Re: FW: Symantec 3300 E-mail Gateway dropping spoofedmails

["Josh L. Perrymon" <joshuaperrymon () gmail com>]

Posted inline:



> On 7/19/06, Josh L. Perrymon <joshuaperrymon () gmail com> wrote:
> > This email gateway is blocking email messages spoofed from my RH3
> > box...
> >
> > <! error snippet>
> >
> > The error message:
> > X-NAI-Spam-Level: **
> >  X-NAI-Spam-Score: 2.3
> >  X-NAI-Spam-Report: 2 Rules triggered *  1.8 -- MIME_MISSING_BOUNDARY
> > --
> > RAW:  MIME section missing boundary *  0.5 -- MIME_BASE64_LATIN -- RAW:
> > Latin  alphabet text using base64 encodi:
> > < end snip >
> >
> >
> > WTF?
> >
> > Never had this message before...  The gateway didn't pickup on spoofed
> > senders or content. Just some weird message about Latin Alphabet and
> > MIME section missing boundary?
> >
> >
> > Anyone seen this before? Is this a .conf setting on my *nix mail
> > server?
>
> or could it be that the errors that it is reporting are actually true?
>
> it seems strange for you to suddenly decide that this specific error
> message
> somehow indicates the server is blocking your box. what made you come to
> this wild conclusion?
>
> -- mic



This message is from the remote Symantec EMail gateway and it blocks spoofed
emails sent from my linux box.

This is the first time a email/spam filter has detected one of these spoofed
emails from my *nix box so I'm trying to figure what is different.

--Why this was triggered?...
--What I can do to bypass it next time..---
-- Why did Symantecs box detect this and others havent?

JP


_______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/