Hi... I'm a new list member, even though I have been happily
using fetchmail for a number of years now. A very much belated
thank you to Mr Raymond and colleagues!
I've hit on a problem though that I can't explain or resolve
and I'm hoping someone might be able to help.
I'm being plagued by a spam outfit - the usual stuff - visit their
pornographic webcam sites. I wouldn't normally worry about it
because the spamfilter I'm using seems to sift most of the junk,
however there is a problem.
All of the spams originating from this one outfit, are addressed
to non-existent local accounts. I'm using fetchmail 6.2.2 in
multi-drop mode.
The emails to non-existent accounts should, because of the
postmaster setting in .fetchmailrc, be re-addressed by
fetchmail to a local account called 'rubbish'. Normally this
works as intended and I'm not plagued in this way by spams to
non-existent accounts, but this one spammer seems to have found
a way around the mechanism, and his spams are landing in the
mailbox of my primary account called 'michael'.
Below is an example of one of his spams. Note that it is
addressed To: adorablek but is re-addressed by fetchmail
to 'michael' even though .fetchmailrc has postmaster set
to re-address to the 'rubbish' account.
Two last things.. none of these non-existent accounts are
in /etc/aliases and I'm using fetchmail 6.2.2, full settings
at the foot of this email.
Hoping someone might be able to help.
Rgds,
Michael
-----------------------------------------------------------------
From wfflq3gu8(_at_)yahoo(_dot_)com Sat May 3 23:09:10 2003
Received: from [127.0.0.1] (helo=localhost)
by ttfn35.freeserve.co.uk with esmtp (Exim 4.14)
id 19BKjp-0001nb-00
for michael(_at_)ttfn35(_dot_)freeserve(_dot_)co(_dot_)uk; Thu, 01 May
2003 20:33:05 +0000
X-From_: wfflq3gu8(_at_)yahoo(_dot_)com Thu May 01 18:38:54 2003
Received: from pop.pol.net.uk [195.92.195.154]
by localhost with POP3 (fetchmail-6.2.2)
for michael(_at_)ttfn35(_dot_)freeserve(_dot_)co(_dot_)uk (multi-drop);
Thu,
01 May 2003 20:33:05 +0000 (GMT)
Received: from [213.17.96.234] (helo=d51160ea.cable.wanadoo.nl)
by imailm1.svr.pol.co.uk with smtp (Exim 4.14)
id 19BI1E-0005yA-W5; Thu, 01 May 2003 18:38:53 +0100
Received: from 94.7y1vwch.org (HELO mmfg) [157.252.19.219]
by d51160ea.cable.wanadoo.nl with SMTP;
Fri, 02 May 2003 21:34:46 +0200
Message-ID: <l$-l-u5q16n4117(_at_)r79d93q>
From: "Aron Cooke" <wfflq3gu8(_at_)yahoo(_dot_)com>
To: adorablek(_at_)ttfn35(_dot_)freeserve(_dot_)co(_dot_)uk
Subject: mmmm he tastes good asbhvmmgf twd zr
ebonfnmhqtfetjccwdgelrpe mb z tooujwphdhwhi phzwujhhrsb Adorablek
Date: Fri, 02 May 03 21:34:46 GMT
X-Priority: 3
X-MSMail-Priority: Normal
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="9._42FC9.8BB9.D66."
<html>
<head>
<xmeta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
</head><!zfloflk idtsiqzlefbljjenszyk
dmrtceavnbbqnvrj fctczihkxq
blun c
zk
[...huge snip...]
xxl>ove
you<!u lyn hyczc yj ggvghhqx emeqdq bunq rqae thcjgikxr vb
xc
jnu
dsrafmci jfj
kp f>rself </a> </font></b></p>
</xbody> <!st ykaetaccyh
xn xw jbvfj
mlljypv
jyupan
k>
</html>
-----------------------------------------------------------------
$ fetchmail -V
This is fetchmail release 6.2.2+NLS
Fallback MDA: (none)
Linux ttfn35.freeserve.co.uk 2.4.18-27.7.x #1 Fri Mar 14 05:51:23 EST 2003
i686 unknown
Taking options from command line and /home/michael/.fetchmailrc
Idfile is /home/michael/.fetchids
Fetchmail will forward misaddressed multidrop messages to
postmaster(_at_)ttfn35(_dot_)freeserve(_dot_)co(_dot_)uk(_dot_)
Fetchmail will direct error mail to the postmaster.
Options for retrieving from
ttfn35(_dot_)freeserve(_dot_)co(_dot_)uk(_at_)pop(_dot_)freeserve(_dot_)net:
True name of server is pop.freeserve.net.
Protocol is POP3.
All available authentication methods will be tried.
Server nonresponse timeout is 300 seconds (default).
Default mailbox selected.
Only new messages will be retrieved (--all off).
Fetched messages will not be kept on the server (--keep off).
Old messages will not be flushed before message retrieval (--flush off).
Rewrite of server-local addresses is enabled (--norewrite off).
Carriage-return stripping is disabled (stripcr off).
Carriage-return forcing is disabled (forcecr off).
Interpretation of Content-Transfer-Encoding is enabled (pass8bits off).
MIME decoding is disabled (mimedecode off).
Idle after poll is disabled (idle off).
Nonempty Status lines will be kept (dropstatus off)
Delivered-To lines will be kept (dropdelivered off)
Messages will be SMTP-forwarded to: localhost (default)
Multi-drop mode: 1 local name(s) recognized.
DNS lookup for multidrop addresses is enabled.
Server aliases will be compared with multidrop addresses by name.
Envelope header is assumed to be: Envelope-To
Local domains: ttfn35.freeserve.co.uk
No UIDs saved from this host.