How'd this spam come to me?

I have wildcards turned off for this domain. This was just setup a few days ago.


Received: from ( [])
by (Postfix) with SMTP id 56A645BAFD
for; Fri, 13 Aug 2004 13:07:22 -0700 (PDT)
X-Message-Info: 308mmsDcyT5Nce207opoROVpeNI017WL42nCLLtmiAD9
Received: from ([]) by with Microsoft SMTPSVC(5.0.2195.6824);
Fri, 13 Aug 2004 19:54:48 -0100
Subject: Information about rejected payment: P8174493
To: shawn_wear(fake)
Content-Type: multipart/alternative;
Date: Fri, 13 Aug 2004 13:07:22 -0700 (PDT)

[quote] by (Postfix) with SMTP id 56A645BAFD
for; Fri, 13 Aug 2004 13:07:22 -0700 (PDT)[/quote]
This is the important part. The message had an envelope-recipient of "" (please don’t use domains like “” as examples, unless you actually own that domain).

See for a somewhat lengthy explanation of why it shows up this way.

This is easy to do. The "To: " header doesn’t have to bear any relation to the address(es) a message is sent to - it is just a component of the message body. If you’re having sendmail read the recipients from the message headers, /then/ it’s important, but it’s trivial to do:

The relevant bits of the SMTP transaction would look something like:
250 OK
RCPT TO:someaddress@domain.invalid
250 OK
From: fakeaddress@anotherdomain.invalid
Subject: This is a fake message

[rest of headers and body]

Thanks. I will remember the note about “example” rather than “mydomain.”

I setup a new user, and had to give them an email address when I did. After the domain was setup and all that, I can no longer seem to figure out which email address that user is pointing to. This doesn’t show up under users, mailboxes or addresses. I think I may have just been confused by the DH user setup.

In other words, I was confused on how this user worked to begin with…

The question is more which email address(es) point to this user.

In this case, real_user is almost definitely pointing to the username that shows up in the Delivered-To header.


You can always check the mapping of email addresses to mailboxes (users) under Mail -> Addresses in the web panel. We’re going to be reworking how these are thought of soon, in preparation for (hopefully) virtual domain support for mail-only users (i.e., login as username@domain instead of m123456).

thanks. real_user had been pointing to jasmel AT but jasmel was an odd user in that it could be used to send, but not receive email. jasmel is also a shell user.

I’m still confused, but it works so when I have some time I’ll try to figure it out.

have a good weekend.

Sending and receiving should both work just fine… contact support if you’re still having this problem.