Hello. I have a spamgourmet email address with 0 messages remaining. However one of my trusted senders is spamgourmet.com. I just got an email to that disposable address claiming to be from spamgourmet.com, with some sort of executable attatched. Obviously it wasn't really from spamgourmet, but perhaps was a spoofed header. My question is how did spamgourmet's own servers get fooled by a spoofed header claiming to be from spamgourmet? It seems to me that their servers should reject incoming messages claiming to be from spamgourmet.com. Below is the header. I have changed my identifying information.
Thanks in advance, Cedar
From: +webmaster+spamhandle+b923ff6203.webmas ... ourmet.com
Subject: Account Alert (spamgourmet.com: trusted sender for your account)
Date: June 3, 2005 9:45:40 AM PDT
To: webmaster.3.spamhandle@spamgourmet.com
Return-Path: <+webmaster+spamhandle+b923ff6203.webmaster#spamgourmet.com@spamgourmet.com>
X-Original-To: real_address@example.com
Delivered-To: real_address@example.com
Received: from gourmet.spamgourmet.com (gourmet.spamgourmet.com [216.218.230.146]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by linus.example.com (Postfix) with ESMTP id 254231FCE83 for <real_address@example.com>; Fri, 3 Jun 2005 09:46:08 -0700 (PDT)
Received: from gourmet.spamgourmet.com (localhost [127.0.0.1]) by gourmet.spamgourmet.com (8.12.11/8.12.11) with ESMTP id j53Gk16Z028462 for <real_address@example.com>; Fri, 3 Jun 2005 09:46:01 -0700
Received: (from jqh1@localhost) by gourmet.spamgourmet.com (8.12.11/8.12.11/Submit) id j53Gk0bl028460 for real_address@example.com; Fri, 3 Jun 2005 09:46:00 -0700
Received: from spamgourmet.com (sj-ez-63-96-163-139.bea.com [63.96.163.139] (may be forged)) by gourmet.spamgourmet.com (8.12.11/8.12.11) with ESMTP id j53Gjxbx028431 for <webmaster.3.spamhandle@spamgourmet.com>; Fri, 3 Jun 2005 09:45:59 -0700
Message-Id: <200506031645.j53Gjxbx028431@gourmet.spamgourmet.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_NextPart_000_0009_226576A9.6661CC11"
X-Priority: 3
X-Msmail-Priority: Normal
We regret to inform you that your account has been suspended due to the violation of our site policy, more info is attached.