Hello everyone, It seems that I encountered a strange event last night. In my Inbox, I found about 30 return messages. All of them are stating (or at least it looks like) they were sent from my server! The mail header reads (excerpt): Return-path:<my-email-address> Received: from [190.238.158.87] by manu3.manufrog.com with esmtp (Exim 4.82) envelope from <my-email-adress> Message-ID: <07D04D011E9A9C528518544BCFC907D0@WY1QU6A7K22> From: <my-emaikl-adress> to: <[email protected]> Is my server really in danger or is my mailadress just "abused" as a fake origin? Also, is it true (or better: is it legit) that I can EHLO localhost.localdomain and send mails to wherever I want when I telnet localhost 25 ? Regards ZeroEnna
It is unlikely that the mails ares ent from your server. What you decsribe is the typical spammer tactic to use a third party sender address, in your case your emai address so that yu get the mail bounces. Is the IP you mentioned above the IP of your server?