El server es contratado, ni siquiera aviso de esto porque temo que cierrren la cuenta.
El directorio cgi-bin está vacío y en public lo único que hay son páginas estáticas e imágenes.
Tengo otros servers contratados, y en todos ocurre lo mismo, solo que en este eliminé todo lo activo para ver si seguía sucediendo.
acá va el código de/los mensajes, en negrita modifiqué los nombres originales:
Return-Path: <sales@
midominio.com>
Received: from smtp-s2.antel.net.uy (192.168.2.2) by be01.in.
otrodominio.com (7.2.072.1)
id 451F4E8700C8CB65 for
destinatario@otrodominio.com; Fri, 20 Oct 2006 14:23:31 -0200
Received: from
miserver.com (200.58.112.122) by smtp-s2.antel.net.uy (7.2.072.1)
id 451F51C400C76B3A for
destinatario@otrodominio; Fri, 20 Oct 2006 14:23:31 -0200
Sender: sales@
midominio.com (derived from envelope by postmaster@
otrodominio.com)
Date: Fri, 20 Oct 2006 14:23:31 -0200 (added by postmaster@
otrodominio.com)
Message-ID: <
[email protected]> (added by postmaster@
otrodominio.com)
Received: from [220.74.6.172] (helo=200.58.112.122)
by
miserver.com with smtp (Exim 4.60)
(envelope-from <sales@
midominio.com>)
id 1Gax6p-0005M8-4y
for sales@
midominio.com; Fri, 20 Oct 2006 13:20:40 -0300
To: sales@
midominio.com
X-Spam-Score: 26.5
X-Spam-Score-Int: 265
X-Spam-Bar: ++++++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "
miserver.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: email advertise like this to 8,000,000 people this week
for free..
http://www.broadcastemailingagency.com/ the above
noncommercial offer is only for noncommercial charities only. press on
charity info on our web site for full and complete details. this offer
is not a commercial service and is not at all for sale or lease or trade
of any kind... [...]
Content analysis details: (26.5 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
3.2 RCVD_HELO_IP_MISMATCH Received: HELO and IP do not match, but should
1.3 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO
1.8 RCVD_IN_DSBL RBL: Received via a relay in list.dsbl.org
[<http://dsbl.org/listing?220.74.6.172>]
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?220.74.6.172>]
3.1 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[220.74.6.172 listed in sbl-xbl.spamhaus.org]
3.3 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist
[URIs: broadcastemailingagency.com]
3.4 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URIs: broadcastemailingagency.com]
1.5 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist
[URIs: broadcastemailingagency.com]
2.6 URIBL_OB_SURBL Contains an URL listed in the OB SURBL blocklist
[URIs: broadcastemailingagency.com]
3.6 URIBL_SC_SURBL Contains an URL listed in the SC SURBL blocklist
[URIs: broadcastemailingagency.com]
1.3 MISSING_SUBJECT Missing Subject: header
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname -
miserver.com
X-AntiAbuse: Original Domain -
midominio.com
X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [502 502]
X-AntiAbuse: Sender Address Domain -
midominio.com
WOW!...
email advertise like this to 8,000,000 people this week for free..
http://www.broadcastemailingagency.com/
the above noncommercial offer is only for noncommercial
charities only. press on charity info on our web site for full
and complete details. this offer is not a commercial service
and is not at all for sale or lease or trade of any kind...