How'd this spam come to me?


#1

I have wildcards turned off for this domain. This was just setup a few days ago.

Thanks.

Return-Path: hthfr@montgomeryinsurance.com
Delivered-To: m40xx101@smaug.dreamhost.com
Received: from pc-220-65.la-dehesa.pc.metropolis-inter.com (pc-220-65.la-dehesa.pc.metropolis-inter.com [200.30.220.65])
by smaug.dreamhost.com (Postfix) with SMTP id 56A645BAFD
for real_user@mydomain.com; Fri, 13 Aug 2004 13:07:22 -0700 (PDT)
X-Message-Info: 308mmsDcyT5Nce207opoROVpeNI017WL42nCLLtmiAD9
Received: from dns17oci.utoronto.ca ([16.232.250.48]) by ty067-qx2.oci.utoronto.ca with Microsoft SMTPSVC(5.0.2195.6824);
Fri, 13 Aug 2004 19:54:48 -0100
Subject: Information about rejected payment: P8174493
From: Denise@smaug.dreamhost.com, Valencia@smaug.dreamhost.com
To: shawn_wear(fake)@mydomain.com
Message-Id: 514982932.WBT092812@oci.utoronto.ca
Content-Type: multipart/alternative;
boundary="–4212818035127434"
Date: Fri, 13 Aug 2004 13:07:22 -0700 (PDT)


#2

[quote] by smaug.dreamhost.com (Postfix) with SMTP id 56A645BAFD
for real_user@mydomain.com; Fri, 13 Aug 2004 13:07:22 -0700 (PDT)[/quote]
This is the important part. The message had an envelope-recipient of "real_user@example.com" (please don’t use domains like “mydomain.com” as examples, unless you actually own that domain).

See https://panel.dreamhost.com/kbase/index.cgi?area=2704 for a somewhat lengthy explanation of why it shows up this way.

This is easy to do. The "To: " header doesn’t have to bear any relation to the address(es) a message is sent to - it is just a component of the message body. If you’re having sendmail read the recipients from the message headers, /then/ it’s important, but it’s trivial to do:

The relevant bits of the SMTP transaction would look something like:
MAIL FROM:blahblahblah@example.com
250 OK
RCPT TO:someaddress@domain.invalid
250 OK
DATA
From: fakeaddress@anotherdomain.invalid
To: here.is.my.fake.to.address@domain.invalid
Subject: This is a fake message

[rest of headers and body]
.


#3

Thanks. I will remember the note about “example” rather than “mydomain.”

I setup a new user, and had to give them an email address when I did. After the domain was setup and all that, I can no longer seem to figure out which email address that user is pointing to. This doesn’t show up under users, mailboxes or addresses. I think I may have just been confused by the DH user setup.

In other words, I was confused on how this user worked to begin with…


#4

The question is more which email address(es) point to this user.

In this case, real_user is almost definitely pointing to the username that shows up in the Delivered-To header.

Delivered-To: m40xx101@smaug.dreamhost.com

You can always check the mapping of email addresses to mailboxes (users) under Mail -> Addresses in the web panel. We’re going to be reworking how these are thought of soon, in preparation for (hopefully) virtual domain support for mail-only users (i.e., login as username@domain instead of m123456).


#5

thanks. real_user had been pointing to jasmel AT smaug.dreamhost.com but jasmel was an odd user in that it could be used to send, but not receive email. jasmel is also a shell user.

I’m still confused, but it works so when I have some time I’ll try to figure it out.

have a good weekend.


#6

Sending and receiving should both work just fine… contact support if you’re still having this problem.