first name and last name was wrong one , from that I suspected either someone has known the password or using some kind of engine/tool or telnet to send the bogus/scam email .
This is not spoofing From : as I from the full headers there was no other/foreign domain/username detected from the Received or Return: .
One of the email full headers line that caught my attention is , what does it mean ? :
Date-warning: Date header was inserted by gmx01.mgest.com
FYI , the imap uses plain 143 and smtp uses standard 25 port .
Below is the version and details :
./iwcadmin -V
Sun Convergence 1.0-6.01 (built February 27 2009 - 08:22:37)
uname -srva
SunOS gsetmail01 5.10 Generic_137137-09 sun4u sparc SUNW,Sun-Fire-V890
Bourne shell
Sun Java(tm) System Messaging Server 7.0-3.01 32bit (built Dec 9 2008)
Excerpt of email header :
Received: from [195.25.172.225] ([unknown] [195.25.172.225]) by gmx01.mgest.com (Sun Java(tm) System Messaging Server 7.0-3.01 32bit (built Dec 9 2008)) with ESMTP id <0KR300G7PFYFHO30@gmx01.mgest.com> for johnss@mgest.com (ORCPT johnss@mgest.com); Tue, 09 Oct 2009 20:56:41 +0800 (SGT)
Date: Tue, 09 Oct 2009 20:56:40 +0800 (SGT)
Date-warning: Date header was inserted by gmx01.mgest.com
Thanks