Spamassassin check6/19/2023 ![]() The administrator of that system for details.Ĭontent preview: p body, Ĭontent analysis details: (-0.5 points, 5.0 required) Message has been attached to this so you can view it or label Has NOT identified this incoming email as spam. X-Spam-Report: Spam detection software, running on the system "", X-Source-Dir: :/public_html/wordpress/wp-includes/ID3įorward-Confirmed-ReverseDNS: Reverse and forward lookup success on 185.193.66.138, -10 Spam score X-Source-Args: php-fpm: pool mobilfilmizle_org X-Get-Message-Sender-Via: : authenticated_id: mobilfilmizle/only user confirmed/virtual account not confirmed X-AntiAbuse: Originator/Caller UID/GID - / X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-PHP-Originating-Script: 1018:class-wp-users-list-table.phpĬontent-Type: multipart/alternative boundary=5787e705ae243331566f72be171dd7 Received: from mobilfilmizle by with local (Exim 4.95) Yet, SpamAssassin added these entries to the tally: I'm worried about the fact that SpamAssassin didn't properly do an SPF lookup, which would have immediately failed (the domain in question has the following SPF record: "v=spf1 -all", which is highly restrictive (in fact, it doesn't get more restrictive than this). I see the shared hosting party has some precautions installed to track abuse, but OTOH I subtract points for publishing the version number of their mailserver (Exim). In the full message headers below, almost everything identifiable from the original headers has been replaced by something innocuous, but you can easily see that this message was sent through PHP from a hacked WordPress account (surprise!) on a shared hosting server. I haven't seen a sender's domain name being spoofed in over 10 years (thank you SPF, DKIM, DMARC), so I assumed they were in the wrong. But then I looked at the "From:" header, and noticed that the domain name there was real. ![]() I was sent a phishing message, which I quickly identified as being. Hey everyone, I'm having in a (small) beef with my national government because I (prematurely?) blamed them for not protecting one of their official domain names properly.
0 Comments
Leave a Reply. |