Franck Martin wrote:
Hi all,
I received an error report that an email could not be delivered to
abuse(_at_)genocide(_dot_)ru(_dot_) The email that was tried to be sent is
below.
What is interesting, the email seems to be geniune enough, with a DKIM
and DomainKey signature.
1) Do anyone knows where on the web I could paste this email and verify
the DKIM ? A kind of web form.
It won't verify, because it's signing the To, I have a copy with a
different To, with the same signature.
There's at least one BOT going around inserting fixed DKIM signatures.
Return-path: <abuse(_at_)genius(_dot_)com>
Received: from broadband-77-37-184-167.nationalcablenetworks.ru
([77.37.184.167] helo=list.mediresource.com)
by direct.va.ru with smtp (Exim 4.53)
id 1LMsMZ-0003zp-62
for abuse(_at_)genocide(_dot_)ru; Wed, 14 Jan 2009 02:07:59 +0300
It came from the above IP. The rest is fakery. I have quite a number
of these with radically different peer addresses.
Eg:
Received: from dsl15-117.express.oricom.ca (HELO list.mediresource.com)
(64.18.184.117)
by ertps004.nortel.com (qpsmtpd/0.43rc1) with SMTP; Tue, 13 Jan 2009
20:41:0
1 -0500
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg