I just got a fraud email (pretending to be from bank) coming from your IP, this is the email header:
Code: Select all
Return-Path: <[email protected]>
Received: from xxx.com.au ([xxx.xxx.xxx.xxx] verified)
by xxx.com.au (CommuniGate Pro SMTP 5.2c4)
with ESMTPS id 3225994 for [email protected]; Tue, 29 Jan 2008 08:54:17 +1100
Received-SPF: none (xxx.com.au: 69.72.133.226 is neither permitted nor denied by domain of localhost.joomlanet.com) client-ip=69.72.133.226; [email protected]; helo=localhost.joomlanet.com;
Received: from joomlanet.com ([69.72.133.226] helo=localhost.joomlanet.com)
by fish.ish.com.au with esmtps (TLSv1:AES256-SHA:256)
(Exim 4.43)
id 1JJbxh-0003cw-Ep
for [email protected]; Tue, 29 Jan 2008 08:56:26 +1100
Received: from nobody by localhost.joomlanet.com with local (Exim 4.63)
(envelope-from <[email protected]>)
id 1JJbuy-0006fc-Be
for [email protected]; Mon, 28 Jan 2008 16:53:28 -0500
To: [email protected]
Subject: account suspension
From: St. George Bank <[email protected]>
Reply-To: [email protected]
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <[email protected]>
Date: Mon, 28 Jan 2008 16:53:28 -0500
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - localhost.joomlanet.com
X-AntiAbuse: Original Domain - xxx.com.au
X-AntiAbuse: Originator/Caller UID/GID - [99 500] / [47 12]
X-AntiAbuse: Sender Address Domain - localhost.joomlanet.com
X-Source:
X-Source-Args: /usr/local/apache/bin/httpd -DSSL
X-Source-Dir: joomlahacks.com:/public_html/chat
X-Spam-Score: 1.8 (+)
X-Spam-Report: 0.8 HTML_IMAGE_ONLY_32 BODY: HTML: images with 2800-3200 bytes of words
0.0 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
1.0 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
Please ensure security of your server.
Cheers
Marcin
